Man
Professional
- Messages
- 3,223
- Reaction score
- 943
- Points
- 113
How do scammers work and how much money can a victim lose?
Since the beginning of the year, more than a thousand cultural leisure sites used by scammers have been blocked in Russia , the Coordination Center for .RU/.РФ domains told Izvestia. They created fake profiles on dating sites or social networks and sent their partners links to sites for buying tickets, after which money was stolen from their cards . Izvestia reports on why these schemes are becoming especially popular before the New Year and how to avoid falling for the scammers' tricks.
How to recognize a scammer by correspondence
In RuNet, 1,013 domains of fake cultural leisure sites were blocked in the first 10 months of 2024. Among them were 316 cinemas, 375 theaters, 296 stand-up shows and 26 posters for various events , Izvestia was told at the Coordination Center for .RU/.РФ domains. Domains are blocked by registrars and hosting providers at the request of competent organizations as part of the Domain Patrol project. It is aimed at identifying malicious sites (domains) in the .RU and .РФ zones and protecting users from fraudulent resources.
12 organizations cooperate with the Coordination Center within the framework of the Domain Patrol: the National Coordination Center for Computer Incidents (NCCI), FACCT, BI.ZONE, the Bank of Russia, Roskomnadzor, FSUE MNI Integral, RU-CERT, Kaspersky Lab, Doctor Web, Rostelecom-Solar, the Safe Internet League and the Regional Public Center for Internet Technologies (ROCIT).
Most often, the sites on these domains were used for the fake date scheme, in which criminals create fake profiles on dating sites or social networks, posing as an attractive girl, explained the organization's project manager, Evgeny Pankov.
— Having won the partner's trust, the "girl" suggests going to the cinema, the theatre or a performance by a favourite artist. Then she sends a link to a website for buying tickets — it turns out to be a phishing site, and after payment the user loses money, and the "girl" never gets in touch again , — he said.
Despite the fact that the first cases of this scheme were recorded about five years ago, its popularity has not decreased since then . Fraudsters are constantly improving it, the expert added. If earlier they were limited to correspondence and then a link to a fake site, now the victim can communicate with their "partner" in person - this can happen both via video, and there are cases of offline meetings .
According to Irina Zinovkina, head of analytical research at Positive Technologies, fraudulent websites for purchasing various types of tickets are becoming especially popular in the run-up to the New Year holidays .
— The user can lose from several thousand rubles to even hundreds of thousands — it depends on what tickets he buys and in what quantity. In order not to fall for the tricks of scammers, it is worth carefully monitoring the site on which the purchase is made for errors, — Irina Zinovkina emphasized.
Such sites are popular because they are so popular. The user will not lose much money, but it is important for the attacker to have many victims, said Alexey Gorelkin, CEO of Fishman (a Skolkovo resident). After all, if the amount is insignificant, people will not always decide to contact law enforcement agencies.
How to protect yourself from scammers
In this scheme, the attackers also use artificial intelligence technologies. There are known cases where fraudsters used recordings generated with the help of AI: they send the victim voice messages supposedly from a girl to make it more convincing , said Evgeny Egorov, leading analyst of the Digital Risk Protection Department at FACCT.
In addition, according to him, there is another option - when they send a link not to purchase tickets, but to download a fake mobile application .
— It contains hidden spyware and a phishing form that intercepts entered bank card data and codes from SMS. As a result, the attackers can write off money from the victims' cards or empty their accounts, — the expert said.
Girls can also become victims in various scenarios of the scheme. For example, fraudsters offered them a free professional photo shoot, paying only for the hourly rent of the studio , the expert explained. As a result, the victim's money and bank card details were stolen , including under the pretext of canceling the photo shoot and returning the advance payment.
The expert recommends not paying for purchases on unfamiliar websites and not following links from unknown users, and also making purchases only on trusted resources.
In addition, it is important to check the domain name of the resource and its registration date. If it differs from the original or simply seems suspicious to you, you should not buy or order anything there , he noted.
Fake websites can be recognized by their appearance, said Olga Svistunova, senior content analyst at Kaspersky Lab. Most often, no buttons except the payment button work on such resources, there are typos, and the layout is sloppy. She noted that most often, attackers implementing scam schemes combine them with social engineering techniques - they rush people, not giving them time to think. Users do not always have time to critically assess the appearance of the page where they enter data.
Most leaks occur precisely because of the low level of awareness of citizens about the schemes of cybercriminals , believes the head of the cyberhub of the Skolkovo Foundation (VEB.RF Group) Igor Biryukov. To solve such issues with fake sites and services, it is necessary to have basic knowledge of cyber hygiene and be vigilant, as well as use antiviruses. Domestic means of protection are reliable and demonstrate a high level, he summarized.
Since the beginning of the year, more than a thousand cultural leisure sites used by scammers have been blocked in Russia , the Coordination Center for .RU/.РФ domains told Izvestia. They created fake profiles on dating sites or social networks and sent their partners links to sites for buying tickets, after which money was stolen from their cards . Izvestia reports on why these schemes are becoming especially popular before the New Year and how to avoid falling for the scammers' tricks.
How to recognize a scammer by correspondence
In RuNet, 1,013 domains of fake cultural leisure sites were blocked in the first 10 months of 2024. Among them were 316 cinemas, 375 theaters, 296 stand-up shows and 26 posters for various events , Izvestia was told at the Coordination Center for .RU/.РФ domains. Domains are blocked by registrars and hosting providers at the request of competent organizations as part of the Domain Patrol project. It is aimed at identifying malicious sites (domains) in the .RU and .РФ zones and protecting users from fraudulent resources.
12 organizations cooperate with the Coordination Center within the framework of the Domain Patrol: the National Coordination Center for Computer Incidents (NCCI), FACCT, BI.ZONE, the Bank of Russia, Roskomnadzor, FSUE MNI Integral, RU-CERT, Kaspersky Lab, Doctor Web, Rostelecom-Solar, the Safe Internet League and the Regional Public Center for Internet Technologies (ROCIT).
Most often, the sites on these domains were used for the fake date scheme, in which criminals create fake profiles on dating sites or social networks, posing as an attractive girl, explained the organization's project manager, Evgeny Pankov.
— Having won the partner's trust, the "girl" suggests going to the cinema, the theatre or a performance by a favourite artist. Then she sends a link to a website for buying tickets — it turns out to be a phishing site, and after payment the user loses money, and the "girl" never gets in touch again , — he said.
Despite the fact that the first cases of this scheme were recorded about five years ago, its popularity has not decreased since then . Fraudsters are constantly improving it, the expert added. If earlier they were limited to correspondence and then a link to a fake site, now the victim can communicate with their "partner" in person - this can happen both via video, and there are cases of offline meetings .
According to Irina Zinovkina, head of analytical research at Positive Technologies, fraudulent websites for purchasing various types of tickets are becoming especially popular in the run-up to the New Year holidays .
— The user can lose from several thousand rubles to even hundreds of thousands — it depends on what tickets he buys and in what quantity. In order not to fall for the tricks of scammers, it is worth carefully monitoring the site on which the purchase is made for errors, — Irina Zinovkina emphasized.
Such sites are popular because they are so popular. The user will not lose much money, but it is important for the attacker to have many victims, said Alexey Gorelkin, CEO of Fishman (a Skolkovo resident). After all, if the amount is insignificant, people will not always decide to contact law enforcement agencies.
How to protect yourself from scammers
In this scheme, the attackers also use artificial intelligence technologies. There are known cases where fraudsters used recordings generated with the help of AI: they send the victim voice messages supposedly from a girl to make it more convincing , said Evgeny Egorov, leading analyst of the Digital Risk Protection Department at FACCT.
In addition, according to him, there is another option - when they send a link not to purchase tickets, but to download a fake mobile application .
— It contains hidden spyware and a phishing form that intercepts entered bank card data and codes from SMS. As a result, the attackers can write off money from the victims' cards or empty their accounts, — the expert said.
Girls can also become victims in various scenarios of the scheme. For example, fraudsters offered them a free professional photo shoot, paying only for the hourly rent of the studio , the expert explained. As a result, the victim's money and bank card details were stolen , including under the pretext of canceling the photo shoot and returning the advance payment.
The expert recommends not paying for purchases on unfamiliar websites and not following links from unknown users, and also making purchases only on trusted resources.
In addition, it is important to check the domain name of the resource and its registration date. If it differs from the original or simply seems suspicious to you, you should not buy or order anything there , he noted.
Fake websites can be recognized by their appearance, said Olga Svistunova, senior content analyst at Kaspersky Lab. Most often, no buttons except the payment button work on such resources, there are typos, and the layout is sloppy. She noted that most often, attackers implementing scam schemes combine them with social engineering techniques - they rush people, not giving them time to think. Users do not always have time to critically assess the appearance of the page where they enter data.
Most leaks occur precisely because of the low level of awareness of citizens about the schemes of cybercriminals , believes the head of the cyberhub of the Skolkovo Foundation (VEB.RF Group) Igor Biryukov. To solve such issues with fake sites and services, it is necessary to have basic knowledge of cyber hygiene and be vigilant, as well as use antiviruses. Domestic means of protection are reliable and demonstrate a high level, he summarized.
