In Moscow, phone scammers swindled 25 million rubles from a 78-year-old pensioner, the Moscow Prosecutor's Office reported. The scheme began with a message allegedly from a free ad platform. The woman clicked on the link, after which the fraudsters stated that she was "caught." Then followed calls: a fake representative of Roskomnadzor reported a hack of the account on "Gosuslugi", and fake law enforcement officers convinced her to urgently save her savings. The pensioner withdrew 25 million rubles from her accounts and transferred them in two tranches to couriers, naming the code word.
Deception technology: phishing link and multi-stage legend
The scheme combines classic phishing with social engineering. At the first stage, the victim receives a message (SMS or messenger) on behalf of a legitimate service - in this case, an ad platform. The link leads to a fake site where attackers either collect credentials or simply record the fact of the transition. After that, the victim is called, using the "number spoofing" method, and introduced as employees of Roskomnadzor, and then - law enforcement agencies. The legend is based on the fear of losing access to "Gosuslugi" and savings.
Stages of the scheme:
- Phishing link - a message on behalf of a well-known platform (marketplace, ad service, bank). Clicking on the link informs fraudsters that the victim is ready for further action.
- Call from allegedly "Roskomnadzor" - a message about an alleged hack of the account on "Gosuslugi", intimidation.
- Connecting "law enforcement officers" - a second call (or transfer to the "duty station") to convince you to urgently cash out funds and transfer them to an "employee" or transfer them to a "safe account".
- Transfer of money to the courier - cash is withdrawn from accounts and transferred to the messenger (often involved through fake vacancies), which complicates the tracking of funds.
What technical means do fraudsters use
- Number spoofing: the official number of a government agency or bank is displayed on the phone screen.
- Phishing links: domains that look visually similar to the addresses of well-known services, often with errors in spelling.
- Courier delivery: instead of transfers to accounts, live couriers are used (usually involved through fake vacancies), which complicates the tracking of funds.
The Moscow Prosecutor's Office recalled: real employees of state bodies and law enforcement agencies never ask to withdraw money, transfer it to "safe accounts" or transfer it to couriers. You should also not click on links from messages from strangers.
