Banks and online marketplaces often offer greater cashback to attract and encourage new and returning customers, and cyber fraudsters have been taking advantage of this in phishing attacks for several years. Dmitry Sakov, group leader of the Digital Economy League testing laboratory, told socialbites.ca.
“On the eve of the holiday, the number of fraud attacks increases, that is, in times of increased demand, the number of promotions and lucrative offers from Internet services increases. So, at the end of December 2023, a new attack plan regarding cash refunds emerged: Fraudsters pretended to be marketplace operators and offered customers to receive bonuses for delaying the delivery of goods. The person was then asked for some personal or banking data as well as a code from an SMS message. After receiving this code, attackers logged into the user’s personal account and stole goods or money. In fact, this is a common phone scam and differs only in the type of information used to gain trust. Phishing attacks, traditionally carried out over the phone, remain the most popular type of fraud in Russia and neighboring countries. It is worth noting that most calls from unknown numbers are for phishing purposes,” explained the expert.
According to the expert, a new fake refund scheme also emerged in 2024.
“On Telegram messenger, they create channels using the branding of well-known banks, add users to them and publish information about the opportunity to get a refund when clicking on a referral link and logging into your personal account. I would like to mention that even following such a phishing link can be dangerous due to the installation of malware on the device, as well as the threat of disclosure of the user’s password and other confidential information for authorization in online banking and the execution of transactions. ” said Sakov.
To protect themselves against attacks via Telegram channels, users need to limit the circle of people who can invite them to groups in the messenger’s privacy settings. You should not forget about the culture of behavior on the Internet: you should not follow dubious links or enter data if you are not sure of the source. For example, for a quick check, you can carefully look at the URL: Is it the same as the link address when logging in to online banking?
“When it comes to fraud via phone calls, the rules are very simple: do not trust calls from unknown numbers, never disclose bank card details and codes in SMS messages. To clarify information about promotions, you can always contact the support service, read about them on the website or inquire at the bank’s office,” concluded the information security specialist.
Previously in Russia started New service for online shopping.