Cybercriminals recently attempted a charity attack exploiting the crisis in Gaza and Israel [3]. They targeted individuals and organizations [1] [3], posing as “help-palestine[. [2]]com” and manipulating sympathy for children in Palestine to solicit fraudulent donations. This attack is an example of social engineering [3], preying on people’s goodwill and desire to contribute to relief efforts during humanitarian crises [3].


The attackers specifically targeted 212 individuals across 88 organizations [1] [2], using emotionally charged language and inclusive wording to manipulate recipients into donating funds to cryptocurrency wallet addresses [3]. To enhance their credibility, they included links to news articles highlighting the impact of the conflict on children [2]. The cybercriminals employed various tactics, such as spoofing a legitimate email address and creating a non-existent domain [1] [2], to conceal their identity [1] [2]. Legacy secure email gateways struggled to detect this attack [1], underscoring the importance of modern, AI-native email security solutions that can identify social engineering tactics and detect attempts to leverage emotional manipulation for deceptive purposes [2].


This charity attack demonstrates the power of emotional manipulation during humanitarian crises, making individuals more susceptible to deception [3]. It highlights the need for improved email security solutions that can effectively detect social engineering tactics. Mitigating such attacks requires a combination of user awareness, robust security measures, and ongoing advancements in technology. As cybercriminals continue to exploit global crises, it is crucial to remain vigilant and adapt security strategies to counter evolving threats.