A leading figure in cybersecurity research, Shamil Magomedov, who heads a department at the RTU MIREA Institute of Cybersecurity and Digital Technologies, highlighted a troubling trend in financial crime. Fraudsters have learned to exploit the screen sharing feature on smartphones as part of a new theft scheme. This report summarizes the evolving method and offers guidance on how to recognize and prevent such attacks. In many recent cases, the operators have staged themselves as representatives of major banks, prompting victims to engage in remote screen interactions that appear legitimate on the surface but are used to extract sensitive information. The growing sophistication of these scams underscores the need for heightened awareness among banking customers and the general public.
Investigators explain that the criminals typically operate in pairs. They begin with a cold call or contact through popular messaging apps, posing as bank employees or technical support staff. The request to enable screen sharing is framed as a simple step to triple check account security or to resolve a supposedly minor system glitch. Once screen sharing is active, attackers can observe details shown on the victim’s device, such as account numbers, transaction prompts, or authentication codes. This access can make it possible to perform unauthorized actions or collect enough data to compromise a personal banking profile. Experts stress that the real goal is to harvest credentials and other security information that would let criminals breach accounts or perform fraudulent transfers.
Security professionals emphasize a clear rule of thumb: bank personnel never initiate contact via messaging apps or video calls to troubleshoot accounts. Genuine bank staff will direct customers to official channels for any assistance, and they will not request screen sharing or remote access to personal devices. If an offer to provide remote help arises, it should be treated with extreme caution and met with skepticism. Safe practice is to end the conversation and contact the bank directly through verified numbers or official websites. This simple precaution can prevent the kind of data exposure that scammers seek during screen-sharing episodes.
Public authorities have repeatedly cautioned that the primary instrument of these scams remains the telephone. Voice calls give scammers a sense of legitimacy and a chance to pressure victims into divulging sensitive data or authorizing transfers. Hearing a familiar voice might lower a caller’s guard, so it is crucial to independently verify any banking concern with a callback using trusted contact information obtained from an official source. The persistence of voice-based fraud demonstrates that attackers adapt quickly, combining social engineering with basic digital tools to maximize success.
Earlier advisories pointed out that many victims fall for quick wins and outdated online habits. Passwords can be cracked rapidly when not protected by strong, unique credentials and multi-factor authentication. Modern security guidance recommends adopting layered defenses, including hardware-backed authentication, time-limited codes, and regular auditing of login history. Keeping software up to date and using reputable security apps can reduce risk, but the human factor remains a critical vulnerability. The best defense is skepticism toward unsolicited help requests and a habit of independent verification when any unusual request appears in the course of digital banking. By staying informed and resistant to pressure tactics, users can maintain greater control over their personal information and funds.