In February 2026, scammers became more active, sending messages offering "15% cashback for purchases." The links lead to fake bank or marketplace websites, where attackers steal logins, passwords, and codes from SMS or push notifications. This was reported by the cyberpolice of the Main Directorate of the Ministry of Internal Affairs of the Russian Federation for St. Petersburg and the Leningrad Region.
The scheme is simple: the user clicks on the link, enters login information, and funds are debited from their cards. The target of the criminals is active marketplace buyers who are attracted by "profitable promotions."
Russian cyberpolice recommends:
- do not follow links from messages, check platforms only through official websites and applications;
- pay attention to strange numbers, e‑mails, and errors in the text of messages;
- do not enter logins, passwords, SMS codes, and codes from push notifications via links from messages;
- check cashback only through your personal account on the official website or in the application;
- if you accidentally click on a suspicious link, change your passwords, disable cards, and contact the bank.
Cashback is a return of part of the expenses for purchases or services. It usually ranges from 0.5–5%, and may be higher under affiliate programs. In 2025, the State Duma warned about fraudsters using visual copies of Telegram channels and promising up to 90% return.
Fake cashbacks are one of the common schemes for stealing money on the Internet. The main protection is checking links, using official applications and websites, and refusing to transmit personal data via messages and links.
Read more materials on the topic:
- Public figures proposed to enshrine the concept of "destructive content" in legislation
- Scammers lure data from residents under the pretext of installing new access control systems
- The State Duma was told about the schemes of fraudsters before February 23
