The expert told about the schemes of hacking accounts on "Gosusluga" and gave advice on protection
- Новости
- Society
- The expert told about the schemes of hacking accounts on "Gosusluga" and gave advice on protection
Gosuslugi" has mandatory two-factor authentication, so there are no longer enough ways to gain access to accounts by methods, such as the selection of compromised passwords, and the portal has long been protected against password brute force, said Sarkis Shmavonyan, an expert at Cyberprotect. At the same time, fraudsters continue to invent new hacking schemes. The expert told "Izvestia" on January 13 about the schemes of attackers and gave some advice to users of the site.
"Previously, the main point of attention in preparation for the compromise of accounts on "Gosuslugi" were user passwords, at the moment such a point of attention are cell phone numbers. Cell phone numbers are the key to logging into the "Gosuslugi" account. The most popular ways to "hack" someone else's phone number are attempts to re-issue a new SIM-card with the phone number of interest. Fraudsters pretend to be the owner of the phone number or its representative, presenting forged documents," the expert explained.
According to him, the scammers began to buy up old SIM-cards, which turned out to be in free sale, the numbers of which can remain tied to accounts in "Gosulugi". After that, the attackers use the password recovery function.
Speaking about the schemes of scammers, the expert said that attackers send fake SMS about allegedly blocked hacking attempts or unsuccessful attempts to log in to an account on "Gosuslugi". The message contains an indication of fraudulent technical support numbers, where you should call or where the "trusted" call will come from. Communicating with fake "technical support" leads to account compromise.
In addition, fraudsters call citizens and introduce themselves as employees of "Russian Post", informing them about a parcel or registered letter to be received. To confirm delivery, the person receives an SMS with a code. In fact, it is a code to enter "Gosuservices". If you refuse and hang up the phone, after some time, a "law enforcement representative" may call back, who will inform about the suppression of an attempt to hack into the account, but will require a one-time code to safely unlock access to the account, said Shmavonyan.
In addition, attackers can call on behalf of telecom operators and inform about the need to update passport data in contracts on the use of cell phone numbers. If the actual passport data is not submitted to Roskomnadzor for verification, the use of the phone number will allegedly be blocked. When performing the confirmation, the fraudsters ask to provide a one-time code, the specialist noted.
He stressed that representatives of real organizations - government and commercial structures - will not ask for a one-time code. Such a code is the secret of each user, so a person is not obliged to tell it to anyone.
As the expert explained, attackers can use government services to illegally access the bank accounts of citizens, as well as they can apply for a loan, open accounts for money laundering. At the same time, they can use stolen data to create fake accounts on state resources, which allows them to make fraudulent transactions. Criminals can also illegally alter citizens' personal data, which can lead to legal consequences or financial losses.
At the same time, any additional data that becomes known to attackers allows them to gain the victim's trust at the next contact.
"You should definitely be alerted to situations in which you receive SMS messages with a one-time code from 'Public Services'; you cannot log into your account. [If] you receive email notifications about logging into your account, there is a high probability that you have been hacked," Shmavonyan emphasized.
To secure your account from hacking, you need to create a strong password. It should consist of 12 or more characters. The longer the password, the harder it is to pick.
"Avoid using consecutive or repetitive characters such as 12345 or qwerty. It's best to use a random combination of letters, numbers and other characters. Do not use names of relatives, friends, pet names, names of your favorite teams, hobbies, etc. in your passwords," the expert advised.
He also recommended enabling two-factor authentication and setting up account login notifications.
Shmavonyan reminded that one should not share passwords, SMS codes and other personal information with both strangers and acquaintances - an intruder may hide under their account. You should also be careful when clicking on links from unknown senders.
"Regularly check the activity in your account to notice suspicious actions and change your password in time. Additionally, it is recommended to set a ban on actions with real estate without the personal participation of the owner," - concluded the expert.
Earlier, on January 11, Ashot Oganesyan, the founder of the DLBI data leak intelligence and darknet monitoring service, told Izvestia that if fraudsters gained access to "Gosusluga", the user should go to the MFC and change the password, as well as the number to which SMS codes are sent. Having regained access to the profile, it is necessary to analyze what exactly the attackers were doing and cancel these operations.
