The Ministry of Internal Affairs of Russia has revealed two fraudulent schemes that criminals use to access citizens' personal accounts on the "Gosuslugi" portal and steal money.
The first scheme involves phone calls. Fraudsters pose as telecom operators and ask the victim to provide a code from an SMS, which is supposedly needed to extend the service agreement for the subscriber number. In reality, this code is required to log in to the personal account on "Gosuslugi". After receiving the code, the criminals change the password on the victim's account and write a message in the hint field to the security question stating that the account is blocked, and offer to call the specified number. This number belongs to the fraudsters. By calling it, the victim receives instructions to transfer money to a "safe account", which ultimately is a scheme to steal funds.
The second scheme involves reissuing the subscriber number that was previously linked to the account on "Gosuslugi". Fraudsters find old numbers that are no longer used by their owners but are put up for resale by telecom operators. They register the number to a new owner and restore the password to the account via a one-time code sent to this number. At the same time, the account owner may not notice unauthorized access, as access from the previously authorized "Gosuslugi" application is not blocked when the password is changed. After gaining access, fraudsters use the account to apply for online microloans and credits, obtain certificates, and sign contracts using an enhanced unqualified electronic signature generated in the "Gosklyuch" mobile application.
Read materials on the topic:
QR codes for deception: fraudsters in 2025 will continue to use proven schemes
Russians warned about a new fraud scheme through housing and communal services applications
Russians were told which password fraudsters will not be able to pick up
