Return movements: how online scammers speculate on the topic of cashback

Cashback is considered a real way to save money, so users are ready to connect it not only on the official websites of stores, but also through aggregators and third-party platforms. This is actively used by scammers, involving new victims in their schemes, experts warned. For more information about how hackers speculate on the topic of cashback, how dangerous it is and how to protect themselves from fraud, read the Izvestia article.

Why is the topic of receiving cashback interesting to scammers

Cashback services are directly related to money and bank cards, so users are initially ready to enter payment details, register and click on links with refund offers, says Nikita Novikov, an expert on cybersecurity at Angara Security, in an interview with Izvestia.

— For fraudsters, this is a convenient entry point: under the guise of receiving a bonus or refunding part of the funds for the product, they can collect card data, logins from banking applications or one—time confirmation codes, - says the expert.

Photo: IZVESTIA/Polina Violet

In addition, as he notes, the cashback market is actively growing: banks, marketplaces and individual aggregators have such programs. Users are used to promotions and bonuses, so fake offers with increased cashback or temporary promotions look plausible and arouse less suspicion.

Many people often encounter cashback services and use them themselves, so the threshold for critical perception of new information on this topic is getting lower, adds Lev Afanasyev, head of the anti-fraud solutions group at Innostage IT company. This is what scammers seek to use to lure potential victims with attractive offers, force them to visit phishing sites, and transfer sensitive personal or payment information.

The matter of technology: how scammers speculate on the topic of rising prices of electronics due to the war in Iran

The attackers take advantage of the anxiety and rush of potential buyers

What fraudulent schemes on the subject of cashback should be feared?

In 2026, we can expect further proliferation of fake websites from well-known marketplaces, according to a data analyst at the RU/ Domain Coordination Center.Russian Federation Evgeny Pankov. These platforms are more popular than ever today, so the offer to buy goods with a good discount or cashback will attract users.

— In addition, we can expect fraudulent offers to receive cashback in thematic channels and communities on social networks and messengers, where collections of promotions, discounts and promo codes are published, — says the interlocutor of Izvestia.

Such communities are subscribed to by people who are purposefully looking for ways to reduce costs and are ready to respond quickly to "profitable offers," adds Evgeny Pankov.

Photo: IZVESTIA/Dmitry Korotaev

In turn, Lev Afanasyev believes that scam schemes in 2026 may be related to the offer to receive increased cashback in categories of interest to people, for which legitimate market participants began to significantly reduce loyalty programs or cancel them completely (groceries, pharmacies, medical services, cafes, gas stations, and so on).

The increased interest of potential victims, according to the expert, is further used to force them to fulfill certain conditions for obtaining benefits — click on the link, register, fill out a form or provide a code. The data obtained in this way is then used by fraudsters to gain access to victims' personal accounts, bank accounts, or simply for the subsequent resale of personal data.

Photo: IZVESTIA/Yulia Mayorova

"With the development of AI technologies, such attacks will become more personalized and widespread - in technical terms, it has become easier for fraudsters to prepare the "foundation"," says Konstantin Gorbunov, an expert on network threats and a web developer at the Security Code company. — Neural networks will create a clone site of a popular platform in a matter of minutes, generate credible reviews and promptly update the content.

What kind of cashback scam schemes have there been in the past

Scammers have tried to speculate on the topic of cashback before. In particular, according to Nikita Novikov, the attackers actively used mailing lists with messages about allegedly accumulated cashback, which urgently needed to be withdrawn. Such messages contained a link to a fake resource where the user was asked to enter bank card details or log in to online banking.

Disrupt the voices: how scammers use the topic of online petitions

Public initiatives on the Web are increasingly becoming an excuse for data theft

— There were also schemes with fake cashback aggregator sites, where they promised an increased percentage of refunds for purchases, - says the interlocutor of Izvestia. — The user was asked to register, link a card or undergo verification, after which the fraudsters gained access to payment data.

In addition, according to the expert, the attackers distributed fake promotions on behalf of banks or large online stores, offering to receive a bonus or cashback after paying a small commission or confirming the operation. As a result, the victim either transferred the money himself or transferred the data, which was then used for unauthorized debits.

Photo: IZVESTIA/Eduard Kornienko

Cashback fraud schemes are mainly aimed at people who actively use online shopping and are looking for ways to return some of the money they spent, says Mikhail Sergeev, lead engineer at CorpSoft24.

"The main audience of such tricks is marketplace customers," agrees Sergey Polunin, head of the Gazinformservice IT Infrastructure Solutions protection group. — However, users who are used to looking for all kinds of special offers and discounts are especially vulnerable. For them, the opportunity to get some of the money back may be an argument for following the link.

At the same time, the danger of such tricks lies in the fact that fraudsters gain access to personal information, and this can lead to data leakage and loss of money.

How to protect yourself from cashback fraud schemes

Cashback, like other types of loyalty programs, can be called a passive way of luring victims by intruders, says Alexey Vybornov, an analyst at the Positive Technologies research group, in an interview with Izvestia. By setting traps in the form of phishing links and fake apps, scammers are just waiting for people to come to them. In order not to be among the victims, it is important to:

— To remain vigilant, especially when it comes to money, possible benefits or the risk of losing it;

— Do not trust overly generous offers. An unusually high percentage of cashback or "unique promotions" may be a sign of fraud;

Photo: IZVESTIA/Sergey Konkov

— Verify the authenticity of the information source. It is better to double-check messages about profitable offers received by e-mail or SMS through the bank's official websites or mobile applications;

Photo: IZVESTIA/Anna Selina

— Beware of duplicate sites. Small changes or typos in the domain name may indicate a fake resource, so if in doubt, it is better to leave such a site immediately.

In turn, Leonid Bezvershenko, senior expert at Kaspersky GReAT, recommends using only verified official services, being critical of overly profitable offers, and not entering payment details or other confidential information on questionable sites in order to reduce the risks of compromising accounts and financial data.

— It is also worth using security solutions, the effectiveness of which has been confirmed by independent testing — they can warn about an attempt to access a phishing site, — the expert concludes.