Scammers are constantly improving their skills, so it becomes more and more difficult to identify a phishing resource
Using the card on the Internet: how to recognize fraudulent sites.
According to the Interbank Association of Members of EMA Payment Systems, experts have already recorded 82 phishing sites. Fraudulent web resources under the guise of providing non-existent services convince users to enter the confidential data of their payment cards, thus gaining access to citizens' accounts and stealing money. Comparing statistics for the first half of 2021 with those for the same period last year, the number of phishing sites dropped by 29.5%. But this lull, experts say, is deceiving. Although there are fewer fraudulent resources identified, fraudulent schemes are becoming more sophisticated and sophisticated.
Cybercriminals are increasingly making sites with secure connections.
• Fraudsters are mastering new types of "services": employment (remote work), obtaining an online loan, selling air tickets. For example, on phishing sites identified and closed by specialists, criminals offered "remote work" from Ukrposhta (to receive a salary, it was necessary to provide all the payment card details: not only the number, but also its validity period, a three-digit CVV2 / CVC2 security code with reverse side of the card). One of the latest examples of criminals in 2017 was the launch of a phishing clone site of the popular Privat24 service - the site http://pb24corp.at.ua lured away passwords to access online banking.
To receive a salary, it was necessary to provide all the details of a payment card. Photo: jvfconsulting.com
• Attackers began to use programs to redirect from phishing sites to legitimate ones and conduct transactions in real time. If earlier criminals used a phishing site solely to obtain card data, and made transfers later, now many phishing sites have a money transfer function. And, at first glance, everything is plausible: you are going to transfer money to someone on the card, the program sends you to the legitimate site of the payment system, but in the process it changes the recipient's card details, and sometimes the amount. That is, money is debited from your card, but it goes not to the addressee, but to the thieves.
The money is debited from your card, but it goes not to the addressee, but to the thieves. Photo: blog.webnames.ca
Using the card on the Internet: how to recognize fraudulent sites.
According to the Interbank Association of Members of EMA Payment Systems, experts have already recorded 82 phishing sites. Fraudulent web resources under the guise of providing non-existent services convince users to enter the confidential data of their payment cards, thus gaining access to citizens' accounts and stealing money. Comparing statistics for the first half of 2021 with those for the same period last year, the number of phishing sites dropped by 29.5%. But this lull, experts say, is deceiving. Although there are fewer fraudulent resources identified, fraudulent schemes are becoming more sophisticated and sophisticated.
How are cybercriminals perfecting their schemes?
• Cybercriminals are increasingly making sites with a secure connection, which is indicated by the abbreviation https at the beginning of the address bar. Previously, the rule worked: if it is written https - the site is protected and does not pose a danger. But now that citizens have become more vigilant and aware of this issue, criminals also approach the issue of "disguise" more thoroughly. Recently, thanks to the efforts of the EMA Association employees, two more phishing sites with https in the address: https://tachsend.com/ and https://finens.biz/ were blocked. Both are fakes of the tachcard.com payment service.Cybercriminals are increasingly making sites with secure connections.
• Fraudsters are mastering new types of "services": employment (remote work), obtaining an online loan, selling air tickets. For example, on phishing sites identified and closed by specialists, criminals offered "remote work" from Ukrposhta (to receive a salary, it was necessary to provide all the payment card details: not only the number, but also its validity period, a three-digit CVV2 / CVC2 security code with reverse side of the card). One of the latest examples of criminals in 2017 was the launch of a phishing clone site of the popular Privat24 service - the site http://pb24corp.at.ua lured away passwords to access online banking.
To receive a salary, it was necessary to provide all the details of a payment card. Photo: jvfconsulting.com
• Attackers began to use programs to redirect from phishing sites to legitimate ones and conduct transactions in real time. If earlier criminals used a phishing site solely to obtain card data, and made transfers later, now many phishing sites have a money transfer function. And, at first glance, everything is plausible: you are going to transfer money to someone on the card, the program sends you to the legitimate site of the payment system, but in the process it changes the recipient's card details, and sometimes the amount. That is, money is debited from your card, but it goes not to the addressee, but to the thieves.
The money is debited from your card, but it goes not to the addressee, but to the thieves. Photo: blog.webnames.ca
What to do in order not to fall for the bait of cyber fraudsters?
- It is preferable to use resources registered on the .ua domain. Registration on it requires additional permissions, and most of the legitimate Ukrainian payment services are registered on .ua. But phishing sites are registered on any other domain where there are no restrictions. In doing so, remember that com.ua, .in.ua, .pp.ua, .kiev.ua, .dp.ua ,. te.ua is not a .ua domain!
- Check the reputation of the service you intend to use. To do this, just enter the name of the site in a search engine and view the information available on the network about it. If there is absolutely no information, reviews, or only negative reviews about the resource, refrain from using it. It is also worth finding the official contacts of the company on whose behalf the site allegedly works, and call there to clarify whether the declared services are really being provided. Such checks are especially important when applying for a job remotely, buying tickets, applying for a loan online.
- Make sure that the site you are visiting is not a "fly-by-night", created recently and for a short time. You can check the creation date of the web resource by entering in the search box: whois.com/whois/ site name.
- Check if the site you are using is not listed on the EMA Association's “Black List” of fraudulent sites and in the STOP FRAUD section of the Cyberpolice website.
