Popular ways of personal data theft by fraudsters are named
In Russia, schemes to hack into Telegram accounts and requests to install the applications "Central Bank. Data Protection" and "Gosuservices.Verification" applications, Post Bank told Izvestia on January 26. Experts of the credit organization on the eve of the International day of protection of personal data named new schemes of attackers.
They explained that in the case of an attempt to hack an account in the messenger, the user receives a message from allegedly technical support Telegram with information about a potential hack or login from other devices.
"At the same time, it contains a link that asks to "confirm" the legitimacy of the current session or "protect" personal data. When you go, attackers gain access to the client's accounts in "Gosusluga", banks, Telegram and other applications", - specified in the credit organization.
Experts recommended setting up two-factor authentication at the entrance and check confidentiality in messenger. They also advised to give the opportunity to write and invite to groups only to contacts. If the account is hacked, then it is necessary to reset all active sessions in the settings, and after changing the password.
"In another scheme, attackers under various pretexts ask customers to install the applications "Central Bank. Data Protection" and "Gosuservices.Verification." As a rule, they present themselves as employees of law enforcement agencies or the Central Bank of the Russian Federation (RF Central Bank. - Ed.). When downloading the malicious program reads information from the client's bank card and allows the fraudster to withdraw money using wireless data transmission (NFC-module)," the bank explained.
They advised not to install applications at the request of third parties and under no pretext not to attach bank cards to the phone, and if there are applications for remote access on the smartphone - delete them.
In addition, experts reminded that you should not forget about the rules of behavior in the network and be vigilant. In particular, do not click on phishing links, check incoming messages and do not give anyone personal data, codes from SMS/Push notifications and information about your bank cards. For safe transition to the resources of trading companies and marketplaces, it is better to enter their names in the browser or use mobile applications, but never follow links from e-mail, the bank emphasized.
Earlier, on January 22, Sarkis Shmavonyan, manager for work with educational organizations of Cyberprotect, told Izvestia that if unexpected SMS-messages with one-time code from "Gosuslugi" are received on the phone, and notifications about logging into the account are sent to the mail, while the user himself fails to log into the account, it may mean that he has been hacked. According to the expert, to protect your account from hacking, you should create a strong password and enable two-factor authentication.
