Cybercriminals have devised a sophisticated two-stage scheme designed to steal personal data from Russian citizens. This innovative scam leverages the seemingly innocent offer of a “personal code” for an intercom system as its initial lure.
The fraudulent operation commences when a scammer contacts a potential victim, often demonstrating prior knowledge of their address. The imposter offers to provide a unique intercom code, falsely claiming it will allow the resident to conveniently open their building`s entrance door without a physical key. Should the victim agree to this proposition, a six-digit code is promptly dispatched to their “Gosuslugi” (Russian public services portal) account. At this juncture, the victim is led to mistakenly believe that this received code is specifically intended for operating the intercom.
The second, more critical stage of the scam quickly follows. The victim receives an incoming call via a messenger application from an individual convincingly posing as a “Gosuslugi employee.” This imposter then informs the victim of a supposed attempted hack on their account and, feigning urgency, requests them to dictate the recently received SMS code. By complying with this request and providing the code, the unsuspecting individual inadvertently grants the scammers direct access to their personal data and potentially their Gosuslugi account, thereby falling victim to the deception.
In a related development concerning evolving cyber threats, the Ministry of Internal Affairs has also reported an increase in scammers utilizing advanced neural networks to create highly realistic “deepfakes” of relatives. These fabricated images and videos are then maliciously employed for financial extortion and various other forms of fraudulent activities, highlighting the growing sophistication of cybercrime.
