A fake email from the NBU could give fraudsters access to your computer

National Bank of Ukraine warned about reports of mass emails with dangerous attachments that fraudsters disguise as official messages from the NBU. The attackers use styling similar to the regulator’s official website design to instill trust in recipients.

In such messages people are sent links to an archive supposedly containing “documents”. In reality, the archive may contain malware that allows remote access to the user’s computer. The NBU urges not to follow links from such emails and not to download files, even if the message looks official. Archives sent under the guise of business documents, requests, or official correspondence are particularly dangerous.

Separately, the National Bank emphasizes: genuine NBU emails are sent only from the official mail with the domain @bank.gov.ua. If a message comes from a different address, contains suspicious links or attachments, or requires urgent action, it should not be opened. The scheme is essentially built on trust in a state institution and on haste. A person is encouraged to quickly open “documents”, but after running the file the fraudsters can gain access to the device, files, correspondence, or other data.

To avoid becoming a victim of such an attack, you should check the sender’s address, not open archives from unknown emails, not click on suspicious links, and verify information only through the official channels of the National Bank of Ukraine.

Reminder: previously we wrote:

• Following a link in an ad about a social benefit on social media cost a Mykolaiv resident nearly UAH 94,000
• One call – and the money is gone: in the Mykolaiv region women were robbed of nearly UAH 400,000
• “You are in line for payments” – no, you are in line for fraud: a new scam on Viber
• One call – and minus UAH 103,000: in Mykolaiv another woman fell for a fake banker
• Telegram “blocked” you? No, it’s just scammers targeting the gullible again