Russian cyber police are reporting another way for attackers to hack into Russians' accounts on “Gosuslugi”. With this method, the victim themselves tells the fraudsters the access code.
The victim receives a message by email or SMS stating that there is an attempt to log in to the portal, with a simultaneous request to call the phone number indicated in the message. By calling this number and following all the instructions allegedly from the “portal support service”, the user loses access to their account. After that, million-dollar loans are taken out in the victim's name.
Earlier in November, another similar multi-stage fraud scheme using “Gosuslugi” became known. Attackers call people, posing as employees of “Russian Post”, and then the police, confuse the victim and extort the access code to “Gosuslugi” from them. After that, they gain access not only to all the victim's personal data, but also take out loans in their name.
Lawyers note: in modern conditions, conversations with strangers on the phone should be stopped, even if they introduce themselves as employees of the police, special services, banks or post office, and ask you to urgently perform some actions.
Read materials on the topic:
Fraudsters in Russia use spoofed numbers in 89% of calls in messengers
“Various ways of penetration”: there is a database of hackers about all Russians on the darknet
Fraudsters in Telegram have come up with a new scheme for stealing accounts from Russians
