Vladimir Bengin, who leads the Cyber Security Department within the Russian Ministry of Digital Development, urged banks to resist offering customer services through instant messaging apps. The report from TASS highlighted his warning, emphasizing caution and clear boundaries in how financial services are delivered to the public. In his words, banks should avoid the practice of providing account assistance or transactional support via popular chat platforms, even if such channels appear convenient to customers or cost-effective for the bank itself. He stressed that a shift toward messaging-based service could blur lines between official communications and informal channels, creating opportunities for confusion and abuse among users.
He was unequivocal about what banks should not do: do not route customer service through instant messengers. The message was delivered with insistence that institutions must prioritize secure, traditional channels for sensitive operations. Bengin underscored the imperative for a high level of scrutiny and risk assessment when considering new customer contact methods. The call to action was loud and clear: preserve the integrity of banking communications by avoiding casual, chat-based interfaces for anything beyond basic information sharing. The emphasis was on protecting customers from potential fraud vectors that can emerge when informal platforms are treated as legitimate service lines.
Statistics cited by Bengin indicate that a substantial portion of fraudulent attempts originate from messaging platforms, with estimates ranging from 65% to 80% of deceptive calls reportedly made through WhatsApp. He pointed to these figures as a stark reminder that fraudsters continually adapt by leveraging widely used consumer apps. The pattern suggests that attackers may exploit familiar routing numbers, display names, and messaging behaviors to impersonate bank representatives, thereby luring unsuspecting customers into divulging personal data or authorizing unwarranted transactions. The figures serve as a警告 to financial institutions that the threat landscape is shifting toward the easiest, most popular channels available to the public. (Source: TASS)
In his analysis, Bengin noted that the origin of many scam attempts involves calls that appear to originate from Russian numbers. When direct Russian numbers are unavailable, attackers frequently fall back to foreign numbers, muddying caller ID and complicating verification processes. This tactic makes it harder for customers to distinguish legitimate bank outreach from fraudulent calls, especially when the message carries a veneer of authority or urgency. The director urged banks to implement robust caller verification practices, educate customers about legitimate banking communications, and limit service options that could be exploited through spoofed identities. The overarching aim is to reduce successful impersonation and the social engineering risk inherent in remote, messenger-based contact attempts. (Source: TASS)
Beyond the current warnings, Bengin cautioned against letting the public grow accustomed to the notion that a bank can officially approach customers through instant messengers as a routine channel for services. He argued that even if some platforms appear convenient, mainstream adoption should be prevented to minimize confusion, protect user data, and uphold the reputational trust of financial institutions. The director called for clear policy decisions, ongoing staff training, and customer education campaigns that reinforce secure communication practices. He framed this stance as a protective measure to preserve the safety and reliability of the banking system in an era where digital outreach grows rapidly. (Source: TASS)
Additional context from the cyber policy sphere shows a broader pattern of evolving scams tied to networks and digital services. In recent years, fraud schemes have exploited well-known online tools, turning them into entry points for illicit activity. A notable example cited in industry reports involved fraudulent access to services claiming connections with advanced neural networks. By December of 2022, only a few domains in the RuNet referenced ChatGPT, but a rapid uptick followed, and by January there were more domains registered than earlier months had seen. This trend illustrates how quickly threat actors adapt to new technologies and online ecosystems, reinforcing the need for vigilant monitoring, rapid response frameworks, and clear communication with the public about how official institutions conduct legitimate outreach. (Source: TASS)