Malicious actors, posing as telecom operators, law enforcement officers, or colleagues, are convincing Russians to download malware. This warning comes from the Department for Combating Illegal Use of Information and Communication Technologies of the Ministry of Internal Affairs of Russia.
Malicious software does not appear on a device out of nowhere. The goal of the attackers is to bypass your caution and force you to voluntarily install a malicious APK file on your Android phone.
Attackers may pose as a telecom operator and try to convince the victim to install a malicious file under the pretext of "extending the contract," "switching to a new 5G tariff," or "improving the quality of communication."
Fraudsters say that to change the number or tariff, you need to urgently change the settings in the banking application. To do this, you allegedly need to install a special program (for example, Dogovor.apk or 5G.apk). They create a sense of urgency and fear that inaction will lead to problems with communication or banking services.
Scammers may also act as a bank employee. Pretext: "you need to update the banking application," "check accrued bonuses/cashback," "protect the account from suspicious transactions."
Trick: they ask you to install an "updated" or "special protective" version of the banking application (Sber.apk, VTB.apk, CB.apk, Security.apk) in order to "check bonuses" or "transfer money to a safe account." Emotion: they play on the desire to receive benefits (bonuses) or on the fear of losing money.
Posing as employees of government agencies, fraudsters offer to update the "Gosuslugi" application, EMIAS - an electronic medical record, make an appointment, or confirm data. Scammers offer to install an "official" application or a "service" file. They may ask you to dictate or write down an SMS code in a "special" application. They use the authority of state organizations and the fear of not fulfilling an important requirement.
Under the guise of law enforcement officers, attackers may try to convince the victim that fraudsters are trying to seize their accounts and demand that they urgently check the account.
Scammers offer to install the "official" application of law enforcement agencies or the Central Bank (for example, "Kaspersky".apk, Security.apk, CB.apk) allegedly to check the balance or transfer money to a secure account.
They use authority, put a lot of pressure on fear, create panic and the feeling that only their instructions will save money.
They may also act as an acquaintance or "colleague":
Pretext: "Hi, check out these photos/videos!", "Here is a document for you (order, contract)", "There is important information about you/your number here".
They send a link or file (Photo.apk, Video-archive.apk, Order_18.02.apk, IMG.apk) and claim that it contains interesting or important content. With their actions, attackers arouse people's curiosity or intrigue, promising "important information about you."
Read more materials on the topic:
Russians were told about the dangers of self-service checkouts
Scammers disguise themselves as officials using deepfakes, calling victims via video link
"Window at customs": Russians are increasingly deceived when ordering cars from Europe
Now on home
Start of deliveries scheduled for 2027
Over 51,000 new motorcycles were sold in Russia in 2025
The car will take at least a year to assemble
The application's audience has reached 20 million users
The model will be included in the list of cars for taxis, price - from 2.25 million rubles
All parking lots of the "Administrator of the Moscow Parking Space" are connected to the service
The cars will be supplied to the Moscow Transport Service Directorate
Deliveries to India may begin in 2028
The technology provides automated search for all types of defects in power units
The plane flew 500 km, accelerating to 425 km/h
The plant stated that the information about the termination of purchases for models 6 and 8 is not true
Scientists are using the "Ekran-M" installation