In September, a new scammer community appeared on RuNet, whose members, under various pretexts, motivate Russians to download malicious applications that imitate delivery services and have a money-stealing function. socialbites.ca was informed about this by the press service of the information security company FAS.S.T.
The scheme itself works like this: workers (community members who lure victims to download a malicious application – editor’s note) create fake ads for the sale of goods on specialized sites. When a buyer is found and ready to pay for the goods, scammers persuade the victim to continue the conversation via messenger. In Messenger, the victim is sent a link to a malicious program that can be used to arrange the delivery. The whole myth of the worker is based on the fact that he is an individual entrepreneur and must use a special program to purchase goods and deliver them to his customers.
After clicking on the link, the victim opens a fake Google Play page, where he must download and install a mobile application that quite accurately copies the design and functionality of real online platforms. This is where the buyer must arrange delivery. During payment, the mobile Trojan captures the entered data of the victim’s bank card and sends it to another member of the criminal group (user), and then sends an incoming SMS with the transfer confirmation code to steal money from the victim’s account.
According to FACCT, bank customers in both Russia and Belarus suffered from the actions of fraudsters in September. Using the updated Mammoth scheme using fake applications over 10 days in September, attackers managed to steal almost 3 million rubles and made 76 write-offs. The average bill for a victim was 67,000 rubles.
FACCT experts remind users to follow the basic rules of digital literacy. That is, do not transfer communication to instant messengers from chats of well-known advertising services, do not follow links from strangers in instant messengers or mails, download only official applications that you find in the mobile application store or on a legitimate service website.
Zakaryan, who was previously an expert saidHow to disable phone surveillance using hidden buttons?