Mash: Scammers Impersonating Admissions Staff Steal Gosuslugi Codes
The active period for university admissions has unfortunately become a breeding ground for fraudsters. The Telegram channel Mash has uncovered a new deceptive scheme targeting prospective students.
Scammers are reportedly obtaining phone numbers and sensitive personal data, such as SNILS and INN (tax identification numbers), through data leaks. They then contact applicants, posing as university admissions committee members. During the phone call, they claim there is an error in the applicant`s submission, a missing document, or even a lost diploma. To urgently `correct` this information, they ask the applicant to agree to a `meeting` and request an SMS verification code. This code is, in fact, used to gain unauthorized access to the victim`s personal account on the Gosuslugi (State Services) portal.
Subsequently, the applicant receives an email stating their Gosuslugi account has been blocked. A fake support service then transfers the call to individuals posing as law enforcement officers or security agents. These impersonators conduct a video call, convincing the victim that they must act quickly to prevent further damage from the `hackers` who accessed their account. They instruct the victim to take out the maximum possible loan amount, falsely claiming this will `reset` their financial profile, and then transfer the borrowed funds to a designated `safe` account controlled by the scammers.
This incident follows previous reports of varied scam tactics, including fraudsters compelling victims to leave cash savings in mailboxes under the guise of `protecting` their funds. These deposited sums are later retrieved by an accomplice courier.
