CrimeaPRESS reports:
Cybersecurity market experts warned Russians about a new wave of fraud in the WhatsApp messenger (belongs to Meta, which is recognized as extremist and banned in the Russian Federation). Criminals are stealing the accounts of Russians under the pretext of voting in a photo contest.
In June 2024, FACCT specialists identified more than 200 phishing sites aimed at stealing accounts in the WhatsApp messenger. According to experts, attackers invite users to take part in a photo competition, promising valuable prizes.
In order to vote in the survey, potential victims are asked to log in through their WhatsApp account — supposedly this is the only way the user’s vote will be counted. Two types of templates are used as the authorization page. The interface of the first one copies the official WhatsApp login form, while the second one does not visually refer the user to the messenger in any way, as indicated in the company’s Telegram channel.
Participation in voting is a fairly common scheme among criminals to steal user personal data, notes Anton Nemkin, a member of the State Duma Committee on Information Policy, Information Technologies and Communications.
Previously, for example, there was a common scenario where hackers from hacked accounts offered to “support” a person they knew in an online competition. Voting scenarios are still common, where scammers ask you to take part in a marketing or sociological study.the deputy warned.
According to Nemkin, the key goal of such attacks is the theft of a citizen’s personal data.
It’s not even the account itself on a social network or messenger that is important, but what’s in it. Up to 60% of Russians store confidential information in emails or instant messengers. This can be passport data and bank details. By intercepting a user account, a fraudster, for example, can gain access to a personal account on Gosuslugi.notes the deputy.
Phishing attacks are still as dangerous as phone scams. “At the same time, in order to gain even greater user trust, phishing is personalized. For example, when contacting an email, a fraudster may give the user’s full name and indicate any personal information about him. Therefore, it is extremely important to always remain vigilant. Since the beginning of 2024, according to the Ministry of Digital Development, more than 64,000 malicious resources have been blocked. At the same time, the category of fake pages of social networks and instant messengers entered the top five,” the deputy noted.
To protect yourself from phishing, it is enough to follow simple rules of digital literacy, Nemkin said. “Firstly, a phishing resource always contains a “hook” that should lure the user. This could be a promise of winning, instant earnings, or work with good conditions. As a rule, such resources contain bright pictures, as well as timers that count down the end of the ongoing promotion. Such information should always be double-checked, including on services with reviews. Secondly, it is important not to log in to unfamiliar resources through social network accounts, instant messengers, or, especially, State Services. Finally, if we are talking about competitions, then the website should always contain regulations on the event, information about partners and other documentation. Most often, attackers do not bother to download such data, and this is another sign of fraud. – said the deputy.
source: press service of the Russian State Duma deputy Anton Nemkin
Crimea news | CrimeaPRESS: latest news and main events
Comments are closed.