Krympress reports:
Fraudsters create accurate copies of sites of well -known insurance companies, which offer to buy an insurance policy. But when the victim enters data for payment, its funds are kidnapped, according to the materials of the Ministry of Internal Affairs (publishes RIA Novosti).
Attackers register a domain name containing the word “Osago” in the name or resembling the name of one of the well-known insurance companies. This domain contains a phishing site whose pages almost completely copy the design of the original web resource belonging to the insurance company.
The site collects not only the user data-the name, date of birth, the number of the driver’s license, the data about the car, the phone number and the e-mail for communication, but also offers to pay for the electronic insurance policy using a bank card: indicate the card number, the end of its action and the VC/CVV code. The payment of the payment of payment is also fake: there they ask to enter the payment code received from the bank there. In case of success, attackers bypass two -factor authentication and receive money.
Fraud with fake sites of insurance companies is one of the most technologically complex and dangerous schemes, says Anton Nemkin, a member of the State Duma Committee on Information Policy, Information Technologies and Communications, the Federal Coordinator of the Digital Russia party project.
Attackers use phishing, falsifying the official site to the smallest details: corporate identity, logos, page structure, payment interface. This creates a complete illusion of safety and legitimacy of the resource. Those who first draw up an electronic policy or do it in a hurry are especially vulnerable, for example, before a trip— added the deputy.
The key goal of these sites is not only theft of money when paying for a fake policy, but also collecting personal data: passport information, car data, bank card details. In the hands of attackers, this information can be used again — for access to other financial services, processing loans or sales on shadow forums. It is especially dangerous that criminals can cost even two -factor authentication, imitating the requests of banks in real time, Nemkin explained.
To protect yourself, it is important to check the authenticity of the site before entering any data. A reliable way is to go to the sites of insurance companies only through official sources: by searching in the register of the Central Bank of the Russian Federation or by direct links indicated on the site itself. It is also worth paying attention to the domain name: even an insignificant error or an unusual ending (.net instead of .ru, for example) — an alarming signal— concluded the deputy.
Source: press service of the State Duma deputy Anton Nemkina
Crimea news | Krympress: Latest news and main events
Comments are closed.