Big maneuvers: what schemes to expect from scammers before February 23
Fraudsters can use various schemes to deceive Russians before Defender of the Fatherland Day, experts have warned about this. Malefactors take advantage of the fact that on the eve of February 23, the demand for gifts traditionally increases — people are in search of profitable offers, their vigilance decreases, and they are ready for spontaneous purchases, against this background falling into the networks of scammers. For more information about what schemes to expect from scammers before February 23, 2026, what are the dangers of such tricks and how to protect yourself from them, see the Izvestia article
What is the topic of February 23 interesting to scammers?
Defender of the Fatherland Day is a convenient excuse for fraudulent attacks using social engineering methods, Nikita Novikov, an expert on cybersecurity at Angara Security, says in an interview with Izvestia. The fact is that on the eve of the holiday, the noise of legitimate communications is growing sharply — notifications from stores, couriers, banks, HR and internal services.
—Against the background of this flow, phishing emails and messages look like ordinary ones, and users often act without additional verification due to urgency, purchases and organizational fuss," says the specialist. — The risks are further reinforced by the fact that generative models reduce the cost of attacks: texts and letters become more literate, easier to adapt to the industry and the role of the recipient, and therefore are worse recognized by external signs.
The growing demand for gifts contributes to the growth of fraud activity in the run-up to February 23, adds Konstantin Gorbunov, a leading expert on network threats and a web developer at the Security Code company. People often make spontaneous purchases in search of great deals, which reduces their vigilance. Scammers also understand the target audience, which allows them to make attacks more targeted.
What schemes to expect before Defender of the Fatherland Day in 2026
In 2026, Angara Security experts have already recorded an update and adaptation of classic fraudulent schemes for the upcoming Defender of the Fatherland Day, says Nikita Novikov. In particular, offers and promotions from fake online stores that offer "exclusive products" and "attractive discounts" that are valid for a limited amount of time are becoming popular.
"Scammers also continue to use calls from couriers who are ready to deliver gifts for the holiday and ask to clarify the recipient's addresses by confirming the action with an SMS code," the source said. — At the same time, a separate category of schemes is aimed at war veterans and combat participants. Here, when contacting potential victims, social payments for the holiday are used for certain categories of citizens.
Anastasia Osipova, an analyst at the Positive Technologies research group, agrees with the fact that before February 23, scammers can actively organize phishing attacks under the guise of government payments and one-time assistance for Defender of the Fatherland Day. At the same time, as the expert notes, such mailings will contain personalized data (for example, full name and date of birth) obtained from public leaks, which will increase the trust of recipients.
In addition, according to Nikita Novikov, the attackers also use the subject of all kinds of financial fees, including allegedly from charitable foundations, for gifts to soldiers and the wounded. Such requests may be accompanied by forged documents and photographs. In 2026, fraudsters will use well-established tactics, but with the use of more modern technologies, Konstantin Gorbunov adds.
In particular, according to the expert, fraud using artificial intelligence is expected to increase — deepfakes with video messages from famous figures, as well as personalized phishing messages on behalf of banks. Viruses will also be distributed in spam mailings under the guise of holiday cards to access banking applications.
— On the eve of February 23, attacks through messengers and deepfake calls from "managers" are possible with a request to transfer money "for the celebration of the male half of the team," says Konstantin Larin, head of the cyber intelligence department at Bastion.
What fraud schemes had been encountered before February 23
According to experts interviewed by Izvestia, fraudsters have been trying to use various schemes to deceive Russians for several years before February 23. So, as Sergey Polunin, head of the IT infrastructure solutions protection group at Gazinformservice, says, the "classics" of the past years are phishing online stores designed for popular marketplaces.
"There could also be hints on such portals that they were allegedly created with the support of large marketplaces," says Izvestia's source. — There were catalogs, samples and comments from satisfied customers, but in fact everything served only one purpose: the attackers were waiting for the input of bank card data from potential victims.
In addition, according to Sergei Polunin, previously there were separate websites allegedly created to raise money by February 23 for veterans' greetings. However, the general skepticism towards such tricks has made them less popular with scammers, the expert notes. Meanwhile, the main target of scammers on the eve of Defender of the Fatherland Day is those who are in a hurry to buy gifts, says Anastasia Osipova.
Equally vulnerable are people who are not familiar with the most common fraud schemes: pensioners who receive "congratulatory" SMS messages, or users who trust defiant advertisements on social networks and instant messengers. First of all, such schemes can be dangerous with large financial losses — from money spent on a gift that will never be delivered, to the complete emptying of a bank account after the confirmation codes are leaked.
"Another possible risk is the leakage of personal data that can be used to make fraudulent loans or attacks on the victim's loved ones,— warns Anastasia Osipova. — In addition, clicking on phishing links or downloading files attached to congratulations can lead to malware infection of the device, which covertly collects credentials and payment information.
How to protect yourself from fraudsters' tricks before February 23
In order to protect yourself from fraudulent schemes on the eve of Defender of the Fatherland Day, cybersecurity experts advise, first of all, to remain vigilant. It is important to remember that government agencies never request confidential data over the phone or in messengers, says Anastasia Osipova.
— In order to avoid financial losses, it is important to remember the basic safety rules, — the interlocutor of Izvestia notes. — So, you should buy gifts only in trusted online stores with a reliable reputation. At the same time, you cannot transfer bank card data to third parties, including CVV and one-time confirmation codes from SMS and messengers.
In addition, you should not follow links from messages from unknown senders, even if they look like congratulations or gifts. Before transferring funds, you need to make sure that the charity is listed in the register of non-profit organizations on the website of the Russian Ministry of Justice, advises Anastasia Osipova.
The data required for verification can be found on the foundation's official website, where basic information about its activities should be provided. In addition, it is worth enabling two-factor authentication in accounts of banking applications, social networks and messengers.
— We recommend that you be critical of any online messages and extremely generous offers, do not click on links and do not download files from questionable correspondence. To protect your data and money, it would not be superfluous to use a reliable security solution — it will not allow you to switch to a phishing or scam resource," concludes Kaspersky Lab cybersecurity expert Olga Altukhova.
Переведено сервисом «Яндекс Переводчик»
