A report from Sberbank outlines a new fraud scheme that leverages deception around software titled Sber 2.0 or Sberbank Support. In this scheme, attackers pose as legitimate bank staff and persuade customers to install the very programs that are claimed to be official. Once installed, these remote access tools enable the criminals to interact with the victim’s device, accessing sensitive information and potentially diverting funds. This admission came during the Eastern Economic Forum, where Stanislav Kuznetsov, the deputy chairman of Sberbank, spoke about the evolving nature of fraud in the digital era.
During a press briefing, Kuznetsov described the tactic in practical terms. The attacker makes a phone call to a customer and pretends to represent a Sber employee. The goal is to convince the customer to install Sber 2.0 or Sberbank Support on their device. The fraudsters rely on the appearance of legitimacy, leveraging social engineering to persuade users to grant remote access and trust the instructions they receive. The installation, if completed, creates a channel for ongoing access to the device, and with that access, attackers can monitor activity, capture credentials, and manipulate account information as needed to facilitate theft.
Security experts from Sberbank stress that customers should treat any request to install software from a third party with extreme caution. Even when the request seems to come from a familiar source, users should verify the identity of the person requesting access and confirm that the software is an official release from the bank. Sberbank notes that legitimate updates and notices about the need to install new versions of its apps are communicated directly through the mobile application or by official channels, such as a recognized customer service line. Any other method should trigger suspicion and further verification before proceeding.
Another important point raised by Kuznetsov concerns how criminals adapt their methods to maximize impact. A new trend involves attempting to recruit more than one family member into the scheme at the same time. After a victim consents to transferring funds, the fraudsters pivot to questions about relatives, urging the victim to help others in the family or involving relatives in the financial flow. This approach increases the risk of larger, more systemic losses and creates a chilling effect within households, where fear of financial ruin leads to ongoing distrust and alarm across relatives.
From a broader perspective, the incidents underscore a persistent pattern in modern fraud: success hinges on the social engineering layer rather than on sophisticated technical exploits alone. Criminals exploit the default trust people place in familiar brands and voices, then exploit that trust to install tools that bypass normal security checks. Bank customers must adopt a cautious, methodical approach to any request that involves installing software or sharing access to devices. Verification steps should be standard practice, including contacting the bank through official numbers already on file, seeking confirmation of any new software requests, and avoiding impulse actions prompted by urgent alerts or calls. Keeping mobile devices updated with the latest security patches and enabling multi-factor authentication adds another layer of defense against unauthorized access. In the event of doubt, users should pause and reassess, knowing that legitimate bank communications are designed to minimize risk while maintaining clear, verifiable channels for updates and support.
Experts emphasize that the best defense is awareness coupled with a straightforward set of habits. Never install applications based on unsolicited prompts, even if they appear to come from a trusted source. When in doubt, close the call and initiate contact through official channels. For those who suspect they have fallen for a counterfeit prompt or who notice unusual activity in their accounts, immediate reporting to the bank is essential. Early detection can limit the extent of any damage and enable rapid remediation actions. The bank further reiterates that updates to its own apps are communicated via verified in-app notifications or through official, published contact methods, ensuring that customers have reliable ways to confirm authenticity before taking action. In an environment where fraudsters continually refine their tactics, maintaining a healthy skepticism toward unexpected software prompts remains a practical and effective safeguard against significant financial loss.