VTB warned of a new scheme of fraudsters in WhatsApp

In Russia, the number of fraud cases related to the installation of remote access programs - SpyMax virus via WhatsApp messenger (owned by Meta, whose activities are banned in Russia) has increased. Over the past month, this scheme has become the most popular, said Nikita Chugunov, VTB's senior vice president and head of the digital business department, on November 29.

According to him, the attackers present themselves as employees of government or commercial organizations, including specialists from Mosenergosbyt, polyclinics, housing and utilities. Under the guise of checking payment, restoring access to resources or providing technical assistance, they call potential victims and offer to go to WhatsApp for a video call. Next, the interlocutor is asked to turn on the screen demonstration, allegedly to solve a technical problem. Then they send him a link to download the application, pretending to be an official service, but in fact it is a malicious virus.

After installing the pseudo-application, the user gives the scammers control over his device and access to personal data on the phone. The smartphone screen locks up and a "reboot" or black screen may appear. When a person is waiting for the app to be installed, a text message is received to log into the service and the content with a secret code is displayed on the screen. Fraudsters use the received data to enter a personal account on the portal of a government service or banking application, after which they transfer funds or arrange loans on behalf of the client, the credit organization explained.

"Deception disguised as help can turn into serious financial problems. While your phone screen is locked, hackers can do anything they want with its contents, including hacking into your personal accounts on government services and withdrawing money from banking applications. There is no 'back' button here," Chugunov noted.

He emphasized that the surest way to avoid fraud is not to communicate with strangers, not to follow unknown links they send, not to download applications from them.

No official organization does not ask for a demonstration of the screen, installation of applications through messengers or the transfer of passwords from personal offices of banks, recalled in the credit organization.

Earlier, on November 8, in the Post Bank said that during the sales are activated fraudsters. As specified in the credit organization, the attackers, offering the most profitable offers, transfer users of the network on third-party sites. As a result, buyers can be left not only without money and goods, but also with loans.