But without waiting in line: how scammers deceive Russians under the pretext of making an appointment with a doctor

Scammers began to deceive Russians under the pretext of a quick appointment with a doctor. They offer to reduce the waiting time for an appointment by downloading an application to view free coupons, and in fact, they get full access to someone else's phone. Izvestia found out how the new scheme works and how to protect against it.

The scheme of deception

Fraudsters have come up with a new way to deceive Russians under the guise of making an appointment with a doctor. This was reported by TASS with reference to the materials of the Ministry of Internal Affairs of Russia.

According to the agency, scammers contact the victim in messengers and ask how long it takes her to register at the clinic. If a person has complaints, the criminals listen to them, and then offer a "solution" — install a special program on the phone to view free coupons.

Photo: IZVESTIA/Anna Selina

As a result, the victim downloads a file that actually turns out to be a remote access program to the phone. With its help, fraudsters can log into any application, including online banking, and steal existing savings.

The Interior Ministry urged Russians to be careful not to download anything at the request of unknown persons, no matter who they might be. In addition, they advised not to disclose any personal information over the phone.

Different scenarios

According to Alla Khrapunova, curator of the Moshelovka platform, schemes where fraudsters use remote access programs to their phones are becoming more common today, and this trend will continue to develop. It is related to the fact that people have become less likely to tell strangers SMS codes, and the Gosuslugi service has introduced a procedure for blocking the download of sensitive data.

Photo: IZVESTIA/Sergey Konkov

— But the ability to manage applications on the victim's device (banking and others) is still interesting for intruders - you can steal money without additional legends and further dialogue with the victim. Such programs can intercept incoming SMS and push notifications, so the owner of a phone, tablet or computer will not even suspect a threat," explains Khrapunova.

At the same time, she adds, scammers choose the most sensitive pretexts for installing software, such as health-related ones. Experts have come across similar cases with suggestions to undergo a medical examination, come for fluorography, or update data on the compulsory medical insurance policy in the databases.

— The current legend of accelerated recording is a traditional modification that addresses the pressing problems of service consumers. Scammers carefully monitor the news background and people's complaints," the Moshelovka curator notes.

In other frequent variations of the scheme, adds Ekaterina Edemskaya, a cyber expert and engineering analyst at Gazinformservice, fraudsters can pose as representatives of banks, mobile operators warning of an "expiring" contract, or courier services that have "lost" a parcel.

Photo: IZVESTIA/Dmitry Korotaev

— Recently, the topic of public services has also been actively exploited — fraudsters offer to download a "new version" of the Gosuslug application or a utility for accelerated payment receipt, warns Edemskaya.

At the same time, Alexandra Shmigirilova, GR director of the Security Code Information Security company, notes that elderly or employed people are most often affected. The former are influenced by scammers through low digital literacy, the latter are attracted by the possibility of a quick solution to the problem, which is why they often neglect to check the offer.

Risks of schemes

According to cyber experts, the main risks of such schemes are that a person voluntarily gives attackers full access to their device without even knowing it. The remote access program allows you not only to log into an online bank and transfer money, but also to intercept confirmation codes, which means that you can actually bypass any levels of protection, including two-factor authentication.

— Moreover, criminals can view personal correspondence, copy photos, documents and other sensitive information, which goes beyond financial losses and can lead to blackmail or the sale of data. Additionally, there is a risk that other malware will be installed on the phone through such an application, which will remain even after removing the main tool, says Ekaterina Edemskaya.

Photo: IZVESTIA/Dmitry Korotaev

In fact, adds Alexandra Shmigirilova, a person transfers his digital identity, money and important data to fraudsters. The user may also find himself in a situation where his name will be hacked or his contacts will be asked for help, and he will not be able to warn them. The scammers use the information they receive immediately or sell it to other scammers for further action.

The main problem is that such programs can disguise themselves and often look like legitimate services, which is confusing and reduces alertness.

Methods of protection

In order to protect yourself and your device from scammers, Alexandra Shmigirilova advises installing any applications only from trusted stores and platforms. Before downloading, you need to make sure that the program really exists and it has no reviews about fraudulent activities. In case of doubt, it is better to abandon the installation.

Photo: IZVESTIA/Dmitry Korotaev

— It is worth recalling that government employees do not call or offer software downloads over the phone. All the necessary information about existing applications can be found on the official websites of government organizations, so it is important to check the data before downloading. It will take a little time, but it will help protect your phone and personal data in the future," says the GR director of the Security Code Information Security company.

In turn, Ekaterina Edemskaya advises installing an antivirus or a solution for protecting mobile devices on the gadget, which is able to detect remote access programs and block them. In addition, it is important not to share personal and payment information on the phone and explain this to elderly relatives, or simply block incoming calls from unknown numbers.