Scammers revive a fraud scheme on messaging networks, asking for a cash transfer under the guise of a small fee to steal bank card data
A surge of fraud activity has been observed as scammers resume operations on the network. They push a scheme that asks victims to pay a so called fee to access supposed earnings, with the goal of capturing Russian bank card information. A cybersecurity firm notes that the ruse is promoted through a Telegram channel that claims to offer a New Year gift of free gold chains and uses this lure to attract victims.
In this fraud scenario, the scammers set up fake sites that advertise jewelry lotteries. The user is told they have won a gold chain valued at approximately 250,000 rubles. The catch is that the organizers cannot deliver the prize and instead promise to cash out the full value. This setup helps the fraudsters justify asking for a payment or fee before any prize activation.
An expert from the security firm explains that the participant is required to transfer a small fee, for example 521 rubles. Once the victim completes this payment, the scammers collect the money and proceed to harvest bank card details, which can be used to access funds or make unauthorized transactions.
Data from the security team indicates that losses in these scams can reach up to 150,000 rubles per person. In some attack scenarios, the criminals obtain enough information to drain the entire balance from the victim’s account, causing serious financial damage and long lasting consequences for the victims.
There have also been reports that former Telegram users are receiving notifications about login attempts from new devices. Those alerts are exploited by fraudsters who direct users to phishing links, attempting to steal credentials or payment data under the pretense of staying secure.
Best practices to reduce risk include ignoring unsolicited messages that promise free prizes, avoiding any payment requests tied to supposed winnings, and never sharing card numbers or authentication codes. Users should verify claims through official channels, enable two factor authentication, monitor account activity closely, and report suspicious messages to the platform and financial institutions. The emphasis is on being skeptical of unexpected wins and careful about clicking on links in messages that come from unfamiliar sources, especially when they request sensitive information.
Group-IB researchers stress the importance of staying informed about evolving phishing tactics and the need for quick action when a potential scam is detected. Victims should contact their bank immediately if they suspect data has been compromised and consult official security resources for guidance on protecting personal accounts and assets. Regular account reviews, prompt phishing awareness, and prudent online behavior form the first line of defense against these deceptive schemes.