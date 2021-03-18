Another method of fraud on the Internet has appeared in Russia, Infoteks told Izvestia. The scammers send out emails, introducing themselves as employees of lottery companies and offering victims a free ticket. Lawyers warn that winning is questionable, and getting your money back is difficult. Izvestia was trying to figure out how to protect oneself from intruders and not buy into their promises.

You “won”

Lotteries, thanks to their popularity among Russians, have come to the attention of phishers and scammers. In the first quarter of 2020, Kaspersky Lab detected 219 pseudo lottery fraudulent resources. In total, over the past year, it has blocked more than 80 million attempts to navigate users to various phishing resources in various categories.

The fall in income has become a forced reason for many to seek luck in lotteries. As the Infotex company said, in recent years, attackers have increasingly begun to impersonate representatives of lottery organizations and offer the victim a supposedly free ticket. According to the scenario, the winnings must be transferred to a bank card, the details of which are asked to be indicated on the fraudulent portal. At the same time, for greater persuasiveness, company names are used that are similar to real-life well-known brands.

You have to understand, explains Alexei Marchenko, head of the web content analysis department at Kaspersky Lab, that in spam attacks, attackers use a whole range of tactics and technologies to make emails as unlike as possible, and also to complicate the detection of spam mailings.

“Numerous forgeries of the sender are used, search of synonyms in the text,“ noise ”of the text with symbols from different alphabets, deliberate errors in the text,” says Marchenko. – It is extremely difficult and, often, technically impossible, to defend oneself against the entire arsenal of techniques used by spammers.

Photo: Global Look Press / Tom Weller / dpa

How to minimize the threat?

A significant part of unsolicited emails is cut off by the mail services themselves, explains Vladimir Ulyanov, head of the Zecurion analytical center. In some cases, such messages are delivered to the mailbox but are marked as spam.

– The user should understand that the visible name of the sender in the letter does not guarantee that it was really created by this person or organization, – says the head of the analytical center. – It’s very easy to fake. Further, I do not recommend following the links in the letter, especially when you cannot see exactly where it leads. Scammers also use short link services, they should be avoided. If there is a great desire to click, it is better to copy the link and first send it to the search engine. Popular search engines try to timely identify and warn users about potentially dangerous resources.

But what if you are already “in trouble”? First of all, immediately contact the bank and provide all the necessary data to stop the transaction. In some cases, it is advisable to immediately reissue the card.

Still, the best way to protect yourself is to ignore such “lottery” letters or carefully check the reliability of the resource. , says Anna Mikhailova, an expert of the Angara group of companies. “Find the official site of the lottery site in a search engine and compare its certificate with the certificate from the mailing list: the signature chain and the name of the organization must match. Another, more preferable option is to take part in the drawing on the official resource, ”she said.

Photo: Global Look Press / imageBROKER / Valentin Wolf

– Beware of emails that contain spelling or grammatical errors, are prompted to follow a link, ask for your personal information (such as credit card and bank account numbers, date of birth, passwords, etc.), ask to forward a message, and also offer to click on link to “activate” a certain function, – strongly advises the head of Avast in Russia and the CIS Alexey Fedorov

However, “if you didn’t manage to enter the CVV code, the situation is not so critical – the money will not be directly debited. Nevertheless, for example, your card number can be used to commit other fraudulent activities, – explains Konstantin Kamanin, head of the Solar MSS services development department at Rostelecom. “If you left full data to spammers and the money was written off from you, you should urgently contact the law enforcement agencies on the fact of fraud.”

What else is in “fashion” for the criminal community?

The ingenuity of Internet crooks is truly limitless. In addition to phishing related to lotteries, scammers have other “tempting offers” as well. At the same time, victims are now being passed from hand to hand. For example, users who have already suffered from Internet criminals are offered to receive compensation for participating in fake polls, unscrupulous lotteries or VAT compensation, but instead they write off money and steal bank card data.

– Fraudsters in recent months have rushed to actively use the “defrauded depositor syndrome.” So in the 90s, victims of financial pyramids, succumbing to viral advertising for the return of lost funds, voluntarily carried the remaining money to structures such as MMM and became victims of a new scam, ”says Anastasia Barinova, deputy head of the Group-IB Computer Forensics Laboratory.

The scheme with fake courier delivery of goods ordered via the Internet has also become widespread. Attackers create so-called “bait lots” on popular free ad services: advertisements for the sale of goods at deliberately low prices – cameras, game consoles, laptops, smartphones. The buyer seduced by the cheapness receives a link to the phishing (fake) page of the courier service and transfers money for the goods and delivery. Of course, the victim does not receive any goods, and the seller transfers to get in touch.

Photo: Depositphotos

According to the Group-IB Computer Forensics Laboratory, the annual earnings of all criminal groups using this fraud scheme are estimated at more than $ 6.2 million, and the damage from the “courier scheme” can only grow.

Besides, A few months ago, information analysts identified dozens of phishing sites offering “cheap air and train tickets.” After choosing a ticket and a form of payment, people were asked to enter their bank card number and CVV code. After agreeing to make the payment, the requisites got to the attackers, which the user, of course, did not even know about.

It is also unsafe on popular social networks.

– IN Instagram bloggers often run contests with prize draws. Fraudsters go to the contest account and send the participants a message: “I congratulate you won an iPhone / money / multicooker”, to receive a gift you need to pay for the delivery, transfer 300 rubles to such and such a number. Many are underway. You need to know that bloggers who run sweepstakes send prizes at their own expense, never ask anyone to pay for delivery, – says Nina Kultysheva, a financial blogger and regional head of the National Center for Financial Literacy under the Ministry of Finance.

Passion for “State Services”

But most dangerous of all are phishing mailings on behalf of the alleged “State Services”. People tend to trust the government structure and do not always check whether the sender is really who he claims to be. The Ministry of Finance of Russia resembles the rules, compliance with which will protect against fraudsters of this kind.

– If someone received a letter from an unknown address, it should be alarming, – the press service of the Ministry of Tsifra told Izvestia. – Letters from State Services come from one single address – [email protected] The letter from the State Services is always duplicated in the personal account on the portal. And now this already needs to be checked. Also, check the link that is suggested to go through. Copy it, paste it into your browser and make sure that gosuslugi.ru is written there. If the letter raises concerns, you do not need to follow the link directly.

Fake domain addresses of “Gosuslug” usually have a similar spelling or use words like propusk, posobie, etc. At the same time, most of the sites found did not host any content.

Photo: Izvestia / Tatiana Polevaya

The basics of caution

The main principle of protection against fraudsters is to be vigilant and careful. The familiar look of an e-mail is not yet a reason to perform a standard action without reading it carefully.

Always pay attention: are there any suspicious attachments in the letter and offers to open them? Do not leave your card details on suspicious resources. If any doubts arise, you need to contact the sender (by a separate letter or by phone) and check the authenticity of the message.

If possible, you should refuse to go even to trusted resources through hyperlinks from messages sent by unfamiliar senders.

Remember that even mentioning personal information that at first glance is inaccessible to fraudsters (for example, addressing by name) does not guarantee complete security. Experts warn that cybercriminals often carry out preparatory work, obtaining information about the victim from social networks.

Is it realistic to return the “flown away” money?

Lawyers advise in such a situation to contact the bank, but if you yourself provided the fraudsters with your bank data, including the payment confirmation code received via SMS, then the bank is unlikely to return the debited funds.

The victims can only expect that the law enforcement agencies will identify the perpetrators from whom it will be possible to demand compensation in court for the harm caused. … In an interview with Izvestia, the RF IC noted that the result depends on how successfully the investigation into the circumstances of the offense is carried out.

Photo: TASS / Vedomosti / Andrey Gordeev

It is imperative to attach screenshots of the correspondence with the attackers and payment data to the police report. In addition, a complaint can be submitted through the portals of Rospotrebnadzor and the Bank of Russia. These bodies are now reacting very quickly and are trying to check various suspicious “companies” as quickly as possible.

The bank will be obliged to return the stolen money in the event that the client did not violate the terms of the agreement, in particular, did not provide information to outsiders that contributed to the theft, for example, card data.

What is the responsibility for this?

This is a fairly new type of fraud, explains Nver Gasparyan, a lawyer and adviser to the Federal Chamber of Lawyers (FPA) of the Russian Federation. The crime is provided for by Art. 159.3 of the Criminal Code of the Russian Federation (fraud using electronic means of payment) and provides for a punishment of up to 10 years in prison.

Partner at the Shcheglov and Partners Law Office, attorney Musa Abdurakhmanov added that the punishment for this crime depends in most cases on the damage caused. The Criminal Code defines significant damage as a monetary amount of at least 5,000 rubles, large damage is an amount exceeding 250 thousand rubles, especially large damage starts from one million rubles.

– In the first category, the offender faces up to 5 years in prison. For the second category, imprisonment for up to 6 years is provided. In the event of a large-scale theft, the person brought to justice will face up to 10 years of freedom, – explains Abdurakhmanov. – In practice, fraudsters very rarely manage to get an amount related to large damage by sending spam letters. Basically, significant damage is caused to citizens, or less, and then in this case the offender faces a maximum imprisonment of up to three years.