- Статьи
- Internet and technology
- Take as much as you want: how fraudsters remove self-locks on loans from Russians
Take as much as you want: how fraudsters remove self-locks on loans from Russians
Fraudsters can use various schemes to convince Russians to apply for self—locking loans, experts have warned about this. Lifting restrictions in banks allows attackers to make loans to their victims and commit other crimes against them. For details on how fraudsters remove self-locks on loans from Russians, how dangerous such schemes are and how to protect yourself from them, read the Izvestia article
Why is the topic of removing self-locking on loans interesting to fraudsters
Self-locking on loans looks like an extremely useful measure for a person who really cares about his safety, says Sergey Polunin, head of the Gazinformservice IT infrastructure solutions protection group, in an interview with Izvestia. If such a person follows the news, then, without going into technical details, he has a rough idea of what the attackers are capable of, and decides to protect himself from the service that he is not going to use.
— This is especially important, considering that the ban can be lifted in two clicks through the Gosuslugi website, — the expert notes. — But the attackers understand that in this way those who may potentially be interesting are cut off, and they try to work with it.
The topic of self—restrictions on loans is new and is being actively discussed in the media space, adds Vitaly Fomin, head of the information security analyst group at the Digital Economy League. At the same time, not all citizens understand the prohibition mechanisms well, and attackers take advantage of this circumstance.
For example, as the expert notes, many people in difficult financial situations issued a self-imposed loan as soon as it became possible. However, the situation could change over time, and they needed money. Misunderstanding the procedure for removing self-locking makes these people an easy target for scammers.
How scammers use the topic of removing self-locking in 2025
One of the most common fraudulent schemes related to attempts to remove self—locking on loans is calls or messages on behalf of the Federal Tax Service (FTS) of Russia, banks or the Gosuslugi portal, says Nikita Novikov, an expert on cybersecurity at Angara Security, in an interview with Izvestia.
— The victim is informed about the allegedly found debt, an error in the credit history or the blocking of the tax refund, — says the specialist. — To resolve the issue, she is being persuaded to temporarily lift restrictions on the issuance of loans.
In addition, according to Nikita Novikov, the attackers use more subtle approaches — in particular, they send links to fake websites that visually copy the Gosuslugi portal, where a person enters data on their own and allegedly confirms the lifting of the ban. In more advanced scenarios, social engineering methods are used: fraudsters allegedly call from the bank's security service and ask for identification by clicking on a phishing link and filling out a fake form.
Meanwhile, according to Vitaly Fomin, in 2025, scammers also called citizens on behalf of representatives of the credit bureaus and reported an error when setting a self-lock. After that, they sent a phishing link, which led people to a fake Gosuslug website. In order to reissue the self-lock "correctly", citizens entered their data, which then got to the scammers.
— In other cases, scammers offer assistance in obtaining a self—lock for loans online, - the specialist notes. — Of course, anyone can impose such a ban on their own, but attackers use the human factor.
For example, a person does not have enough time, but on the phone they promise to carry out the procedure quickly. In this case, the scammers do not require the SMS code directly — instead, they explain the processing algorithm so difficult that the user dictates personal data on their own, just to finish the job as soon as possible.
How self-locking schemes change over time
Over time, fraudsters' schemes on the topic of removing self-locking on loans become more thoughtful, Vitaly Fomin says in an interview with Izvestia. Attackers are moving from simple phishing to comprehensive measures: for example, they combine phishing with social engineering, and also actively use modern technologies to automate their actions.
—In particular, scammers can massively send out offers using bots or use AI to write personalized phishing messages," says the specialist. — At the same time, in the future, we should expect more complicated schemes and the emergence of more targeted attack scenarios.
According to Vitaly Fomin, fraudsters monitor the situation in the country and quickly adapt to the security measures implemented by banks and the state. For example, as soon as new identity verification methods are introduced, fraudsters come up with ways to circumvent them.
Experts are now observing how attackers have moved from mass mailings to targeted attacks on a specific person, and compromises are becoming more personalized, adds Konstantin Larin, head of the Bastion cyber intelligence department. In the future, the use of deepfake technologies in voice calls is projected to increase, as well as the use of personal data obtained from leaks to increase the reliability and effectiveness of fraudulent schemes, the specialist says.
Who are the targets and what are the dangers of self-locking schemes?
More recently, it was possible to say that attackers target vulnerable groups of the population who historically tend to trust calls from "important" places like banks or government agencies, says Sergey Polunin, head of the IT infrastructure solutions protection group at Gazinformservice.
—However, today all those who can at least potentially take out a loan are under attack, and such a sample is very large," the Izvestia interlocutor notes.
At the same time, if the scammers managed to convince the victim to remove the self-lock, they can use this in several schemes at once, adds Sergey Golovanov, chief expert at Kaspersky Lab. So, attackers can later gain access to the victim's accounts, for example, by convincing her to install malware or luring out the necessary confidential information, and then apply for a loan to the victim. Attackers can also further intimidate the user by lifting such a ban themselves, and force them to redirect their own and credit funds to them.
How to protect yourself from fraud schemes on the topic of removing self-locking
The main means of protection against such attacks is awareness, Alisa Kulishenko, an analyst at the Positive Technologies research group, says in an interview with Izvestia. If you have enabled a self—lock for loans, read its terms and conditions. It is easy to do this in the application or on the Gosuslug website. Be attentive to calls from unknown numbers. Many telecom operators are already implementing systems that block suspicious numbers or warn about possible fraudsters.
— Remember that government agencies and banks do not contact customers via messengers, — the specialist notes. — If you are informed about an account being blocked or a "problem with a relative", do not panic, stop the conversation and call back to the number you know.
All appeals from persons posing as employees of government agencies with demands or requests to lift the ban under the pretext of conducting any checks are considered deliberately false, adds Alexandra Shmigirilova, GR Director of the Security Code Information Security company. The decision to lift the restriction should be made only if there is a conscious need. And any questionable requests are subject to mandatory verification through official and reliable communication channels.
"It will also be useful to install security solutions that will prevent you from clicking on a phishing link and opening a malicious attachment, or warn you about a potentially fraudulent call," concludes Sergey Golovanov.
Переведено сервисом «Яндекс Переводчик»
