Interference with the law: how scammers arrange virtual car parking for drivers

Fraudsters can arrange virtual car stops for Russian drivers, using various schemes to deceive them, experts have warned about this. The attackers speculate on insurance, fines for traffic violations, toll roads, and use many other pretexts to steal both money and personal data of victims. Read the Izvestia article for details on how virtual auto-shutters are arranged, what schemes scammers use and how to protect themselves from them.

Why Russian drivers are interesting to scammers

Motorists may be of interest to online scammers for several reasons at once, Ekaterina Edemskaya, a cyber expert and engineering analyst at Gazinformservice, says in an interview with Izvestia. First, drivers regularly interact with online platforms to pay fines, parking, insurance and maintenance, which creates a vast digital space in which it is easy to fake the interface and mislead the user.

"Secondly, there is widespread trust among drivers in SMS and e-mail notifications from government agencies, which makes them susceptible to phishing and social engineering," says the expert.

In addition, cars often contain confidential data, from trip history to payment information in multimedia systems, which in turn makes them an attractive target for tech—savvy intruders. All this creates favorable conditions for attacks combining classical schemes with modern digital technologies.

Photo: IZVESTIA/Sergey Konkov

The automotive industry is quite capacious in terms of money turnover, and owners of even the most expensive cars invest quite significant amounts, for example, for regular technical inspections with the purchase of consumables, adds Alexey Korobchenko, head of the information security department at the Security Code company. Therefore, fraudsters choose drivers as potentially solvent victims.

Theater on wheels: car insurers complain about fraudulent drivers

Who helps unscrupulous motorists

What schemes of deception of motorists have already been found on the Web

Cybersecurity experts have repeatedly encountered fraudulent schemes on the topic of deceiving drivers online. According to Ekaterina Edemskaya, one of the most common among such schemes was sending false notifications about fines or blocking registration data with an urgent offer to click on the link and pay the debt.

— Such messages often contained links to phishing sites that mimic official portals, — says the interlocutor of Izvestia. — There were also fake car sales sites where the attackers placed non-existent vehicles at an undervalued price, demanding prepayment for "booking" or "delivery".

In addition, fake applications were actively used, allegedly designed to diagnose cars or check technical inspections, which gained access to bank data during installation, Ekaterina Edemskaya notes. In turn, Olga Altukhova, senior content analyst at Kaspersky Lab, says that the company's specialists encountered a scheme in which attackers sent fake messages to users via e-mail or SMS about the need to pay for travel by clicking on one of the links.

Photo: Getty Images/brightstars

These links led to fake resources where it was suggested to enter the car number, phone number and e-mail. After that, the victim was shown the amount that allegedly needed to be paid. However, in fact, in this way, the attackers lured people's money and their data, which the scammers could later use to increase the credibility of their lures.

"Some of the common fraud schemes involved fake spare parts stores," Alexey Korobchenko adds. — On such sites, scammers offered various car parts at attractive prices, but either took an advance payment and disappeared, or provided low-quality goods. The legends of "traffic police officers" or "insurance representatives" were also popular.

Delivered and left: the Russian Armed Forces ordered drivers to return to the scene of an accident

Transporting the injured to the hospital does not release them from responsibility for leaving the scene of the accident.

What schemes of cheating drivers may appear in the future

With the development of artificial intelligence (AI), we can expect the emergence of more complex and personalized virtual schemes to deceive drivers, says a data analyst at the Coordination Center for domains .RU/ in an interview with Izvestia.Russian Federation Evgeny Pankov. Neural networks already allow you to create realistic audio and video clips, and in the future, with their help, fraudsters will be able to analyze the behavior of drivers, their routes and digital footprint in order to come up with the most plausible personal scenarios of deception.

— We can expect the appearance of deepfakes in the form of video calls from alleged traffic police officers or insurance companies with accurate visual and voice reproduction of real officials, — predicts Ekaterina Edemskaya.

Photo: IZVESTIA/Anna Selina

Nowadays, many insurance companies offer their services in an online format, including remote registration of necessary insurance policies, Alexey Korobchenko notes. In this regard, we should expect an increased trend with schemes involving fake insurers, mainly due to the larger-scale introduction of AI-based technologies.

Fraudsters can create fake accounts that mimic real insurance companies, and, for example, simulate a working office by using a fake video, the expert predicts. There may also be schemes in which such "employees" offer the installation of various software, which supposedly should facilitate interaction with the insurance company, but in fact will be malicious.

— There are also likely cases of malicious codes being introduced into smart transport systems, when intruders will be able to intercept car control, lock doors, or collect information about driving routes for further blackmail, — says Ekaterina Edemskaya.

Photo: IZVESTIA/Sergey Lantyukhov

As voice assistants develop inside cars, there may be cases when compromised devices will start playing fake commands that encourage the driver to switch to malicious resources or perform unsafe actions, the specialist emphasizes.

How to protect yourself from virtual auto-install scammers

The basis of protection against fraud schemes directed against drivers is digital hygiene, says Yakov Filevsky, an expert in sociotechnical testing at Angara Security, in an interview with Izvestia. It is important to regularly update applications and the operating system, use two-factor authentication, and create complex, unique passwords for each service.

— Do not follow links from suspicious messages — checking information sources is critically important, — says the specialist. — Check all fines and debts only through official portals — Gosuslugi or the traffic police website. At the same time, never use links from SMS or instant messengers to pay.

Photo: IZVESTIA/Dmitry Korotaev

In addition, according to Yakov Filevsky, care must be taken when using QR codes. Before scanning, make sure that the code is not pasted on top of another one. In case of any doubt, use the official applications of parking or toll road operators. It should be remembered that government agencies never request confidential data over the phone. If you receive calls from the traffic police or the bank, please call the official number for verification. If you find yourself in a suspicious situation, proceed slowly and carefully.

— Scammers create a sense of urgency precisely so that the victim does not have time to think. Always take time to reflect and consult with your loved ones or experts," concludes Yakov Filevsky.