Rushing to social networks: scammers have moved from the Internet to messengers
Fraudsters have moved from the Internet to messengers and social networks. The growth of phishing has slowed down in Runet: in the first two weeks of the New Year, only 1.2 thousand of such sites were recorded, while in the same period of 2024, more than 2 thousand were recorded. The reason is stricter control over domain registration and faster blocking of phishing sites. What schemes have become the most polar - in the material "Izvestia".
The most popular fraud schemes
New Year in Runet began quietly enough, told "Izvestia" project manager of the Coordination Center of domains .RU /.RF Evgeny Pankov. From January 1 to January 14, the project "Domain Patrol" recorded only 1.2 thousand appeals about the misuse of domains, while for the same period in 2024 - 2.1 thousand. Attackers have actually moved from the Russian segment of the Internet to social networks and messengers. Most often during the holidays, fraudsters used familiar schemes: voting to hack into Telegram accounts, selling fake tickets to Christmas trees and concerts, as well as fraud in the banking sector, he added.
The .RU and .RF domain zones in 2024 confirmed the status of a safe environment for users, Coordination Center Director Andrei Vorobyov told Izvestia. According to him, it was possible to reverse the trend of phishing growth in them, reducing the time of response to threats by almost half. This was possible thanks to the coordinated work of competent organizations and registrars, as well as the improvement of the monitoring system.
The Solar AURA service also notes a decrease in phishing activity in Russian domain zones. But it confirms that the activity of fraudsters remains high and the number of such sites continues to grow, just attackers choose other domain areas. Thus, according to the company's data, in 2024 in the leaders in the number of phishing sites was the zone .COM.
- More than half of phishing resources, which experts identify and send to block, stop functioning within four hours, more than 95% - within a day. The minimum response time in 2024 is only four minutes," said Alexander Vurasko, development director of the Solae AURA external digital threat monitoring center, Solar Group of Companies.
In 2024, information security organizations sent 55.66 thousand appeals to registrars to stop malicious domains - only 1.2% more than in 2023 (this year compared to 2022, the number of appeals increased by 236% to 54.98 thousand).
In 2024, 53.93 thousand malicious websites were blocked in Runet. The .RU zone showed strong growth, increasing by 7% to 380.15 thousand domains, reaching a record high of 5.82 million resources by the end of December. This result was the highest for the entire 30-year history of its existence.
In the Cyrillic top-level domain .RF at the end of December 2024 there were 760.16 thousand websites, which is 1.1% less than a year earlier. At the same time, 92% of them are registered by Russian citizens and organizations.
How fraudulent schemes will change in 2025
Today, technical defense tools make it possible to avoid most phishing attacks, but many Russians still do not have antivirus installed, especially on mobile devices, while this is a basic defense tool, said Duma deputy Anton Nemkin. Most often users become victims of online fraud precisely because of personal carelessness, as attackers are more likely to operate in social networks and messengers.
According to Alexei Gorelkin, CEO of Phishman, attackers are withdrawing their phishing and fraudulent sites from the Russian segment of the Internet, moving to social networks and messengers. In 2025, we should expect more personalized attacks from attackers - due to the large number of leaks and the development of artificial intelligence, it will be easier for attackers to profile users, and therefore increase the effectiveness of the attack, added Igor Biryukov, head of Skolkovo's Cyberhub.
- This year, the State Duma may adopt a unified bill on measures to combat cyber fraud. In particular, it envisages measures to ban mass spam calls and SMS-mailings, create a biometric database of attackers' voices and establish a ban on sending SMS messages during phone conversations," said Anton Nemkin.
According to him, the new norms can radically change the approach to fighting fraud and significantly affect the solution of the problem.
In general, phishing will continue to be a mass phenomenon, while we should expect the complication of schemes and legends - this is due, among other things, to the fact that measures are being taken at various levels to improve the digital literacy of users, added Olga Svistunova, senior content analyst at Kaspersky Lab. People already know about some of the tricks of attackers, so phishers are likely to implement new schemes using social engineering to "reach" even more advanced users, the expert summarized.
