Criminals are attacking Russians who are looking for work. They offer to install a malicious application in Telegram, presenting it as a "survey from United Russia." This was reported by the information security company F6 (formerly F.A.C.C.T.).
First, under the guise of searching for employees, fraudsters post job advertisements with high pay and other attractive conditions. To contact potential candidates, they create an account that looks like a recruiter's profile. This account has premium status, a photo in a business style on the avatar, working hours indicated in the description, and an auto-responder set up.
During communication with a potential employer, the applicant is offered to fill out a resume and sent a link to a phishing resource.
On the first page of the site, you need to enter personal data, on the second - information about work experience and skills. After that, a message appears on the screen: "Your resume is ready! To confirm sending, please log in via Telegram."
If the user enters a phone number and confirmation code from an SMS message from Telegram in the form that opens, the scammers will gain access to his account.
After that, the attackers begin sending messages offering to take a survey on behalf of the United Russia party to all contacts from the list. To do this, they ask you to download a fake mobile application that contains a malicious program for Android. After installing the application on the victim's device, the criminals gain access to her bank accounts and can withdraw money.
If the user has an iOS device, he will not be able to install the application: he will be offered to take a survey and fill out a phishing form, including a bank card number.
Experts have discovered a new method of fraud. Between February 20 and March 15, attackers used it to deceive 770 people. As a result, 5.92 million rubles were stolen, and the average damage was 7.6 thousand rubles.
Earlier www1.ru reported that fraudsters have started to use video calls to collect biometric data, including voice and facial images, in order to subsequently withdraw funds from bank accounts.
Read materials on the topic:
CB: Scammers began to use virtual images of bank cards of their victims
The State Duma will supplement the bill to combat fraud with new rules for working with biometrics