Fraudsters have begun using the Max messenger to deceive users, according to an MTS cybersecurity report. According to Andrey Biichuk, director of the Defender service, isolated cases have been recorded, but they indicate the testing of new schemes that may be applied on a massive scale.
As the Kod Durova portal found out, attackers pose as Max employees and try to gain access to personal data under the guise of connecting additional security measures. Calls are made via mobile communications, not through the messenger. The subscriber is informed of the need to register in the "national messenger" and activate an "security account". To do this, they are asked to dictate the code from the SMS, which actually comes from "Gosuslugi".
Fraudsters claim that Max is a government service and is connected to other digital platforms, including "Gosuslugi". This is how they explain why a code from state systems is required to activate the messenger functions.
One of these calls was also received by the editors of Kod Durova. The caller used a standard scenario — he announced the launch of a new state messenger and insisted on the urgent activation of an "security account".
The Max press service emphasized that messenger employees do not call users.
Read more on the topic:
National messenger Max will exit beta in fall 2025
Max messenger received permission from the FSB to connect to "Gosuslugi"
