Online scam artists are seeking to collect information from LGBTQI groups, including at least one in Russia, by posing as the New York-based LGBT-friendly network Funders for LGBTQ Issues.
The network issued this press release:
ALERT: Phishing Scam for Financial Information from LGBTQI Nonprofits and NGOs
It has come to our attention that someone is fraudulently posing as Funders for LGBTQ Issues in a nefarious phishing email campaign. They have sent emails to LGBTQI nonprofit and nongovernmental organizations (NGOs) claiming that Funders is giving them a grant and asking for sensitive financial information. These emails are not from Funders for LGBTQ issues.
We are outraged by this egregious attempt to prey on LGBTQI activists and organizations on the frontlines of our movement, and we are taking action to ensure this activity is stopped immediately.
If you or anyone in your network receives any communication promising funds from Funders for LGBTQ Issues, please do not click on any links or download any attachments, or otherwise engage with the sender. Please immediately notify Lyle Matthew Kan, our Director of Research & Communications, immediately at email@example.com.
Note that the fraudulent emails were sent from a fake email address with a gmail domain name, and copied background text from the Funders for LGBTQ Issues website to create the appearance of authenticity. The perpetrators have not breached our digital security or attained any sensitive information from us, but this unfortunate situation is a reminder to all of us of the real and ongoing threats faced by our movement, and in particular the need for vigilance and preparedness related to digital security and privacy.
To learn more about how to spot phishing attacks, visit the Electronic Frontier Foundation’s Surveillance Self-Defense Guide. Additionally, Access Now offers a Digital Security Helpline to provide rapid response support for individuals and organizations experiencing digital security threats as well as a wealth of training guides and resources. You can also report phishing attempts and find resources for avoiding cyber crime from the Anti-Phishing Working Group (APWG).