Crisis in Ukraine: Cybersecurity Precautions

Though we are currently focused on the crisis in Ukraine, increases in malware, ransomware, and phishing aren’t just being seen in Ukraine; these attacks are happening all over the world, especially against financial services, higher education and K12, and commercial business.
To protect ourselves and the University, it is more important than ever that we remain vigilant and practice strong cybersecurity precautions.

TAKE CYBERSECURITY PRECAUTIONS:

  • Stay alert for phishing emails. See the Information Security website for tips on identifying phishing.
  • Do not participate in online activities that target others with malware, un-sanctioned denial of service, and/or other “hacking” activities using UVA Information Technology Resources. These activities violate University Policy (IRM-002: Acceptable Use of the University’s Information Technology Resources) and could subject you to possible retaliatory attacks.
  • Stay up-to-date on patching operating systems and applications to limit vulnerabilities.  We can help you identify vulnerabilities on the servers in your area with Qualys.  Email us at [email protected]
  • Make regular backups of your data to a different system.
  • Report cybersecurity incidents. See the Information Security website for reporting options.

The following are some sample strategies the cyber attackers may use.  However, these are only a small sampling, so be alert.

1. We need your support now more than ever

Scammers will attempt to use our kindness and desire to help others in times of crisis to steal money through fake campaign ads. We must always be sure to check the validity of donation efforts such as GoFundMe pages to ensure our money is going where we intend. In addition, be sure you are on the actual website for these charitable organizations (e.g., the American Red Cross) and not cleverly disguised phishing sites. The best way to check the site validity is to examine the URL; it is easy for scammers to copy web design and logos, but legitimate URLs must be exact.

2. But it looks and sounds SO real

Deepfake technology makes it easier than you could ever imagine making a public figure appear to say things they never said.  Keep this in mind while scrolling through Facebook or surfing the web and seeing videos of Russian President Vladimir Putin and other political figures.  If the video causes you to become angry or act in some way it may be disinformation.

Remember, disinformation videos are designed to look natural. It's not uncommon for these videos to use computer-generated image technology and paid actors.

3. I can show you how to time the market

Here’s the truth: Anyone who reaches out to you unsolicited with financial advice is in it to make money themselves. 

In times of international crisis, the stock market may fluctuate rapidly and open up another avenue for cybercriminals to lure their victims. Crooks may lead you to believe that they can help you take advantage of this "opportunity" to invest in the stock market, cryptocurrency, ammunition, etc. Beware: Anyone who reaches out to you with unsolicited financial advice is not there to help - they are trying to make money for themselves.

4. I’m defending your freedom

We all want to help especially when it is something we are passionate about such as patriotism.  People will find ways to play on your emotions claiming to be a soldier stuck in Ukraine.  Think twice before you act on these emotions especially if they are asking for money, help getting a message to their family, or supplies.

5. Do as I say or else

Threats are one of the easiest ways to identify a scam.  Fraudsters realize we may make bad decisions when we are feeling flustered and use this to their advantage.  This is why phony calls from the IRS work so well.

If you receive an email that appears "phishy" and are unsure if it's legitimate:

  1. DO NOT respond! Do not click any links in the email, and do not "unsubscribe" or acknowledge the email in any way.

  2. UVA identifies popular phishing scams: check our Information Security Alerts & Warnings page to see if the suspicious email message is listed.

  3. If it is not listed on the above webpage, please forward the email to our email abuse team by forwarding the email to "[email protected]"  Forwarding the message as an attachment will allow us to receive the original message in its entirety, including the email header information. (Just because it's not listed on our InfoSec Security Alerts webpage does NOT mean it's not phishing. You may be the first to report this phishing email!) 

  4. If you are using Outlook, report it as phishing.  Otherwise, DELETE the email!

For further information about phishing emails and how to recognize them, please see our web pages about phishing and about preventing other ways that bad actors are trying to steal your information and gain access to your computer and accounts.  

If UVA Information Security becomes aware of specific hazards targeting the UVA community, they will be posted on the Security Alerts & Warnings webpage.