FBI Warns: Five Weeks In, Gaza Email Scams Still Thriving

Cyber Security Threat Summary:
FBI is warning of cybercriminals taking advantage of the war in Gaza to solicit funds from unsuspecting victims. According to alerts sent out by the agency, these fraudsters are using various schemes including emails, social media, cold calls, and websites masquerading as fundraisers and charities to convince end users to donate money, stating that the funds will go to victims of the ongoing conflict. These donations are requested in the form of gift cards, wire transfers, and cryptocurrency, making it difficult to trace back.

Security Officer Comments:
In some cases observed by the FBI, the actors are spoofing emails, using addresses like erode@gwcindia[.]in and changing the display name to help-palestine[.]com to trick recipients. These emails also avoid using direct URL links to prevent email security filters from detecting/flagging them as suspicious. Instead, the cybercriminals include the cryptocurrency address within the email content, requesting victims to donate. While victims may think they are donating to a good cause, these funds are being directed to cybercriminals instead. According to some reports, a staggering 1.6 million dollars was lost to Gaza scams within the first couple of weeks of the conflict initiation, with this number continuing to increase as of writing.

Suggested Correction(s):
Users should be wary of emails asking to donate to victims of the current conflict. In general, any posts online or calls asking for gift cards and cryptocurrency donations should be seen as a red flag and should be avoided at all costs.