A record 38,204 criminal proceedings related to fraud were opened in Ukraine in 5 months of 2024, which is 1.6 times more than in the whole of 2021, when 23,847 criminal proceedings were opened. At the same time, 18% of all registered cases in 2024 reached court, and more than 4,500 cases were closed. Such data is contained on the platform The opendatabase.
In 2024, approximately 8,000 cases are opened every month, compared to almost 7,000 last year. For comparison, in 2021, this indicator was about four times smaller – about 2 thousand cases per month.
In 2023, losses from illegal transactions with payment cards reached almost 833 million hryvnias, which is 73% more than in 2022. Social engineering has become one of the main methods of fraudsters, because instead of directly obtaining confidential data, criminals increasingly force victims to make transfers themselves, which is called “self fraud”. Also, the most common schemes include the hacking of social media accounts, fake messages about social benefits, the creation of fraudulent websites, non-delivery of goods after prepayment, phone calls on behalf of banks, phishing, and requests for help via social networks.
According to the survey, 11% of Ukrainians have fallen victim to fraudsters since the beginning of the full-scale invasion, and most often these are women (13.6%) and young people (14% among respondents aged 18-24). Losses from the actions of fraudsters vary, but a quarter of those surveyed lost more than 5 thousand hryvnias.
New fraudulent schemes
The State Service for Special Communications and Information Protection of Ukraine warns of a new fraudulent scheme where criminals send messages asking them to vote for children in art contests. Such messages can come even from people you know. If you follow the link and enter your details, your account may be compromised. It is also important to note that fraudsters are constantly improving their technological schemes, and therefore all systems must work proactively to prevent this.
The Ministry of Reintegration of the Temporarily Occupied Territories of Ukraine reported an increase in cases of fraudulent activities under the guise of financial aid from international donors: fraudsters spread fake links to registration for financial aid from the International Organization for Migration or the United Nations.
During the war, fraudsters also reached a new level and adapted their schemes to new conditions, taking advantage of people’s anxiety, financial illiteracy and difficult financial situation. For example, a scheme with the offer of easy earnings on the Internet for “likes” in social networks is gaining popularity. At first, fraudsters pay for the first “tasks”, gaining the trust of the victim, and then extort significantly larger amounts.
The other main types of fraud remain phishing and social engineering, which account for almost 80% of all fraud cases. Phishing consists in extorting bank card data through Internet resources: copies of bank websites, online stores or payment systems are created, and by entering their data, victims lose access to their accounts.
In general, fraud on the Internet is becoming an increasingly common problem, and with the development of artificial intelligence, it is much more difficult to avoid it. Phishing emails from artificial intelligence cope with their task as effectively as those composed by humans. In a phishing email, fraudsters usually pretend to be a company or an individual and ask the user for credit card details, passwords and other sensitive information.
The main features of phishing emails
A disturbing topic. Cybercriminals use social engineering – targeted manipulation to convince a person or organization to disclose confidential information. A popular way to do this is to choose an alarming subject of the letter.
Be wary if the email contains phrases such as “urgent”, “security warning”, “action required” and “account at risk”. Hackers hope that after seeing them, a person will panic and act impulsively. Without thinking twice, she will provide sensitive information, follow a link or download an attachment.
At the same time, it should be borne in mind that ordinary companies also use such expressions in order to inform employees and customers about a real emergency situation. Therefore, you should not rush and send such a letter to the trash.
Suspicious domain name. Cybercriminals can use the name of a well-known company, its logo and letter design. However, if you look closely at the email domain, you may notice one of the following red flags:
- A public address is used, for example, company_name@gmail.com.
- In the domain name, the name of the real organization is written incorrectly or in a modified version.
- A domain contains several subdomains.
- A top-level domain is different from what companies use. For example, .ua, .com, .net or .org, etc. Fraudsters on the OLX website often choose this path.
If the domain looks suspicious, you should contact the company for help. You can also find the correct email address on the organization’s website and compare the real domain with the suspicious one.
A general or overly personal greeting. Some phishing emails begin with a general greeting, such as “Dear Customer.” If scammers know your name, they can over-personalize the greeting to gain trust. They may add overly personal or specific information: full name, phone number, and address. Legitimate companies take a more balanced approach and do not include information about the recipient that they already know.
Grammatical and spelling errors. Legitimate companies pay close attention to grammar and spelling in their communications. At the same time, phishing emails may contain obvious errors.
Suspicious links and attachments. Phishing emails sometimes contain links to malicious sites that may have a form for entering personal information that looks the same as on a real, reputable site. However, once the user enters their details (name and password), the fraudster will see them and then use them to hack the account.
In addition to links, phishing emails can have attachments – an executable file (exe) or a compressed archive (zip, rar or tar.gz). If you download and open it, your device will be infected with malware or ransomware.
Request for confidential information. No legitimate company or organization will ask people for personal information by mail. You should not respond if someone asks for your password, bank card details, account balance, address, phone number or similar information. You should also not answer if the letter asks for, for example, the mother’s maiden name, favorite color or the name of a pet. This information will help fraudsters avoid security issues when hacking a victim’s account.
A false sense of urgency. Fraudsters may ask you to perform a certain action as soon as possible to avoid negative consequences. Sometimes they even aggressively demand that their requests be fulfilled immediately. For example, follow a link or provide requested information so that the account is not deleted. So the victim of the crime will start to panic and will not have time to confirm this information.
An unrealistic offer. If a person suddenly won a lottery in which he never participated, or a relative he had never heard of “left him a huge inheritance”, this could be a phishing email. Scammers may ask their potential victim to provide certain information or pay a payment processing fee before sending their winnings or inheritance.
Hence, modern social engineering is a more sophisticated scheme where the attackers force the victim to voluntarily transfer funds or provide confidential information. Fraudsters can impersonate the victim’s acquaintances or relatives or hack their social media account and ask the victim’s friends and relatives for help.
Another common scheme is promises of high earnings through investments. Fraudsters create special infrastructures, websites with “personal accounts” of victim investors, hire lawyers, mentors and brokers, organize “investing” courses. Victims see their account grow and trust the fraudsters until they try to withdraw money, after which the attackers disappear.
Preventive measures of banks and fraud prevention system
Banks are actively improving their security systems to combat fraud. For example, to access the banking application or carry out transactions, customers are sent additional confirmation codes to their mobile numbers. The systems are also configured to detect suspicious financial behavior and block such transactions. Privatbank’s anti-fraud system prevents 90% of unauthorized payment attempts, similar indicators are demonstrated by other large banks.
In order to avoid fraud, you should:
- Do not disclose confidential bank details. Banks never ask customers to provide CVV code, logins and passwords to banking applications, PIN code from a bank card and one-time passwords to confirm the transaction. If someone requests this information, you should stop communicating.
- Be careful with phishing. Check the sites from which payment is planned. Even small differences in the URL can indicate a fake. It is necessary to enter the name of the required site into the search engine in order to be sure of its authenticity.
- If you receive a message from a family member or close acquaintance asking for help, contact them through alternative channels to verify the information.
- Do not respond to promises of quick earnings, check information about brokers or investment resources to avoid scammers. You should also look for reviews and check the lists of salary schemes.
Identifying fraudsters: an overview of signs and methods for recognition
The fight against financial fraudsters has become the main priority for government structures and financial institutions in Ukraine. Despite efforts in this direction, fraud schemes are constantly transforming. They adapt to changes in the market, which is why the ability to sense fraud is an important skill for those considering investing in a variety of projects.
Often, the promise of extremely high returns without taking into account global financial conditions can be a warning signal in itself, however, this is only one indicator. The National Commission for Securities and the Stock Market (NCSCFR) provided a list of signs that indicate the possible fictitiousness of an investment project.
One of the main features is the promise of extremely high returns. Some fraudsters promise a profit of even tens of percent every month or even indicate the possibility of multiplying the investment tenfold. These are unrealistic claims that should be carefully checked before any investment.
An additional clue is the lack of necessary permits for activities on the stock market. Some scammers may even try to prove their legitimacy with fake licenses issued in offshore areas.
Aggressive marketing, lack of a permanent office, lack of a legal entity in the country where the project is deployed – all this can be part of a fraudulent strategy.
Also, an important sign can be the lack of verification of the investor’s financial status and the secrecy of information about project managers and their professional biographies. Making investments without signing contracts, an intrusive offer to attract friends and acquaintances, as well as the absence of documents confirming ownership rights – all this can also indicate the risk of fraud.
If you notice at least a few of these signs in a potential project, this may already indicate a high probability that it is fraudulent. NKCPFR maintains its own list of suspicious projects, which currently has 134 entries. The presence of a project on this list is a serious argument for avoiding investing in it.
Scams with pseudo-investments have already gone beyond the borders of Ukraine, attracting the attention of investors from the countries of the European Union. Many companies offering such schemes extort money from gullible citizens of the European Union by promising them large profits. One of the cases of this scheme is related to an investor from the Ukrainian delivery company Rocket, Timur Rokhlin. According to the German police, the company under his control promised to increase the funds of clients a hundredfold, but in fact the funds raised were not invested, but used for advertising and other purposes. Such schemes have already been discovered and investigated by international law enforcement agencies.
Currently, the market is actively looking for people with knowledge of foreign languages who are ready to join such companies. Fraudsters offer them a salary from 30 to 100 thousand hryvnias, and although these companies work in the field of financial consulting, they do not require their employees to have basic financial education. For many of these fraudsters, the main thing is the ability to convince people and do it effectively. They learn standard phrases and responses to the objections of potential victims in order to convince them to invest profitably, and this is not only a great risk to financial security, but also a serious legal violation for both owners and participants.
In general, fraud schemes in the financial sector are becoming more sophisticated and sophisticated, but their basic techniques remain the same. You can recognize them by analyzing certain signs and carefully checking information before any investment.
Combating new fraudulent schemes in social networks
Recently, Ukraine has also faced new fraudulent schemes actively spreading through social networks such as TikTok, Instagram, Facebook, YouTube and even Google Maps. Fraudsters promise from 600 to 1,500 hryvnias per day for activity in social networks (likes, comments). Messages with such offers come from numbers registered abroad. Along with scams on TikTok, there are many cases of fake offers being sent via WhatsApp. Fraudsters promise an income of up to 3,000 hryvnias for liking videos on TikTok, which misleads potential victims.
Ukrainian banks – Privatbank, A-bank and Monobank – discovered this fraudulent scheme after numerous appeals from citizens. In response, they developed countermeasures:
- Blocking the accounts of fraudsters.
- Transaction monitoring – banks monitor recurring transaction amounts and warn customers about possible dangers.
Representatives of Privatbank note that the bank successfully stops about 76% of fraudulent transactions, and A-bank actively informs customers about suspicious activities. Monobank reported that their clients lost about 65 million hryvnias, but at the same time the bank was able to stop about 70% of fraudulent transactions.
Therefore, Ukrainian banks actively oppose new fraudulent schemes, developing a certain set of measures to protect customers. However, fraudsters also continue to improve their methods, which requires constant updates to security systems. Raising citizens’ awareness of fraud and training them in protection methods remain key elements in the fight against financial crime. In the coming years, the strengthening of security measures and the development of technologies aimed at preventing fraud and protecting personal data of users is expected.
