Scammers are closely monitoring social changes and the latest news to exploit timely topics and lure victims with current events. Kaspersky experts recently uncovered fraudsters taking advantage of the news surrounding Pavel Durov, founder of Telegram, who was reportedly arrested at a French airport. Seizing the opportunity, scammers quickly launched a spam campaign, distributing emails that falsely claim to be fundraising for Durov's legal defense and a global awareness campaign. 

The company's experts are currently monitoring an active spam campaign with several letter variations that follow a similar pattern. In these scams, fraudsters impersonate human rights organizations, claiming they are committed to securing Pavel Durov's freedom and protecting global human rights. They urge recipients to contribute to the cause by donating to one of several specified cryptocurrency wallets, including BTC, ETH, and TRX. However, victims end up losing their money to the scammers, and Pavel Durov's team has not announced any official fundraising efforts. 

To bypass spam filters, scammers vary their wording, avoid repetition, and use synonyms like "help" and "support" or "donate" and "raise." Additionally, the name of the supposed funding organization changes with each email—some claim to represent the Human Rights Defenders Network (HRDN), while others impersonate the Digital Rights Advocacy Network (DRAN).

Subject: Human Rights Under Threat: Help Us Free Pavel Durov
 

Dear Human Rights Defender,
Pavel Durov, the man behind Telegram, has been unjustly detained in France. His arrest is not just a personal attack—it’s a strike against the very essence of human rights and freedoms.

We, the Human Rights Defenders Network (HRDN), are committed to securing Pavel’s freedom and protecting the rights of individuals around the world. But we need your help to do so.

Please consider supporting our campaign by donating to our wallets:

BTC wallet: 16U8JGEMdRXjdF*************
ETH (or any ERC-20 tokens such a USDT): 0x2532F8f63***********
TRX (or any TRC-20 tokens such a USDT): TBPoW1hmGT53ofRiW*************

Your contribution will help fund legal efforts and a global campaign to raise awareness about this critical issue. Together, we can ensure that Pavel Durov is freed and that human rights are upheld.

In solidarity,
Human Rights Defenders Network (HRDN)
#FreeDurov

An example of spam letter pretending to be a fundraising for Pavel Durov

"It's crucial to think critically and double-check before sending money to any donation projects," advises Andrey Kovtun, email security expert at Kaspersky. "Always rely on official communications and verified news sources. Never trust emails written in primitive language and format, especially when the official team has not announced any fundraising efforts. Your vigilance can protect you from falling victim to scams."

To help users stay safe from online scams, Kaspersky experts also recommend following these tips:

  • Verify the Source: Before donating or sharing personal information, ensure the request is from an official and trusted source. Check the organization's official website or contact them directly to confirm.
  • Watch for Red Flags: Be wary of emails or messages that use poor grammar, unusual formatting, or urgent language. Scammers often use these tactics to create a sense of urgency and bypass your critical thinking.
  • Double-Check URLs and Email Addresses: Scammers often create fake websites or email addresses that look similar to legitimate ones. Carefully inspect URLs and email domains for any subtle differences.
  • Be Cautious with Cryptocurrency Donations: Cryptocurrency transactions are irreversible, making them a popular choice for scammers. Avoid donating through crypto unless you are certain of the recipient's legitimacy.
  • Use Security Software: Make sure you have up-to-date security software installed on your devices. Kaspersky Premium can help detect and block spam campaigns as well as phishing attempts and malicious links.
  • Rely on Official Announcements: Trust only official communications from the person or organization in question. If you haven't seen a public announcement about a fundraiser or campaign, it's likely a scam.
  • Check the Sender's Email Address: Always check the sender's email address. In legitimate communications from large organizations, emails will typically come from a verified, official domain rather than a free email service. In this case, the scam emails were sent from various free mail addresses—a clear sign that they are not from a reputable organization.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.