The most popular scams to extract codes from SMS

[Man]

The development of digital technologies brings us not only numerous advantages, but also makes us be prepared for the fact that money may end up in the hands of cybercriminals. In this regard, the founder of the Kredcheck service, Elman Mekhtiev, spoke specifically for RG about the most common methods of fraud and how to resist them:

- Most often, fraudsters steal citizens' funds by gaining access to a verified account of an individual on a single portal of state and municipal services. Since there is more than enough information about each of us in the public domain, including through social networks.

Most often, in order to take over control of an account, third parties only need to obtain the control code, which is sent to the account owner to confirm actions to change the password.

And to get the coveted numbers from SMS, only some scenarios are not used:

• "call from mobile operator about SIM card expiration"
• "code for confirming a parcel from the Central Archive of State Services"
• "code for entering missing entries in the work book for the correct calculation of the future pension"
• "code to confirm an order for a product at a super-discounted price"
• "code for making an appointment at the clinic" and "code for making an appointment with the investigator"...

Also very popular are calls and messages "from a big boss", "from the investigative authorities", and so on.

This whole host of threats can be combated only by observing digital and financial "hygiene" measures:

• Since more and more attacks are carried out using calls via instant messengers, simply block incoming calls via the Internet. If this is not possible due to professional activities, limit them to numbers already saved in "contacts" (like in Telegram), or turn off the sound for unknown numbers (like in WhatsApp). Even turning off the sound of such a call will help you not to rush to answer a call from an unknown number and remember the risks of so-called number substitution when calling via instant messengers;
• if, after answering a call, you understand that it is spam or an attack, do not be lazy to add it to the block list. And even if calls with the same content continue to come from other numbers, do not be lazy to add them to the block list (I once had to add numbers to such a list for almost 30 minutes in a row);
• if you are asked to pronounce a code from an SMS, do not be lazy to read the entire message carefully - its sender will definitely be indicated there. By pronouncing the code, you can give to a third party not only all the information stored in state information systems, but also the password to your personal account at the bank, where "the money is";
• if you receive a call "from the bank", clarify the name of the credit institution, hang up and call back the number indicated on the bank's website or on the payment card;
• if the "boss's boss" writes to you, don't get ahead of yourself and don't be lazy in calling your boss back to clarify everything you read in the message;
• If you receive a message from an unknown address or number, no matter how attractive or urgent the message may be, do not rush to open the links in it. By clicking on the link, you can start downloading a Trojan application to your device and thereby "give up all your passwords and addresses" to the attackers...

The list can go on and on, but the most important piece of advice is always, when it comes to a non-standard situation and the need to "urgently make a decision and act", do not forget to "turn on your inner Stirlitz".