In2security experts warned in a Telegram post about a new fraud threat tied to Russian operators. The warning describes attackers who set up phishing sites that mimic official sources of the Central Bank and the Ministry of Internal Affairs, a development reported by Lenta.ru. The fake pages are designed to resemble genuine government portals, right down to the logo, layout, and even the kind of information a caller might request. The aim is to create a sense of legitimacy that lowers skepticism and nudges victims toward actions that benefit the fraudsters. In these schemes, victims can encounter a call, a chat, or a link inviting them to verify employment status or background details. Once engaged, the target may be asked to confirm a supposed appointment, update personal records, or provide banking details under the pretense of a routine check. The combination of realistic visuals and a trustworthy voice makes the deception harder to detect, especially for individuals who have encountered prior communications from government channels. The report published by Lenta.ru highlights the seriousness of the threat and notes that the scenario is spreading through messaging apps, social networks, and fake search results that direct users to the spoofed sites. The warning emphasizes prudence and careful verification before sharing any sensitive data or initiating financial transfers.
Experts explain that scammers posing as Central Bank or Ministry of Internal Affairs employees often use auxiliary sites to verify the backgrounds of government workers. These sites mimic legitimate background verification portals but are designed to harvest personal information and credentials. They may request documents, access to accounts, or confirmation of employment details, while presenting the page as a security measure. Victims who click through on these pages can unknowingly grant access to accounts, expose contact details, or authorize transfers. The sites can employ common features such as official-looking seals, professional language, and plausible domain names to create a sense of authenticity. In many cases, a caller or chat agent supplies instructions that appear routine, urging the user to complete a verification step or to confirm a transaction. The risk is amplified when the user is currently dealing with an urgent matter or supposed deadline, which lowers the chance of careful scrutiny. The overall effect is a staged sense of trust that makes it easier for the fraudster to collect money, data, or both. This pattern aligns with broader phishing trends observed in recent months and underscores the need for heightened skepticism when encountering any request that involves official sources.
Experts explained that fraudsters disguise phishing resources as official websites to control the data of department employees. The sites offer victims confirmation that the calling government official can be trusted and encourage them to transfer money to a secure account. The tactic relies on a blend of branding, urgency, and procedural language that mirrors legitimate procedures. A credible-looking form may request sensitive details, a password, or even one-time codes used for account access. In many instances, the scam unfolds after a short phone or chat exchange in which the attacker frames a harmless request as part of a routine check and then directs the victim to a counterfeit site for completion. The goal is to capture credentials, payment details, and other personal data before the deception is detected. Analysts point out that legitimate government agencies rarely solicit money through informal channels or demand rapid action under pressure, making any such prompt a red flag. The best defense is to pause, verify the request through official channels, and never proceed with transfers until the official status is confirmed through legitimate portals.
Russians previously described the most popular scam schemes of 2024, and those patterns continue to surface in new variants. The core elements include official-sounding branding, a focus on urgent responses, and a push to reveal sensitive data or authorize funds promptly. The new wave uses verified-looking verification pages and subtle social engineering to produce a convincing impression. For residents in Canada and the United States, this means being especially wary of any message claiming to come from a central bank or internal affairs office, even if it cites a recent update or asks to verify an employee’s background. Practical steps include refusing to click links in unsolicited messages, checking the exact URL of any government-site landing pages, and contacting official numbers or portals directly rather than following prompts in chat windows. Security-conscious individuals are advised to enable multi-factor authentication, monitor bank accounts for unusual activity, and report suspicious sites to the appropriate authorities. The ongoing risk serves as a reminder that digital vigilance remains essential in everyday life, particularly when government-related communications touch on personal data or financial transactions.