A new fraud application using QR codes has been circulated. This was announced by the Central Bank of Russia in a statement on its website.
The Central Bank says that scammers can withdraw money from their victims’ accounts even without their card information and pin code.
“Some banks have launched a withdrawal service using a QR code. In the mobile application, the client can independently generate such a code for the required amount, bring it to the browser at an ATM and withdraw cash. Attackers started using it”.
The scammers posing as bank employees on the phone inform their bank customers that they are trying to withdraw money from their accounts without permission. After that, they ask them to send a QR code to supposedly “cancel the transaction”.
The criminals’ account is that the victim of their scam does not understand the technical characteristics of the QR code and treats it as a “plaid picture”. After that, after receiving the code, scammers without a PIN code can withdraw money from an ATM.
“In this case, the QR code is actually an instruction to the bank to print money without entering a pin code. Keep in mind that real bank employees never ask customers for QR codes, CBR said in a statement.
They also said that you shouldn’t give QR codes to people you don’t know, and you shouldn’t store their images in the phone’s memory or as a printout.
On February 16, the head of the Central Bank of the Russian Federation, Elvira Nabiullina, said that Russian credit institutions should be responsible to customers for the return of money stolen by fraudsters.
In the first half of January, Russian President Vladimir Putin instructed the Cabinet of Russia and the Central Bank of the Russian Federation to consider creating mechanisms in the country to compensate for funds stolen by fraudsters.
“I support the president’s initiative that banks should be accountable to their customers,” said Nabiullina.
The head of the Central Bank of Russia added that as advanced companies with modern protection systems, credit institutions must assume certain responsibilities. In his opinion, a person’s financial literacy is not always able to protect him from the tricks of intruders.
In November, the Central Bank of Russia warned Russians against scammers pretending to be Central Bank employees. The organizer said that employees of the Bank of Russia did not call and send messages and did not send photos of their IDs.
Attached to the post is a photo showing the fake identity of a “senior central banker”. “Document” has an external similarity to a driver’s license.
As stated in the Central Bank, real employees of the Central Bank do not send photo IDs.
“Through these fake accounts, the attackers are trying to convince people that their money is at stake and that urgent action is needed, such as a transfer to a secure account,” the report said.
The regulator also stressed that scammers are using “a wide variety of myths” to deceive citizens.