Start over: scammers have started to prey on victims of deception
Fraudsters have launched cashback schemes to defraud those who have already suffered at the hands of scammers - experts have warned about this. As a result of the so-called recavery scam, victims of scammers who are trying their best to recover stolen funds may lose even more. Details on how the recaveri-scam is organized, how dangerous it is and how to protect yourself from it, read in the material "Izvestia".
What schemes of recavery-scam experts have discovered
About the emergence of new methods of fraud "Izvestia" told analysts Digital Risk Protection company F.A.S.C.S.T.. The experts found a resource called "Financial User Support Center" (FUSC) on the web.
- Under the headline "100% return your money lost on lochotrons" on the fraudulent resource are examples of other scammer pages with the warning "Deception!", - says senior analyst of Digital Risk Protection of F.A.C.C.T. company Maria Sinitsyna. Maria Sinitsyna.
According to her, such a move is explained simply: competition in this criminal business is quite high, so the participants of some fraudulent programs are not averse to using scripts that reveal the schemes of "colleagues". To return the stolen money, those who have already suffered from the actions of fraudsters, on the website of the CFPP is proposed to enter the so-called "control amount" for "synchronization of payment details".
At first the amount is only a thousand rubles, but then it gradually increases until the user realizes that he has again become a victim of criminals, emphasize the specialists of F.A.S.S.T. company.
What recavery skim is interesting to scammers
The target of attackers are people who have recently fallen for the tricks of scammers. They may not expect a second trick, following the saying "a shell does not fall into the same funnel twice", says Maria Fesenko, an information security specialist of the company "Security Code", in a conversation with "Izvestia".
- As a result, the user is even more likely to believe the second legend of con artists," the expert explains. - In addition, they are driven by a desperate desire to return stolen finances or data, they want to believe that such a simple solution to the situation is possible, and almost blindly trust everything said by the attackers.
In turn, Ruslan Bisengaliev, cybersecurity threat research analyst at R-Vision, adds: previously deceived users may be of interest to attackers because they have previously provided their personal data. This makes it possible to modernize existing schemes - as a result, a person can lose even more money. At the same time, according to the expert, as cyber literacy grows, many scenarios stop working - and competition among attackers increases.
To keep their profits, fraudsters are personalizing their attacks by using the data of people who have already been defrauded. This makes their tricks even more convincing. As Ruslan Bisengaliyev notes, recavery scams have appeared in the shadow segment of the Internet, where fraudsters pretended to be "legal consultants" for the return of stolen funds.
At the same time, according to Maria Fesenko, recavery-scam is not as common in Russia as other fraudulent methods. But we can say that this scheme has become a kind of continuation of other schemes: for example, initially the attackers pretended to be law enforcement officers or bank employees and through this legend directly lured out the information they needed. As a rule, a recavery scam involves a two-step system, where both the first step (the initial successful attack) and the second step (fraud with a refund) are committed either by the same attacker or by the same group.
- This kind of sequential fraud can be considered one kind of recovery scam," says Maria Fesenko. - Another type is when a group of fraudsters collects a database of deceived users and then resells it to another group. In this case, the scenario is stretched over time.
What other recovery scam schemes can be used by scammers?
In recent years, recaveri-scam has been actively working in conjunction with telephone scammers, says Alexander Vurasko, development director of the Solar AURA (Solar Group of Companies) external digital threat monitoring center, in a conversation with Izvestia. In particular, call centers promoting fake investment platforms often offer to return previously stolen money.
- Attackers can create a fake page under the guise of a certain agency for the return of money, and then organize a phishing mailing on the received bases of deceived users, - says Maria Fesenko. - If you enter your data on such a site, they will be available to attackers.
In addition, fraudsters can play the role of "agency" for a long time, but at the same time require prepayment of services to return the money. Naturally, in this case, if the victim pays, the prepayment will not pay off in any way - the fraudsters will simply stop contacting.
According to Maria Fesenko, one of the most common schemes in terms of recavery scam looks like this: a fraudster makes a successful attack, for example, by extracting credentials from a banking application, and then directly tells the victim that he has deceived her and stops the dialog. While the victim is in shock, a new call comes: it is another fraudster who appears to be a bank employee.
- He says that a suspicious transaction has been recorded and frozen, but the bank cannot return the money to the former account, because "the security service and law enforcement officers are conducting investigative measures," says the expert. - They offer to return them to some other account, for which they ask the user to give all the necessary details, but at the same time, fraudsters use social engineering methods to lure out information that will allow them to access the new account.
How to protect yourself from a recavery scam
Recovery scam can be more dangerous than simple fraud, says Nikita Leokumovich, Head of Digital Forensics and Cyber Intelligence at Angara Security. The point is that its victim has already been cheated, and often for large sums, which leads to negative consequences. And then she is offered to return all her or borrowed funds - and many agree.
Therefore, according to experts interviewed by Izvestia, protection against fraudulent recavery-scam schemes is very important. Its basis is compliance with the rules of cybersecurity and digital hygiene. First of all, Maria Fesenko advises to remember that, except for law enforcement agencies and banks, no one will help to return stolen funds.
- Therefore, if a user is offered to restore access or get finances back, it is a hundred percent fraud," says the expert.
Internet analyst and expert of the company "Gazinformservice" Marina Probets advises to seek help only from trusted government agencies or reliable specialists, and not from anonymous sources on the Internet: you should never disclose personal information and financial information to strangers.
If you come across a suspicious site, Maria Fesenko recommends analyzing it: you will probably find reviews of already deceived users, and if the web page has no rating and no secure connection sign in the domain bar, it is a reason to be wary.
- Remember that you should not share confidential information with strangers, especially if the user has recently been successfully attacked," says the expert. - In addition, immediately after the attack, you should change passwords wherever possible, and in general, carry out this procedure at least once every six months.
Finally, it is important to notify your bank and law enforcement agencies about a successful attack, and if there is a threat of the scheme spreading, to inform your family and relatives about it, so that fraudsters do not deceive them, the expert concludes.
