Mental attack: scammers have switched their attention to psychologists

Online scammers have switched to a new target: online psychology consultants have now attracted their attention. Izvestia investigated how scammers manage to deceive those who, in theory, should not be deceived by virtue of their professional skills.

The story of a deception

A new type of fraud is effectively used by cybercriminals against psychologists who conduct online consultations. The scheme was described in detail by psychotherapist Anar Nureyev on social networks. A conman under an assumed name signs up for an online consultation a few days in advance, at the appointed time simulates difficulties connecting to videoconferencing (VCS), which he writes to a specialist and invites him to go to a Google Meet.

Photo: Global Look Press/Sebastian Gollnow

"He sends me a link to a Google Meet. I go over, but there's a slightly unusual screen, everything is like Google Meet, at 98%, he says he just has a corporate account. Only when you try to log in, you need to re-enter your e—mail, right with your hands, and there is no auto-suggestion," Nuriev quotes the story of the injured colleague, who wished to remain anonymous.

The fraudster persuaded the consultant to use the link, argued that other messengers in his region had allegedly unstable communication, and sent confirming screenshots. After 15 minutes of negotiations, the consultant decided to enter the stranger's conference. After the first attempt, the psychologist was asked to enter a code that supposedly needs to be copied into the Gmail application on the phone. The girl psychologist entered this data into the malware field.

"A picture started spinning on my page, as if the Internet couldn't load. And he keeps me on this page, says it's okay that their server is periodically buggy. I think he was doing something at the time. He specifically held me back at this stage," the victim said. After that, all the correspondence in the messenger was deleted by a stranger — it turned out that the fraudster had access to photos and videos stored in the cloud storage.

Expert opinion

According to Alexander Vurasko, an expert in the field of digital security and director of development at the Solar AURA External digital threat monitoring center, this deception scheme can be called classic. There are a lot of options aimed at different audiences and professional communities. Thus, the attackers simply expand the circle of potential victims and select "legends" that one or another user can believe.

Photo: IZVESTIA

"Eventually, the victim will either be lured to a phishing site, or they will be offered to install malicious software disguised as a legitimate application, after which they will steal accounts on social networks or messengers, or gain access to the user's banking applications," says Vurasko.

In order not to fall for the tricks of scammers, experts from the Solar AURA monitoring center recommend using only official resources (and checking their exact address through a search engine); not providing personal data on suspicious and unofficial websites, as well as during telephone conversations with strangers; using antivirus software for additional protection from malware and phishing attacks.

They work under "Gosuslugi"

The inventors of traps for a wide range of Internet users are not standing still either. In July, Russians began complaining about attempts to get into their personal accounts at Gosuslugi via email. The scheme is based on the vulnerability of some mail interfaces, where the graphical icon of the recipient is preferred in the "from" position. Fraudsters perform it in a style similar to that of the design of a public service. The "letter of happiness" says that the citizen's account is "logged in from a new location." To increase the nervousness of a potential victim, the regions of Ukraine with the network address are indicated as the connection point. "If it wasn't you, then contact support," the message says, indicating the number the scammers are already waiting to call.

—With the help of such manipulations, attackers can gain access to an account on Gosuslugi, steal personal data from there, and also involve a person in a complex game, the result of which is likely to be the loss of funds and property," a law enforcement source told Izvestia. — Fraudsters have also developed algorithms that help people get involved in illegal activities in this way.

Photo: IZVESTIA/Dmitry Korotaev

According to the Russian Interior Ministry, from the beginning of the year to May, an increase in the number of crimes "committed using information and telecommunication technologies or in the field of computer information" was recorded, compared with the same period last year by 1.3%. Officially, over 308 thousand such attacks have been registered in five months. Slightly less than half of them are fraudulent activities of various kinds. Almost 37 thousand were stolen. More than 30 thousand violations of the Criminal Code of the Russian Federation have been identified in the field of computer information. The highest detection rate of such crimes, according to police statistics, is observed in Dagestan, the Ryazan and Bryansk regions and Karachay-Cherkessia.