Premium approach: how scammers speculate on the topic of New Year's payments

Fraudsters on the eve of the winter holidays may speculate on the topic of New Year's payments, experts have warned about this. The theme of holiday bonuses attracts intruders, because at the end of the year people are more likely to make online transactions and are less critical of messages about monetary rewards. For more information about how scammers use the theme of New Year's payments, how dangerous such schemes are and how to protect themselves from them, read the Izvestia article.

What is the topic of New Year's payments interesting to scammers?

Holiday payouts and bonuses attract intruders, as at the end of the year people are more likely to make online transactions and are less critical of messages about monetary rewards, says Alexander Vinokurov, technical account manager at R-Vision, in an interview with Izvestia. Messages on behalf of government agencies or banks seem convincing, which facilitates phishing and social engineering.

Photo: IZVESTIA/Dmitry Korotaev

— In the New Year's rush, each of us subconsciously waits for a miracle — the New Year is associated with gifts, fun and generosity, — says Irina Dmitrieva, an analytical engineer at Gazinformservice. — But there are no moral guidelines for scammers who collect the psychological weaknesses of users and exploit the identified vulnerabilities.

In the context of New Year's holidays, attackers often rely on the expectation of bonuses, additional payments and general pre-holiday fuss, the expert explains. The need for an additional payment to purchase gifts and prepare a New Year's table reduces user vigilance.

Photo: IZVESTIA/Yulia Mayorova

According to Irina Dmitrieva, an important point is that in Russia there are financial support measures for families with children, but the conditions for receiving payments change annually. This is used by scammers, offering "help with registration." Scammers are well aware that new uninformed payees appear every year, and the effectiveness of fraudulent schemes is largely preserved due to the general low digital awareness of the population.

Content without brakes: criminal AI service appeared on the darknet

Attackers actively use it in fraudulent schemes and the creation of viruses.

What schemes on the topic of New Year's payments to expect in 2025

At the end of 2025, phishing mailings, schemes with non-existent state funds and pseudo-investment platforms, calls and messages about pension surcharges, payments to large families, gifts from administrations where card details or account access are lured out under the pretext of money transfer, as well as fake media and government websites, visually almost indistinguishable. from the real ones, says Anna Vyatkina, an analyst at the Positive Technologies research group.

"Each of the schemes promoted by the attackers is based on emotions and a rush to get a bonus before the holidays, imitating official resources of government authorities and commercial organizations through accurate identification (competent appeals, a unique addressable approach and resource design)," Irina Dmitrieva says in an interview with Izvestia.

Photo: IZVESTIA/Yulia Mayorova

According to the expert, in 2025, it is important to change the rules of social payments, as well as the channels for informing about these payments. One of the most striking examples is the updating of the December payment of child benefits from the Social Fund of Russia (SFR). According to the published information, payments will be received twice a month — at the beginning and at the end of December, which has not happened before. There were many publications on this topic in the official media, which reminded of the updates.

At the same time, the current information about payments is provided only through official platforms (internal portals of the SFR and Gosuslugi), but not in messengers and social networks, which users often forget, Irina Dmitrieva notes. Scammers are actively sending messages in messengers with a reminder of the supposedly official December payment and offering a link to a phishing site.

Photo: IZVESTIA/Yulia Mayorova

— Another option, which seems even more dubious, is to subscribe to partner channels, download additional software and send the SMS code, — says the expert. — Users are often involved in such ways, even in crypto projects.

What schemes on the topic of New Year's payments have been encountered before

In previous years, fraudsters spread fakes about New Year's payments, offered to arrange compensation and dividends through third-party websites and Telegram channels, says Anna Vyatkina. Schemes involving fake gift delivery or requests to pay a transfer fee were also used.

— Over the past five years, the exploitation of official reports on compensation and benefits has not lost its relevance, — adds Irina Dmitrieva. — A frequent scheme of scammers is associated with mimicry for government services, where victims are supposed to disclose codes from SMS or other critical data transmission.

Photo: IZVESTIA/Sergey Konkov

As the interlocutor of Izvestia notes, in such cases everything is based on haste — allegedly "in order to receive a payment, it is urgently necessary to confirm the data." This also includes the operation of websites disguised as official portals (SFR, ministries, Gosuslugi portal), through which the theft of accounting and banking data similarly occurs. Such sites issue incorrect certificates and mimicking domains, as well as short redirects during the transition phase.

"As soon as you enter your personal or financial information, it falls into the hands of fraudsters and then there are many options — from losing access to your finances, losing your finances and blocking your phone to making loans and other obligations based on your personal data," says the GR director of the information security company "Code Security" by Alexander Shmigirilov.

Photo: IZVESTIA/Sergey Konkov

According to Anna Vyatkina, New Year's payment schemes are primarily aimed at pensioners, recipients of social support and people with low digital literacy, as well as those who are in a difficult financial situation. In addition, users of social networks are traditionally at risk, adds Alexander Vinokurov.

One in the field is not a coin: Durov's new platform has attracted a record number of scammers

What methods of deception are associated with the increasingly popular Cocoon service?

How to protect yourself from fraud schemes on the topic of New Year's payments

Social engineering approaches in the case of New Year's payments are based on increased trust and artificially created haste, Irina Dmitrieva says in an interview with Izvestia. The attackers have a simple goal — to turn off the rational part of the victim's thinking and force her to act thoughtlessly.

— Protection from deception is in the hands of every person — it is hidden in the calm perception of information, fact—checking and in the rejection of operational decisions "here and now," the expert explains. — Key signs of fraud: "confirm the details", "get it urgently", as well as a suspicious website address.

Photo: IZVESTIA/Eduard Kornienko

It is important to remember that all payments are made only through official channels — personal accounts on the Gosuslugi portal or on the resources of the SFR. This does not require intermediaries in the form of messengers, social networks and SMS. Any SMS, message, or email with a link to payment processing is phishing. The effect of surprise and haste is not exploited by official authorities, in most cases the proposals do not involve "giving up everything and running to receive payments," Irina Dmitrieva notes.

— It is necessary to check the sources of messages through official websites, not to enter data on unfamiliar pages, not to pay via gift cards, use two-factor authentication, train loved ones and, if in doubt, contact official support services, — concludes Alexander Vinokurov.