- Статьи
- Society
- Promo code for 10 thousand: how hackers deceive Russians under the guise of marketplaces
Fraudsters carried out a phishing attack on behalf of a large marketplace. They offered buyers a promo code for 10 thousand rubles, lured them to a fake website and tried to steal a messenger account. "Izvestia" found out how to distinguish hackers from representatives of trading platforms and protect themselves when shopping.
Under the guise of Ozon
Hackers conducted a phishing attack on behalf of the marketplace Ozon. This was reported in the "Bulletin of Cyberpolice of Russia" (Telegram-channel of the Department for the organization of the fight against the illegal use of information and communication technologies of the Ministry of Internal Affairs of the Russian Federation).
According to the report, the fraudsters lured users to a third-party site, outwardly copying Ozon, and offered a promo code for purchases for 10 thousand rubles. However, to get it, it was necessary to contact a "personal manager" via WhatsApp (owned by Meta, recognized as extremist and banned in Russia).
"In case of going to the messenger and following the instructions, citizens risked losing access to their account and confidential data," the Interior Ministry warned.
The Ozon press service told Izvestia that the site has already been blocked, it was done "15 minutes after contacting the hosting provider." Marketplace representatives asked users to be attentive and not to follow dubious links.
- We are constantly working with regulators and marketplace participants to combat fraud and other cyber threats. Phishing and scam resources are combated through a range of measures. Every day our anti-fraud and information security services together with our partners study public cases, monitor thousands of Internet resources, find suspicious ones among them and promptly block them," the press service said.
Frequent scheme
The scenario of leading the buyer to a phishing site or communication with the "seller" is not new, it has long been actively used by fraudsters, explains "Izvestia" GR-director of the IS-company "Security Code" Alexandra Shmigirilova. Attackers began to use marketplaces and large services simply because more than half of the population - almost 90 million people - make purchases there.
- And this is so commonplace that most people forget about caution and do not expect a trick when they see a link and the name of a familiar marketplace. Therefore, almost all schemes are somehow connected with making the user believe that he is on a legitimate resource, and force him to authorize or buy fake goods, that is, banally transfer money to the attacker's account," says the expert.
As a rule, she notes, fraudsters use the theme of discounts, special sales and personalized offers, because they are limited in time. And this forces the user to act in a hurry and not to "turn on" critical thinking.
- Another scheme, which occurs even more often - hacking into a personal account. It should be said that marketplaces attracted special attention of fraudsters when they began to link customers' cards to their profile, as well as to create various wallets where money can be stored to pay for goods. Buyers often use them to get discounts and bonuses," says Shmigirilova.
After gaining access to a personal account, criminals can transfer money from such wallets to their own accounts (or the accounts of droppers to cash out later). Or they can simply buy goods for themselves - the money will be debited from the card of the account owner at the moment of receipt.
Mechanism of deception
Criminal schemes related to marketplaces can be combined with each other. And usually, explains Cyberprotect expert Sarkis Shmavonyan, they take place in four stages:
- Fraudsters create phishing sites: these are exact copies of pages, such as Ozon, with a changed address (for example, main-ozon.ru).
- Send out text messages via messengers, SMS and email: they use the logos and style of the company on behalf of which the attackers are acting. These can be messages that a person has received a promo code or a gift, or notifications that their goods have been ordered or delivered.
- They offer to buy an item at a discount - or receive a gift, but ask for a small deposit.
- A marketplace or messenger account is hijacked.
At the same time, he adds, criminals can try to "hijack" a person's account on "Gosuslugi". To do this, they may ask to send a code from an SMS - ostensibly to receive a gift, service or discount on a large purchase.
- When stealing an account on "Gosuslugi" fraudsters can play schemes to apply for loans, receive tax deductions, initiate the procedure of alienation of property. And can also change the personal data of the user, which entails serious legal and financial consequences, - says the expert.
How to recognize fraudsters
Distinguish fraudsters from the real trading platforms and sellers can be distinguished by various signs. In this case, says the expert of "Security Code" Alexandra Shmigirilova, it is quite simple.
- The main "bell" is the transfer of communication with the "marketplace manager" in messenger. On marketplaces, all communication with the staff takes place only in a private office, and there is a special form for this purpose. Real marketplace managers have no need to transfer communication elsewhere, and if this happens, it is a reason to be wary," explains Shmigirilova.
In case a person in messenger or social network on behalf of a marketplace is offered some prize, discount or promotion, the expert advises to check it in the personal cabinet of the official application. Also in the application you can contact the support service and clarify the availability of the action - at the same time the user will have the opportunity to report fraud, so that managers will notify other users about the scheme.
- If the user is used to buying not through the application, but on the site through the browser, then first you need to make sure that this is a real site of the marketplace, and not a fake. It is necessary to check the domain name, registration data, design and content. At the same time, it is best to go to the official site from any search engine, and not through links received in messages, - concludes the GR-director of the IS-company.
Methods of protection
In order to protect yourself from fraudsters on the Internet, Izvestia experts recommend following a few simple rules.
- Get a separate card only for paying for goods on the Internet and do not keep large sums there. Make sure that the account of this card is not linked to a savings account (or other card) where money is saved or deposits are made.
- Set the status in marketplace applications - "payment only upon receipt", then it will not be possible to write off money when ordering.
- When using a marketplace wallet, do not store money there, but transfer only the necessary amount when paying for goods.
- Do not use simple and repetitive passwords on all marketplaces. The more complex the password, the harder it is to crack: for example, a password made of only numbers will take attackers only 25 seconds.
- If possible, set up two-factor identification.
- Use anti-virus solutions - they block phishing sites.
- In addition, it is important to immediately notify the security service of the marketplace in case of any suspicious transactions in your personal account. The earlier this is done, the more likely it is that you will be able to stop fraudsters at the initial stage," concludes Alexandra Shmigirilova.
According to cybersecurity experts, criminals will always use well-known brands, and over time, schemes can become more and more technological and convincing. Therefore, it is important not to do anything rash and to verify any information - especially if a person is asked to take urgent action, intimidated or offered something suspiciously profitable.
Переведено сервисом «Яндекс Переводчик»
