IT news

A new type of fraud - fake banking applications


Due to the removal of some bankingapplications from the Play Market and the App Store, users have a question about how to now perform the usual operations with finances. Roskachestvo experts noticed the high activity of scammers who want to take over the payment information of bank customers.

Fraudsters on social networks and telegram channelsunder various pretexts, they try to redirect bank customers to phishing pages of web versions of banking applications. Attackers rely on the inattention of customers and redirect them to phishing authorization pages to fish out personal data. Experts urge to be vigilant and be attentive to e-mails and SMS messages.

In 2021, BI.ZONE collected data on 1529 fake banks in Russia. In the first quarter of 2022, when it was announced that it was impossible to download applications from VTB, Sberbank, Otkritie, Sovcombank, Promsvyazbank and Novikombank in the Google Play and App Store stores, a wave of fake messages to bank customers arose.

The Center for Digital Expertise of Roskachestvo strongly recommends that you observe the following security measures:

• Don't click on suspicious links.Fraudsters most often send letters to e-mail, to a social network or to one of the instant messengers (Telegram, WhatsApp) to which your phone number is linked. By clicking on links from messages, you run the risk of getting to a fake page that is visually indistinguishable from the official page of the bank. Do not enter your name, phone number, passport details, payment card details, access codes and other information there.

• Use the web version of your personal account onlyon the official website of the bank. When authorizing, as a rule, the bank sends an SMS with a confirmation code for entering. It is best to keep the official link on the browser's main page or add the page to the browser's favorites.

• In any disputable situation, call the "hot line" of your bank. Remember that bank employees never ask customers for passwords, CVVs and SMS codes.

• Check the spelling of the address of the site you are visiting.

• Remember - banking applications for smartphones can be installed from the official websites of banks. To be sure, do just that.

• Regularly download updates for your browser and antivirus on your computer and mobile phone.

Signs of a "phishing" bank page:
- the presence of the mark "advertising" (as a rule, in an inconspicuous place, in the corner and in small letters);
- freezing of the page after entering the details and the appearance of an inscription on the conduct of technical work;
- the presence of spelling and punctuation errors;
– Incorrect name of the bank (malicious people often copy the corporate identity of the bank and change one or two letters in the name).

"In order to prevent and reduceof phishing sites At the end of 2021, the Ministry of Digital Development determined a contractor to create a monitoring system for phishing sites in Russia by June 1, 2022. Such measures will significantly reduce the number of fraudulent pages, but will not be able to remove them completely, so always stay on the alert and be vigilant,” comments Sergey Kuzmenko, Senior Digital Product Testing Specialist at Roskachestvo.

Source: Press Release Roskachestvo