Opportunistic scammers have just launched a targeted spam campaign impersonating the UN Refugee Agency (UNHCR) in an attempt to trick users into handing over their complete credit card details as they supposedly make a donation to support Syria’s refugees.

Needless to say, this scam is seeking full access to your credit card details through a fraudulent Web site that’s directly collecting the information, has no SSL support, and is featuring a bogus “Verified by Verisign” logo in an attempt to add more legitimacy in the eyes of the prospective victims.

More details:

Sample screenshot of the spamvertised email:


Fraudulent URL: hxxp://sosmoney.eu/refugees/refugees/Donate%20to%20the%20UN%20Refugee%20Agency%20in%20the%20United%20States%20-%20USA%20for%20UNHCR.htm

Domain name reconnaissance: sosmoney.eu –; 2a01:238:20a:202:1091::145

Sample screenshots of the landing page:



We advise users to always research the Web site they’re about to use before making a donation in order to ensure that they’re not directly sending their credit cards details to fraudsters.

You can find more about Dancho Danchev at his LinkedIn ProfileYou can also follow him on Twitter.

Blog Staff

About the Author

Blog Staff

The Webroot blog offers expert insights and analysis into the latest cybersecurity trends. Whether you’re a home or business user, we’re dedicated to giving you the awareness and knowledge needed to stay ahead of today’s cyber threats.

Share This