Malefactors have learned to bypass two-factor authentication in order to steal personal data and money from Russians. They do this under the guise of selling online OSAGO policies.
Scammers register domain names containing the word "osago" or resembling the addresses of well-known insurance companies. On these sites, they create fake pages that almost completely copy the design of the original web resources of insurance companies. To find out the cost of insurance, they ask potential victims to fill out a questionnaire where they need to indicate their name, date of birth, driver's license number, vehicle information, as well as a phone number and email for communication.
After entering the data, the buyer is offered to pay for the electronic OSAGO policy with a bank card. To do this, you need to specify the card number, its expiration date and CVC/CVV code.
Scammers redirect the user to a fake payment confirmation page, where they ask to enter the payment confirmation code received from the bank. If successful, the attackers bypass two-factor authentication and receive the money.
Previously, a new way of deception in Telegram became known. Scammers are trying to "buy" user nicknames for a lot of money.
Read more on the topic:
Six new ways of deception in Telegram were invented by scammers
Legal security and remuneration: how scammers "rent" bank cards from Russians
The Ministry of Internal Affairs told how to protect data from leaks
