The scheme of deceiving subscribers through mobile phishing is by no means new. So in 2016, a user of a popular social network published a post on his profile, urging people not to open a message allegedly received from the FSSP, as this leads to the loss of funds from accounts linked to online banking. Such cases were covered in the media in 2015 as well. Read more about what banking fraud is and what types of this crime are.
The problem of mobile fraud with bailiffs received wide publicity in January 2017, where someone, probably falling for the bait of intruders, posted a warning notice on the door of one of the Yekaterinburg branches of Sberbank under the screaming headline "Sberbank warns us."
Representatives of the bank, in turn, denied involvement in the dissemination of this information and generally did not comment on the situation, urging customers to be vigilant. They also gave recommendations on timely updating of anti-virus software and warned against clicking on links received from suspicious numbers.
In 2018, digital bailiff scams are less common but still exist. So in January, residents of the Smolensk region were subjected to a massive phishing attack.
While representatives of Sberbank prefer to refrain from evaluating what is happening, FSSP employees report that they do not practice notifying citizens about debts via SMS, and such alerts are clearly the work of intruders.
Scheme specifics
Such shadow manipulations are not technically complex, but are aimed primarily at getting into the trust of the device owner. Assessing the marginality of the scam, scammers complicate the scheme of interaction with the victim, trying to make it more perfect and inconspicuous. In many ways, therefore, it is important to understand the principle of its operation, which is as follows:
According to an alternative scheme, the phone does not reboot, and the user is directed to a copy of the official website of the FSSP - at this time the virus is doing its job. In some cases, the subscriber is asked to log in to the system in order to receive information about the debt.
It is noteworthy that Malicious notification always comes in private messages and does not spread in online messengers. In a similar way, attackers steal personal data from the victim's personal computer or laptop after opening a link received by email.
Can money be debited from the card automatically when opening a message, or is it necessary to click on the link?
Given the numerous appeals from victims not to open SMS messages sent by scammers, it may seem that this will be enough to infect the device with malware.
However, from a technical point of view, this is rarely possible, since the virus cannot infiltrate the operating system without first downloading. In addition, according to the subscribers who became victims of digital fraud, the account was reset to zero after clicking on the link, and not at the moment the message was opened.
It is noteworthy that users who own devices on the Android operating system suffer more from the hands of malefactors. At that time, IOS, which powers Apple smartphones, is less prone to infection, since the system is protected from unauthorized interference by default.
However, in both cases, nothing can guarantee security better than a skeptical user regarding links with unknown content.
You can find out in detail about what fraudulent schemes with bank cards exist and what to do if the money was nevertheless stolen.
Where to turn if it was not possible to avoid deception?
To achieve justice, you should adhere to the following plan of action:
- Freeze the account by contacting the local branch of the bank, using the services of online banking or by contacting employees by phone.
- Contact the bank and write an application, informing about the uncoordinated withdrawal of funds from the account (drawn up in 2 copies, where one of them remains with the applicant with a mark of acceptance).
- With a copy of the application, contact the local police station, fixing the act of embezzlement.
You should act immediately and contact the indicated institutions no later than 3 days from the date of the theft.
Due to the fact that the methods of fraudsters may vary, it is not always possible to find out exactly how the money was debited. In cases where the system is infected with a virus, the bank has the right to refer to the fact that the device was not equipped with the necessary security measures and refuse to return. If the client entered his data on a fake site, then this may be regarded as a violation of the terms of use.
This is where the difficulties lie, but, objectively, the probability of a return of funds still exists. The police, on the other hand, are not always able to identify the criminals, as the latter use various methods of address encryption in an effort to maintain anonymity.
We talked in detail about how to return money if it was stolen from a bank card.
The best guarantor of the safety of personal savings is the vigilance of their owner.. Do not trust information from suspicious sources, but it is better to quickly check. You can verify or refute the existence of debt on the official website of the FSSP.
In no case should you follow unknown links, and the device should be protected with a licensed antivirus. Only in this case, you can be sure that personal savings will not fall into the hands of scammers.
If you find an error, please highlight a piece of text and click Ctrl+Enter.
MegaFon and Sberbank of Russia warn about fraud when using the Sberbank Online Internet payment system.
When a computer is infected with a virus, the website of the Sberbank Online service is replaced with a fake one. The authorization data entered on it fall into the hands of attackers. In order to obtain the secret transaction confirmation code that is necessary for the successful completion of the operation, sent to the user's mobile phone, the scammers call and, posing as Sberbank employees and misleadingly, convince them to tell them the code.
The virus spreads through social networks, dating sites, "free" software, and spam emails. If the virus software detects that the computer is working in the Sberbank Online system, it connects to the scammers' control server, from which screen forms that emulate the bank's website are loaded.
Sberbank recommends that when using the Sberbank Online system, observe the information security measures that are posted on the bank's official website:
· Under no circumstances disclose your password to anyone, including employees of Sberbank of Russia;
· Check that a secure ssl connection is established and that it is with the official website of the service (https://esk.sbrf.ru). The personal account access page contains only login and password input fields;
· When you receive an SMS with a one-time password, carefully read the contents of the message. It should be entered into the form on the site only if the operation was initiated by you and the details of the recipient of funds correspond to the details of the operation in the received SMS. To cancel transactions, messages with passwords are never sent by the bank, since the cancellation of transactions in the Sberbank Online system is not provided;
· Do not use the Sberbank Online service directly from a mobile phone, smartphone, PDA, tablet, which receives SMS with a confirmation one-time password;
· If you lose your mobile device, to which the Bank sends an SMS with a confirmation one-time password, you should promptly contact your mobile operator and block the lost SIM card.
Sberbank recommends that in case of any suspicions of password compromise (permanent or one-time) by unauthorized persons (including those who introduced themselves as employees of the Bank) or requests to perform operations not initiated by you, immediately contact the Bank's help desk at (495) -500-0005, (495) - 788-9272 or 8-800-200-3747.
You can report the fact and suspicion of fraud to us by calling the Subscriber Service 0500, or by leaving a message on our
That are negotiating with Apple. “We are working with Apple so that at the operating system level there is no possibility of manipulating the functionality of the Siri device and the functionality of SMS banks,” the bank's press service explained.
The fact is that Sberbank recently discovered that the Siri voice assistant can be used to steal money from user accounts. At the root of the problem lies a rather old topic: bypassing the iOS lock screen with Siri ( and ). Not without reason, researchers have long recommended disabling the use of Siri when the lock screen is active in order to avoid various problems.
Sberbank described the following method of attacks. If an attacker has physical access to the victim's iPhone, and a bank account is linked to this phone number, the fraudster can use this for personal gain. Even without unlocking the device, the scammer can ask Siri to send a message to nine, zero, zero (900 is Sberbank's mobile bank number) and dictate to the assistant the word "transfer" as well as the recipient's phone number. Although Sberbank requires confirmation of the transfer using an SMS message, this is also not a problem. After the bank has sent the code, you need to ask Siri to read the last message again and send five digits of the code to 900. As a result, the attack takes only a couple of minutes. RBC journalists write that they tested the described method of attacks themselves, and they succeeded.
At the same time, Sberbank representatives are aware that iOS has the ability to disable Siri when the lock screen is active.
“Now the ban on this kind of manipulation is set at the level of operating system settings: in the Siri settings it is possible to block access to Siri when the screen is locked,” Sberbank says.
Journalists asked representatives of Alfa-Bank, which also has the functionality to transfer money and pay for services via SMS messages, to think about the problem. The bank responded that they were not aware of cases where their customers would have suffered due to such fraud and expressed doubt that such attacks could be widespread. “After all, we do not often leave our phone unattended,” says Vladimir Bakulin, head of the electronic business monitoring department at Alfa-Bank.
However, in order to reduce the risk of fraud, Alfa-Bank introduced a limit on the maximum amount of transfer via SMS in the amount of 500 rubles per day. “To make a transfer via SMS for a large amount, the client must create a template in the Internet bank, but still the transfer limit is no more than 25,000 rubles,” bank representatives say. Sberbank also has similar restrictions. According to the current tariffs, when transferring to bank accounts, the limit is 8,000 per day, when paying for their mobile client, the client will not be able to spend more than 3,000 per day, and transferring to a third-party phone can be no more than 1,500 per day.
