Attackers have developed a new scheme to steal Telegram accounts. They send false job offers on behalf of well-known organizations. Those who respond to such offers have an account created on a fraudulent website, Evgeny Egorov, a leading analyst in the Digital Risk Protection department at F.A.C.C.T., told RIA Novosti.
According to the expert, attackers use social engineering methods to gain access to user accounts. They create the illusion of an official job offer from a well-known company, which makes people believe in its authenticity.
The goal of most fraudulent schemes is to steal money. This scenario is no exception. First, there is a mass mailing of job offers. Contacts may be taken from stolen databases.
Those who responded to the vacancy create an account on a fraudulent website. After logging in to this resource, the victim receives tasks, by completing which they supposedly replenish their internal account. In order to withdraw the earned funds, the "employee" will need to pay a commission or simply enter their card details for crediting.
Similar messages, for example, come from HeadHunter. They offer specialists without work experience a salary of 90,000 to 150,000 rubles for checking the condition of scooter equipment using a mobile phone and a special device. At the same time, the "representative" of the company does not answer additional questions.
According to Egorov, attackers often use stories about employment or earning money on the Internet in their schemes, posing as employees of a well-known HR brand. With the help of malicious links, they can not only steal money from a bank account, but also spread malicious software through fake applications, as well as redirect users to fraudulent and phishing sites.
Earlier, Russians were warned about a new fraud scheme involving the use of the Mamont Trojan virus to hack mobile devices when making online purchases. Criminals create fake web resources that imitate the websites of stores that supposedly offer wholesale prices for goods.
Read more on the topic:
Fake "Gosuslugi" websites have started working in Russia
Sber and the Ministry of Internal Affairs will begin a joint fight against deepfakes
We will not waste ammunition, but we will squeeze: what will Russia do with telephone scammers
