A Russian security company, Silent Push, has found a network of dozens of phishing domains that spoof the recruitment websites of Ukranian paramilitary groups like the Freedom of Russia Legion.
The sites collect personal details from Russian citizens who are opposed to Putin’s invasion of Ukraine and want to fight back.
However, such anti-war actions are illegal in the Russian Federation and participants are regularly charged and arrested.
Among the sites in the network are also spoofs of the US Central Intelligence Agency and the Ministry of Defense of Ukraine.
Rather than being advertised via email, the phony domains are promoted via search engine results; when Russians search for anti-Putin organistaions, the phishing domains are returned first.
This makes Russians searching for information about joining Ukrainian paramilitaries particularly vulnerable to the Russian security services.