A new fraudulent scheme is actively targeting Russian citizens, particularly pensioners and individuals experiencing financial difficulties or possessing a poor credit history. This sophisticated scam involves offering virtual credit cards with a substantial limit of up to 100,000 rubles, albeit at an exorbitant annual interest rate of 99%. This information was disclosed by F6, a leading cybersecurity firm.
F6, a prominent developer of technologies designed to combat cybercrime, has uncovered this emerging pattern of financial fraud. The perpetrators entice victims by promising virtual credit cards with a 100,000-ruble limit at a 99% annual interest rate, notably without imposing age restrictions or requiring a credit history check. The primary targets for this scheme are the elderly, those facing challenging life circumstances, and individuals with a compromised credit past.
Users are prompted to register on these fraudulent websites by providing their email address and a password. Subsequently, the fraudsters attempt to use these credentials to gain unauthorized access to the victims` other online services, leveraging common password reuse practices.
F6 specialists first identified one such website in the .ru domain zone on July 7. The site was deceptively registered under the guise of a legitimate organization based in St. Petersburg. It explicitly claimed that credit card applications were approved for “almost everyone” and that a “credit history was not important.” Ironically, the homepage even featured a warning: “Beware of fraudsters!” While F6 successfully initiated the blocking of this particular site, the company cautions that cybercriminals are highly likely to establish new, similar platforms.
Following registration, victims are instructed to complete an application form and are assured of approval within just 10 minutes, followed by an online contract signing and immediate access to the “credit.” However, under the pretense of finalizing the credit card issuance, the scammers demand an upfront commission payment of 3050 rubles.
During the application process, users are coerced into providing a vast array of personal data, including their full name, date of birth, passport details, Taxpayer Identification Number (INN), Individual Insurance Account Number (SNILS), registered and actual residential addresses, as well as employment details, length of service at their last job, and personal income. This sensitive information can later be exploited by cybercriminals for social engineering attacks or sold to other illicit groups.
F6 specialists strongly advise the public to remain vigilant: do not trust promises of “guaranteed” credit card approvals for “almost everyone.” Never transfer any upfront payment before actually receiving the credit funds, under any pretext. Furthermore, refrain from making payments or entering personal data on unfamiliar or suspicious websites.
