"Today, our Achilles' heel in countering fraud is droperism"

The fight against fraud has become one of the most important national tasks today. Sberbank reported that the effectiveness of their anti-fraud system reaches 99.9% and is ready to share its best practices with the market. On the sidelines of SPIEF 2025, Stanislav Kuznetsov, Deputy Chairman of the Board of Sberbank, told Izvestia about the latest technological advances in cyber defense and explained why it is important to stay ahead of intruders in technology, legislative regulation and in coordinating joint counteraction efforts.

— How alarming is the current situation with embezzlement of Russians' funds by fraudsters?

— According to our estimates, the volume of embezzlement from Russians since the beginning of 2025 has already amounted to about 80 billion rubles, and if the dynamics continues, it may reach 330-340 billion by the end of the year. This is more than last year. However, there is hope that thanks to the joint efforts of legislators, law enforcement officers and businesses, this trend will be broken. In 2025, a number of important legislative measures were adopted, which in their own way became a regulatory breakthrough for our country.

The implementation of the new rules at the level of the entire market: the banking community, telecom operators, authorities and other organizations will allow for a more coordinated, and therefore more successful, counteraction to fraud. But not all the innovations have entered into force yet or have only recently entered into force, so it's too early to measure the effectiveness.

— Recently, quite a lot of laws and regulations have been adopted to combat fraudsters. Which one, in your opinion, turned out to be the most effective?

— Sber was at the origin of many legislative innovations. Some of the standards are what we have implemented, tested and successfully use to protect Russians. Sber also initiated the introduction of criminal liability for the organization of drop services and participation in drop activities, the creation of a single national platform for the exchange of information between banks, telecom operators, government agencies and other organizations in order to combat fraud and other measures. Many of our and other initiatives have been heard by lawmakers and have now entered into force, will enter into force soon, or are being worked on. We are grateful to the Government of the Russian Federation, the State Duma, and the Federation Council for their caring position — the process has "started."

— The ability to block customer funds, "blacklists" of the Central Bank — can these methods of combating fraud threaten customer loyalty?

— The threat to loyalty is not at all the technical means of protection or the requirements of the regulator — any tool can be adjusted and adjusted accordingly. The real danger is borne by intruders: the affected customer instantly loses confidence in both the bank and the financial system as such.

At the same time, thousands of episodes are recorded annually in the Savings Bank, when the bank's specialists have to temporarily freeze the transactions of customers trying to transfer money to fraudsters. Indeed, some customers may be unhappy with such measures and object to the blocking, insisting on conducting a questionable operation. However, in the vast majority of situations, bank employees successfully remove the client from the influence of fraudsters. The person eventually realizes that the bank helped save his money. In this way, the bank retains the customer's trust and loyalty. And we receive thousands of thanks for their caring and responsiveness, which "broke the spell" and prevented the attackers from committing theft.

Today, our Achilles' heel in countering fraud is droperism. Young people are increasingly involved in such activities: in three years, the number of crimes involving teenage dropers has increased 74 times. For a long time, Sber has been working on its own initiative to refund funds from the accounts of the dropers. Since the beginning of this year, we have refunded 1.7 billion rubles from such accounts, which is already 700 million more than last year.

Other banks, as well as telecom operators, marketplaces, and law enforcement agencies are involved in the refund process. But all this is done without an adequate regulatory framework. Therefore, it is necessary to legislate the duty to combat drops for all banks, involve all interested organizations and departments in this work, as well as radically restructure the processes of interaction between market participants.

I believe that all banks should be motivated to deal with drops and be responsible for any gaps in this area. This is our signal to the legislators.

— What are currently the most common schemes for fraud using social engineering?

— In 2025, everyday scenarios are increasingly being used. For example, under the pretext of requesting an address for parcel delivery or checking meters, fraudsters gain trust and deceive people. We also see that scammers have targeted children and are increasingly involving them in deception.

In my opinion, one of the most dangerous and widespread schemes now is using contactless payment technology on Android phones. The fraudster calls, introduces himself as an employee of a bank or law enforcement agency, and under various pretexts — from hacking government services to illegal operations and support for the Armed Forces of Ukraine — offers to install a special NFC Gate application on a smartphone, ostensibly to protect money. After that, the victim is asked to attach his bank card to the phone and enter the PIN code.

The application reads the card data via NFC and transmits it to the scammers, who are at the ATM at that moment and withdraw cash. Or vice versa: the victim deposits money through an ATM, applies the infected device to the ATM reader, and the money goes to the fraudsters.

In the Sbera mobile application, there is a free antivirus in the Security section, which, if activated, detects this malware and notifies the user when a virus is detected. A message pops up with a suggestion to remove it.

The scammers know about our protection, so they ask the potential victim to delete the Sberbank Online application or not open it. In no case should this be done. Sberbank's customers are protected, but we see that the weekly losses from it among Russians -customers of other banks — already exceed a billion rubles.

— What is the share of fraud in social engineering in terms of quantity and volume, and how have these indicators changed over the past year and quarter?

— 85% of all scams are phone calls or messenger calls, for example, Sberbank's customers received almost a billion fraudulent calls last year. And we "beat off" all of them: either at the stage of trying to make a call, we eliminated them using the caller ID built into SberBank Online, or we stopped them thanks to an anti-fraud system that detects suspicious transactions.

The best ways to prevent scammers from stupefying your consciousness are to increase cyber literacy, develop critical thinking, avoid making decisions in a hurry, consult with family and friends, avoid chasing easy money, and call your bank yourself if in doubt. Alas, many people are influenced by intruders. There are cases when the same people were caught 3-4 times. Nevertheless, if we and other responsible organizations and government agencies had not spent time and resources on educating people and warning them about fraudsters' tricks, the number of victims would have been significantly higher.

For this purpose, Sber has created the cyber literacy portal Kibrarium, which is free and accessible to absolutely everyone. There you can get all the latest information about fraud and learn about protection methods. By the way, we are always happy when our materials from Kibraria become the basis for lessons or lectures in schools, colleges, universities, as well as in commercial and government companies. The mobile application also contains a lot of useful information, as well as a set of security services that will help protect against the most common fraudulent schemes.

— Tell us in more detail, how exactly is the fight against fraud conducted?

— There are technical ways to identify and suspend a fraudulent operation at different stages. Our anti-fraud system uses artificial intelligence technologies for this purpose. For example, calls from phone numbers listed in our database as fraudulent are automatically recognized and blocked — and we have millions of up-to-date records. AI is used to mark them as suspicious and suspend atypical operations. At the same time, interaction at different levels of protection is seamless.

For example, let's imagine this situation. Our caller ID warned that a scammer was calling, but the person still picked up the phone and started a dialogue. The next level of protection is activated: information is transferred to our anti-fraud system, and it suspends a suspicious operation if necessary. We also monitor the Darknet in real time and, if we detect any threats to our customers, we set up anti-fraud mechanisms in such a way as to protect people from fraudsters as much as possible.

If the client gave the fraudsters any data and immediately realized that the fraudster's attack can be reported through the mobile application so that the bank can instantly take action in the application, and you can block the card, access to your accounts, and deposits yourself in just 15-30 seconds. This year, the effectiveness of our anti-fraud system has reached 99.9%, which is the highest rate in the world among similar systems. Thanks to the work we have done, the amount of Russians' funds saved from fraud has already exceeded 170 billion rubles this year.

— But is one hundred percent effectiveness possible in anti-fraud?

— For this, in the very near future it is necessary to organize the closest cooperation between banks and telecom, regulators, law enforcement agencies and other departments. This can be done within the framework of the national anti-fraud platform, which is already being developed. It is not the first year that we have been talking about the creation of a coordinating body for cybersecurity. There must be a "manager" who will build a united cyber defense front in our country from all the created tools. Sber is always ready to share its technical expertise and proven services.

— What else needs to be done to make fraud a less profitable and more complex business?

— And in this part, there is a great lack of this single body that will coordinate work on countering fraudsters, including in terms of withdrawing stolen money. In this regard, we lag behind many countries in the world where such structures have been established.

Competent authorities and regulators should take a much more active approach to solving this problem. At the same time, we see that most of the stolen goods are exported to Ukraine, and 40% of the stolen goods are used to finance the Armed Forces of Ukraine. We all need to act together in a more systematic, coordinated and rigorous manner.

— Is artificial intelligence more likely to help those who are fighting intruders today, or the scammers themselves? Is there any way to adjust AI so that it is more difficult or expensive for scammers to use it?

— Without the introduction of AI into security systems, it is no longer possible for large organizations to deal with attacks on customers and infrastructure. The BEAC cybersecurity service employs about 100 AI models, we analyze approximately 500 billion events daily and make decisions on further actions for each of them — it is obvious that people cannot do this amount of work. It is especially important that almost all of our cybersecurity technologies are either our own developments or those of domestic vendors.

Of course, attackers also use AI: the number of attacks using it has increased 160 times over the past 3 years. These technologies are used to prepare and carry out DDoS attacks, the spread of encryption viruses and ransomware, Trojans, and finally, for "traditional" telephone fraud. We expect that by the end of 2026, by the end of the year, 85% of attacks will be carried out using AI.

I am a realist and I can assume that the use of AI for criminal purposes is already a new reality. These technologies are widely available. By themselves, they are neither good nor bad, it all depends on the people who use them. Therefore, just as the state is fighting classical crime, it is necessary to take measures to counteract crimes using new technologies, and organizations should use these technologies to protect themselves and people. It is important for us to be more mobile and stay ahead of criminals in technology, legislative regulation, and coordination of joint efforts.

— What are your forecasts on the use of AI technologies for fraudulent purposes and in order to ensure the cybersecurity of citizens, the state and business?

— Deepfakes are already a systematic threat. We record attacks using this technology against both people and organizations. Deepfakes are actively being introduced into classic fraudulent schemes in Russia and abroad. They are used by scammers as an element of social engineering. Voice or video forgery helps intruders gain trust in order to steal money as a result.

Moreover, AI technologies will soon erase language boundaries for intruders. The scammer will speak or write in one language, and his victim will hear and read another language online, native to himself. In tandem with deepfakes, this is the most powerful cyber weapon of scammers.

— Is there any way to protect yourself from this threat?

— From a technical point of view, there is no difference whether a deepfake is used in a fraudulent scheme or not — deepfakes "hack" people, but not anti-fraud systems. In Sberbank, such operations are successfully detected and blocked in real time, but not all people and organizations themselves can identify a deepfake and stop communicating with a fraudster, protect customers.

Sber has patented an AI-based technology that makes it possible to effectively detect deepfakes. While the internal working name of the service is "Alethea", its efficiency now reaches 98%. We plan to open public access to it. We consider it important that such solutions be integrated a priori into all digital products and services in which deepfakes can be used. First of all, this is relevant for the media, social networks, telecom operators and various network resources that distribute video and audio content on the Internet. It is also necessary to introduce separate responsibility for the use of deepfake for criminal purposes. People should be protected from deepfakes, and the task of business and the state is to ensure this protection.