Experts have warned of a wave of fraud through fake security sites.

A new wave of fraudulent attacks using fake websites masquerading as a non-existent organization has been recorded. Kaspersky Lab experts told Izvestia on May 7 that hackers were offering users to check their personal accounts for cyber-resilience, and then use the contacts they received to further engage in fraudulent scenarios.

According to them, the activation of the scheme began in mid-April 2026. Previously, users were asked to contact an allegedly expert service on their own, but now the scammers have gone further: a special form is posted on fake resources, in which they are asked to leave a phone number for "online diagnostics".

According to the legend of the attackers, the procedure allows you to check whether personal data, accounts or access to digital services have been compromised. After entering the phone number, the application is allegedly sent for analysis, following which a specialist should contact the user.

In practice, this mechanism is used to collect contact details of potential victims and subsequent telephone pressure.

"The high level of study of fraudulent resources is particularly dangerous. The sites are designed to resemble official government or expert platforms as much as possible. To do this, attackers use domain names that create the illusion of belonging to specialized structures, publish materials about common deception schemes — calls allegedly from bank employees, delivery services or representatives of public utilities," the experts explained.

Hoeing Masters: how online scammers attack Russian summer residents

The attackers are speculating on the topic of goods and services for suburban areas

In addition, notifications about the collection of cookies are posted on the pages, real government organizations and banks are mentioned. All this creates a sense of legitimacy and professional approach for users. After a person leaves their phone number, hackers can contact them by posing as employees of the Digital security center, government agencies, or financial organizations.

During the conversation, they report alleged suspicious activity, attempts to hack accounts or compromise personal data. To increase the pressure, fraudsters can send fake letters, connect fake representatives of other structures to the conversation and convince the victim to urgently take measures to "save" the funds.

As a rule, the ultimate goal is to try to convince a person to transfer money to a so-called secure account or transfer confidential data.

"The attackers exploit the worries of users and their fears of becoming victims of fraudsters. However, if you have doubts about the security of your account, it is better to change the passwords yourself, check if there have been any third-party connections, and set up additional security measures. This will help reduce risks and avoid situations where users have to turn to questionable services for diagnostics," said Sergey Golovanov, chief expert at Kaspersky Lab.

Experts reminded us that any suggestions to undergo a security check through unknown sites, especially with the entry of personal data, should arouse caution. It is recommended to check the status of accounts only through official services and applications.

Anton Nemkin, a member of the State Duma Committee on Information Policy and federal coordinator of the Digital Russia project of the United Russia Party, said on May 1 that the State Duma had reported on the most common fraud schemes. These included calls about a "secure account," investment scams, and fake online sales.