A new wave of cyberattacks targeting the mass infection of user devices has been recorded in Ukraine. Criminals are sending fake emails in the name of the National Energy Company 'Ukrenergo', disguising malware as official documents.
Attack scheme: from email to data theft
According to the Center for Countering Disinformation (CCD), scammers are using social engineering, exploiting the current agenda. In their mailings, users are offered to download files that allegedly contain electricity outage schedules or payment receipts.
Emails arrive from addresses mimicking the company's official domain ([email protected]). However, as soon as the user opens the attachment, malicious software penetrates their device. The goal of the attack is not just to infect the gadget, but to gain full access to personal data, including passwords and bank account information.
Attack sources and company response
Cybersecurity specialists have established that the mailing is being carried out from Russian territory. The press service of NEK 'Ukrenergo' categorically denied involvement in such actions. The company officially warned citizens: outage schedules and payment documents are never sent via email.
"NEK 'Ukrenergo' warns that the company does not send outage schedules or receipts via email," the energy holding emphasized.
Escalation of digital threats
This incident occurs against the backdrop of a general rise in sophisticated cyberattacks in the country. Experts note that scammers are becoming more technologically advanced, using the latest tools to bypass security.
Recently, the 'Diia' service team reported the emergence of phishing resources copying the interface of the state platform to steal data. An even more dangerous trend is the use of artificial intelligence. Criminals have learned to improve the quality of photos from social networks to copy fingerprints and bypass smartphone biometric protection.
How to protect yourself: digital hygiene rules
To prevent data loss, specialists recommend following strict security rules when working with email and messengers.
- Do not click on links or open attachments from unknown senders, even if they look official.
- If you receive a suspicious email from 'Ukrenergo' or other services, delete it immediately.
- Set up automatic spam filtering in messengers (e.g., in Viber) to block malicious contacts before the conversation begins.
- Be careful when publishing selfies with gestures where fingerprints are visible, as AI can use them to forge biometrics.
Vigilance and adherence to digital hygiene remain the main tools for protection against modern cybercriminals.