The State Special Communications Service warns of a dangerous phishing campaign targeting military personnel and government agencies

Ukraine’s government computer emergency response team, CERT-UA, has detected a new large-scale phishing attack. This time, the attackers’ main targets were Ukrainian military personnel, government employees, and staff at critical infrastructure facilities. 

This was reported by the press service of the State Special Communications Service.

Cybercriminals are using a tactic of mass emailing, in which they skillfully impersonate representatives of CERT-UA and the State Special Communications Service. To attract attention and manipulate recipients, they use the subject line of an allegedly urgent and mandatory directive dated May 26, 2026, regarding cyber threat UAC-0252. In the body of the messages, the fake senders intimidate victims by claiming an unprecedented hacker attack on government information systems is underway, using the dangerous malware DEAFTICKv2. To “protect themselves,” recipients are forced to immediately check their own computers following the instructions attached to the email.

Experts urge users to be as vigilant as possible and strictly follow key digital hygiene rules if they receive such messages:

• Under no circumstances click on any links or hyperlinks within the text;

• Do not download any attached files or attachments to your devices;

• Refrain from opening or running any suspicious files.

The National Bank of Ukraine warns of a new wave of phishing attacks in which scammers are masquerading as official NBU letters. People are receiving messages with malicious attachments that look like genuine documents.

The NABU has warned of a mass mailing of phishing emails posing as official communications from the bureau.