Fraudsters are also starting to change their schemes and scripts.

[tanjimajuha20]

"Despite the fact that the number of attacks is still high, this year there has been a gradual trend towards a decrease in the activity of attackers. At first, they switched to Internet channels, and due to the tightening of the identification policy, attacks in messengers also began to decrease. With the development of remote technologies, users need to take the protection of personal data and funds in bank accounts more seriously. Increased vigilance and financial literacy of clients, together with banking security tools, increase the share of money saved from fraudulent attacks," said Nikita Chugunov, Senior Vice President of VTB, Head of the Digital Business Department.

"For older people, this is communication malta whatsapp number database on social networks from intercepted accounts in the hope that the other party will not pay attention to the slightly different communication style of the other party. For advanced users, this is hacking, "catching" passwords, skillful introduction of encryptors, exploitation of vulnerabilities in software. In my opinion, there are no fewer of them," - such techniques, according to Viktor Bondarenko, will be increasingly used by attackers to attack ordinary people.

"All new schemes at the moment are, in fact, modified old schemes. The desire to gain the victim's trust, create a favorable psychological background for the attack and try to gain access to cards, accounts and personal data. In addition to telephone communication, instant messengers and social networks can be actively used," Lev Afanasyev believes.

Mikhail Sergeev believes that criminals will increasingly use synthesized voice recordings to impersonate a client or bank employee. He also believes that social engineering methods will not disappear to deceive victims and gain access to bank accounts.

"We do not see a decrease in telephone fraud - for example, the scheme with an attempt to intercept remote access to DBO is still active. Some classic schemes, on the contrary, have transformed and become more effective. For example, scammers count on the fact that a subordinate will not be able to refuse a boss and will do everything he asks. To be convincing, criminals create clone accounts of heads of state institutions and enterprises in messengers and enter into correspondence with subordinates on their behalf. In September-October, we recorded a whole wave of such calls, - the FACCT press service warns - There are two most common "horror story" scenarios used by telephone scammers. In the first, employees of the organization allegedly suffered a fraudulent attack - as a result of the leak, funds in their bank accounts and deposits can be stolen, and loans are issued in their name. In the second case, one of the employees of the organization is engaged in financing terrorism. To be convincing, the employee is sometimes even sent a "letter from the FSB", of course, a fake one. Then the "curator" tries to extract personal data, information about the company, etc. Thus, the criminals can achieve two goals with one call - collect information that they use in further attacks, and simultaneously launch a classic script about the need to transfer money to a "safe account" or early repayment of the loan that the fraudsters are going to take out. To avoid blocking the transfers, the victim is asked to withdraw the money from an ATM and hand it over to the courier."

Viktor Bondarenko believes that switching to attacks on businesses, in particular, on remote banking systems (RBS), is very promising for fraudsters: "Intruders have attacked, are attacking and will attack RBS systems. And cybersecurity services have a lot of work to do. The main thing is to choose the right tactics for protecting information. Not just mindlessly protecting everything, satisfying the requirements of regulators. A real security specialist must act in the interests of his company's business. Identify the most vulnerable places in this business, then from this array determine what is subject to causing maximum damage to the company, and organize information security work specifically from this segment, fulfilling the requirements of information security regulators, gradually moving to more fortified areas."

Alexander Vurasko also points out that the spread of attacks on remote banking systems is limited by their complexity compared to traditional telephone fraud: "Attacks on remote banking systems can be very effective, and they cannot be discounted, but the black market is also a market with its own rules. The schemes that demonstrate maximum profitability with minimum costs win. Despite the fact that similar sociotechnical techniques can be used in the process of attacks on remote banking systems and telephone fraud, in general these areas overlap little. Unless, of course, we call situations when telephone fraudsters persuade the victim to install a remote administration program on the phone attacks on remote banking systems."