Phone scammers began to use a new tool to deceive Russians. Attackers pose as employees of the Gosuslugi portal and through QR codes gain access to the personal account of citizens, Kommersant reports.
In particular, cybersecurity companies warned that scammers started calling victims on behalf of the portal’s employees. According to the scheme, attackers ask citizens to dictate a code from an SMS message, supposedly to activate or link a QR code to a user’s page. This code, as Vladimir Ulyanov, head of the Zecurion analytical center, explained, is needed by scammers to get into the victim’s personal account and get her data. Then they can, for example, use them to arrange loans or for other illegal schemes.
In their own words, the Ministry of Digital Development, Communications and Mass Media of the Russian Federation (Mintsifry of Russia) stated that they had not yet encountered complaints from citizens about such calls.
At the same time, experts note that the scheme is quite common and has already been repeatedly used on other resources. Infosecurity communications director Alexander Dvoryansky warned that the goal of the scammers is to convince the user to make a quick, impulsive decision. Previously, attackers posed as employees of a bank, the Ministry of Internal Affairs or other government agencies, Bi.Zone experts added.
Earlier it became known that fraudsters received digital copies of the documents of some users of the State Services service, and then took out loans for them. The story of one of the victims was told by the director of the Center for Legal Assistance to Citizens in the Digital Environment, Lyudmila Kurovskaya.