Tomcat
Professional
- Messages
- 2,695
- Reaction score
- 1,060
- Points
- 113
Despite the enormous work of law enforcement agencies to identify and suppress financial fraud on the territory of the Russian Federation, educational activities and training events, their number has not yet decreased, and swindlers continue to come up with new schemes for taking money from the population. One of the recent trends has been the active use by attackers of various information occasions, be it holidays, elections, natural disasters, foreign policy events, and so on, warns lawyer, expert of the NIFI project of the Russian Ministry of Finance “Moifinance.rf” Kirill Poleshchuk.
How does this happen? It’s very simple, Poleshchuk explained: scammers create a fake account in instant messengers for the head of an enterprise, government agency, or administration. In this case, a real photograph of this person is used as an avatar. Using stolen databases or open sources, potential subordinates of this manager are identified. For example, on behalf of the chief physician they write to all hospital employees, on behalf of the regional minister of education they write to employees of all schools. In communication, a businesslike and respectful tone of communication is observed.
“The essence of the deception boils down to the fact that a big manager asks an employee to help solve a problem. For example, he reports that the hospital has a big problem with the expenditure of funds, the state is conducting an audit, now Ivan Ivanovich from the police (investigative committee, FSB and so on - approx. . ed.), please, talk to him and provide all the necessary information. Then “Ivan Ivanovich” immediately calls and talks about the importance of cooperation and tries to either find out the citizen’s personal data or use psychological tricks to force him to send certain amounts of money,” the expert explained.
How to protect yourself?
You can always contact the “boss” who wrote to you in another proven way. If you can’t, then you should think about whether a manager with whom you have no direct connection will write to you personally. In any case, correspondence must be stopped, no personal data must be provided, and no funds must be transferred.
“Usually scammers claim that the current contract for servicing the number is ending. If it is not renewed, the number will be given to another person. But they offer to help you renew the contract right now by phone so as not to visit the office of the cellular operator. Just dictate the code from the SMS. Then - go following the link where you need to enter another code. As a result, the scammers gain access to the State Services account,” the expert said.
Similarly, fraudsters can gain access to a citizen’s personal account on the mobile operator’s website, which will allow them to forward messages and calls from the victim’s number to their own. This is done in order to further confirm various types of transactions: withdrawal of funds from the subscriber’s bank cards, issuing a loan to him.
How to protect yourself?
If you have problems with cellular communications, a SIM card, or a tariff plan, then you can always contact the employees of your cellular operator in any of the many offices or call back to the short number of your cellular operator yourself and resolve the issue.
“The most common trick is an offer to receive some kind of government payment. Often messages about an allegedly large payment or subsidy to citizens of a certain category, age or profession are sent to each other by the citizens themselves, published as advertising in groups or public pages. The classic scheme is offered: you tell them - these cards are money to you. But, of course, no one pays any money,” Poleshchuk explained.
How to protect yourself?
Information about real measures of social support for citizens can only be obtained on the websites of the relevant government agencies or during a personal meeting.
But there is another scenario, the expert continues. For example, a call from representatives of investigative authorities or Rosfinmonitoring with a threat to block an account in which dubious transactions were allegedly recorded. To avoid this, scammers demand payment of a fine. To be convincing, they can even send a receipt on the official letterhead of the department.
Don’t forget: information about fines can be clarified with the relevant authorities. In practice, it is extremely rare for an ordinary citizen in his life to encounter an activity in which the real Rosfinmonitoring may be interested.
“The classic scheme for deceiving older people is a phone call from an alleged relative in trouble or a police officer who detained him. Money is allegedly required to resolve an issue with the police. Gullible citizens, without checking information with a real relative, collect money available at home and handed over to the arriving courier. The defense is to tell your elderly relatives about such cases, convince them to immediately interrupt conversations with strangers,” Poleshchuk said.
Among the new scenarios, the expert noted the offer of assistance in installing a banking application. “Indeed, due to sanctions, the applications of many banks are now blocked. Fraudsters offer instructions on how to download the application, but in fact this application is not a banking application, but is intended to steal personal and banking data of citizens. Also, scammers may offer to install some anti-virus applications in order to save your data, but in fact, these applications also serve to steal data. Sometimes malware gives attackers remote access to the device, allowing them to see everything that happens on the mobile phone screen (personal information, codes from SMS, account data/amount of funds on it). them and much more - editor's note)," Poleshchuk said.
How to protect yourself?
The expert recommends downloading banking applications only after following links from the official websites of banks or in bank branches. If the phone has already been hacked, resetting it to factory settings can help, as well as changing passwords for all accounts that contain personal information about the user.
“If it concerns large sums of money - for example, selling used equipment on an advertisement site - wait until the money arrives in your account, a corresponding SMS from the bank or other notification. Do not trust the receipts shown,” Poleshchuk warned.
“Don’t rush to transfer money, try to contact the person at a different phone number. Agree with your relatives on a password or a secret question that needs to be mentioned if the conversation seems suspicious,” Poleshchuk recalled.
The expert also emphasized that malicious links used to hack a phone are often sent through harmless messages asking people to vote for their daughter/nephew in some creative competition. After clicking on the link, the phone may be hacked.
How to protect yourself?
Do not click on suspicious links, especially those sent through mass mailings.
Poleshchuk advised transferring aid only to verified charitable organizations, information about which is posted in official sources of government agencies or major federal media.
Important
If it turns out that the money was transferred to a fraudster, contact the bank with a request to recall the payment and the police. Provide the phone number and details of the recipient to the bank and law enforcement agencies so that they can be added to the “black list” of the Bank of Russia.
(c) https://rg.ru/2024/04/20/rossiian-predupredili-o-novyh-shemah-moshennichestva-v-2024-godu.html
Message from the "manager"
“Messages from fake accounts of managers of large enterprises and government agencies are becoming increasingly popular. The development of artificial intelligence technology allows fraudsters to fake voice messages and, in some cases, video messages to mislead citizens,” the expert noted.How does this happen? It’s very simple, Poleshchuk explained: scammers create a fake account in instant messengers for the head of an enterprise, government agency, or administration. In this case, a real photograph of this person is used as an avatar. Using stolen databases or open sources, potential subordinates of this manager are identified. For example, on behalf of the chief physician they write to all hospital employees, on behalf of the regional minister of education they write to employees of all schools. In communication, a businesslike and respectful tone of communication is observed.
“The essence of the deception boils down to the fact that a big manager asks an employee to help solve a problem. For example, he reports that the hospital has a big problem with the expenditure of funds, the state is conducting an audit, now Ivan Ivanovich from the police (investigative committee, FSB and so on - approx. . ed.), please, talk to him and provide all the necessary information. Then “Ivan Ivanovich” immediately calls and talks about the importance of cooperation and tries to either find out the citizen’s personal data or use psychological tricks to force him to send certain amounts of money,” the expert explained.
How to protect yourself?
You can always contact the “boss” who wrote to you in another proven way. If you can’t, then you should think about whether a manager with whom you have no direct connection will write to you personally. In any case, correspondence must be stopped, no personal data must be provided, and no funds must be transferred.
Calls from mobile operators
Poleshchuk recalled that often, under the guise of cellular company operators, scammers try to gain access to a person’s account on State Services.“Usually scammers claim that the current contract for servicing the number is ending. If it is not renewed, the number will be given to another person. But they offer to help you renew the contract right now by phone so as not to visit the office of the cellular operator. Just dictate the code from the SMS. Then - go following the link where you need to enter another code. As a result, the scammers gain access to the State Services account,” the expert said.
Similarly, fraudsters can gain access to a citizen’s personal account on the mobile operator’s website, which will allow them to forward messages and calls from the victim’s number to their own. This is done in order to further confirm various types of transactions: withdrawal of funds from the subscriber’s bank cards, issuing a loan to him.
How to protect yourself?
If you have problems with cellular communications, a SIM card, or a tariff plan, then you can always contact the employees of your cellular operator in any of the many offices or call back to the short number of your cellular operator yourself and resolve the issue.
Calls and messages from government agencies
Often, scammers call or write to a person allegedly on behalf of police officers, the Investigative Committee, the FSB, Rosfinmonitoring, the Tax Service, the Social Fund of Russia, and the State Services portal.“The most common trick is an offer to receive some kind of government payment. Often messages about an allegedly large payment or subsidy to citizens of a certain category, age or profession are sent to each other by the citizens themselves, published as advertising in groups or public pages. The classic scheme is offered: you tell them - these cards are money to you. But, of course, no one pays any money,” Poleshchuk explained.
How to protect yourself?
Information about real measures of social support for citizens can only be obtained on the websites of the relevant government agencies or during a personal meeting.
But there is another scenario, the expert continues. For example, a call from representatives of investigative authorities or Rosfinmonitoring with a threat to block an account in which dubious transactions were allegedly recorded. To avoid this, scammers demand payment of a fine. To be convincing, they can even send a receipt on the official letterhead of the department.
Don’t forget: information about fines can be clarified with the relevant authorities. In practice, it is extremely rare for an ordinary citizen in his life to encounter an activity in which the real Rosfinmonitoring may be interested.
“The classic scheme for deceiving older people is a phone call from an alleged relative in trouble or a police officer who detained him. Money is allegedly required to resolve an issue with the police. Gullible citizens, without checking information with a real relative, collect money available at home and handed over to the arriving courier. The defense is to tell your elderly relatives about such cases, convince them to immediately interrupt conversations with strangers,” Poleshchuk said.
Calls and messages from banks
Conversation scenarios may be different. Classic - the false bank operator talks about dubious transactions on the card, attempts to obtain a loan in your name, the need to save money in a “safe account”.Among the new scenarios, the expert noted the offer of assistance in installing a banking application. “Indeed, due to sanctions, the applications of many banks are now blocked. Fraudsters offer instructions on how to download the application, but in fact this application is not a banking application, but is intended to steal personal and banking data of citizens. Also, scammers may offer to install some anti-virus applications in order to save your data, but in fact, these applications also serve to steal data. Sometimes malware gives attackers remote access to the device, allowing them to see everything that happens on the mobile phone screen (personal information, codes from SMS, account data/amount of funds on it). them and much more - editor's note)," Poleshchuk said.
How to protect yourself?
The expert recommends downloading banking applications only after following links from the official websites of banks or in bank branches. If the phone has already been hacked, resetting it to factory settings can help, as well as changing passwords for all accounts that contain personal information about the user.
Payment for services using a fake QR code
“Payments using QR codes are becoming increasingly popular; scammers also take advantage of this, replacing real QR codes with fake ones that lead to payment for other services or data transfer,” Poleshchuk said.Fake bank receipts
Many citizens pay for goods or services by transferring money to a phone number. The buyer shows the bank receipt in their bank's app as proof of payment. It must be remembered that there are now many technologies and bots that allow you to forge bank receipts. Fraudsters take advantage of this when purchasing goods or services.“If it concerns large sums of money - for example, selling used equipment on an advertisement site - wait until the money arrives in your account, a corresponding SMS from the bank or other notification. Do not trust the receipts shown,” Poleshchuk warned.
Calls and messages from friends
Fraudsters hack other people's phones, including in order to send messages from the victim's phone about the transfer of money on credit or other assistance to all contacts in the phone book. For persuasiveness, pitying stories can be invented. In some cases, the voices (less often, videos) of your friends are faked.“Don’t rush to transfer money, try to contact the person at a different phone number. Agree with your relatives on a password or a secret question that needs to be mentioned if the conversation seems suspicious,” Poleshchuk recalled.
The expert also emphasized that malicious links used to hack a phone are often sent through harmless messages asking people to vote for their daughter/nephew in some creative competition. After clicking on the link, the phone may be hacked.
How to protect yourself?
Do not click on suspicious links, especially those sent through mass mailings.
Charity
Our citizens actively participate in charity or fundraising, for example, for the needs of the army, those affected by floods or as a result of other tragic events. Fraudsters take advantage of this and create fake charities. They then organize fake fundraisers, information about which is sent through instant messengers without indicating the actual original source.Poleshchuk advised transferring aid only to verified charitable organizations, information about which is posted in official sources of government agencies or major federal media.
Important
If it turns out that the money was transferred to a fraudster, contact the bank with a request to recall the payment and the police. Provide the phone number and details of the recipient to the bank and law enforcement agencies so that they can be added to the “black list” of the Bank of Russia.
(c) https://rg.ru/2024/04/20/rossiian-predupredili-o-novyh-shemah-moshennichestva-v-2024-godu.html
