Remote fraudsters have started using contactless account top-ups via QR codes. According to the Russian Ministry of Internal Affairs, criminals send an image to the victim via messenger and persuade them to deposit their own savings or previously withdrawn funds through an ATM.
The code allows the device to identify the client and credit cash to the desired account. The victim does not need to manually enter the recipient's details – it is enough to scan the sent image and follow the criminals' instructions.
The limit for one such operation depends on the bank and ranges from 15,000 to 100,000 rubles. The money goes to dropper cards – accounts of straw persons that fraudsters use to receive and further withdraw stolen funds.
After replenishment, the criminals transfer the amounts between several involved accounts to complicate tracking. Then they can be cashed out in a region that is not connected to either the victim's place of residence or the ATM through which they deposited the money.
Read more on the topic:
- Skimming is almost gone, but caution remains: Russian Ministry of Internal Affairs named signs of ATM tampering
- Russian Ministry of Internal Affairs Reveals Main Risk: Why You Shouldn't Store Large Sums on Marketplace Cards
- Transferring 200 thousand to yourself via SBP may alert the bank: when a normal operation becomes a sign of fraud