Logged out of the chat: fraud in foreign messengers has decreased significantly
After the restriction of calls in foreign messengers, the volume of fraud in them has decreased significantly. In August, the number of phishing domains in Telegram decreased from 1,325 to 190, in WhatsApp (part of Meta, the organization is recognized as extremist and banned in the Russian Federation) — from 177 to 118. However, criminals have already learned how to use blocking to their advantage — it's too early to talk about the long-term effect of the measures taken, cybersecurity experts warn. Moreover, foreign messengers are either reluctant or not at all in contact with Russian law enforcement officers, and this significantly complicates the fight against fraudsters, experts say. About the new tricks of cybercriminals and the reasons for the reduction of phishing in WhatsApp and Telegram — in the material of Izvestia.
Measures to combat cyberbullying
In August, the number of phishing domains linked to Telegram decreased almost sevenfold, from 1,325 in July to 190. In WhatsApp, the decline was less noticeable, but also noticeable — from 177 to 118 domains. This is evidenced by the data from the Domain Patrol project of the .RU/.RF Domain Coordination Center.
The drop in activity is due to two key factors: the internal measures of the messengers themselves to strengthen user protection, as well as the actions of Roskomnadzor, which limited the operation of calls and voice messages in foreign services, said a data analyst at the Coordination Center for domains .RU/.Russian Federation Evgeny Pankov. These steps have significantly complicated the activities of the attackers, but it is too early to talk about the long-term effect, since the scammers have not completely left, they have only changed tactics.
— As practice shows, scammers adapt quickly and find new entry points. We can say for sure that they will not abandon proven tools such as phishing e—mail newsletters and the creation of fake websites of popular brands and online services," he said.
According to him, there is traditionally a peak of activity in autumn, when the number of attacks increases sharply.
The Ministry of Finance noted that the state systematically implements measures to combat cyberbullying.
"Reducing the level of fraud through account hijacking using phishing links is also associated with the adoption of these measures and their early implementation by individual electronic trading platforms," the agency's press service told Izvestia.
They also recalled the laws that have come into force: for example, since June 1, employees of government agencies, banks and telecom operators cannot use foreign messengers to make calls and messages to customers.
In addition, earlier, Deputy Prime Minister Dmitry Grigorenko reported to Russian President Vladimir Putin on the government's development of a "second" package of measures to protect citizens from fraudsters.
"One of the measures is a self—ban on international calls, because most people don't get calls for personal business or work from abroad, and, as a rule, most scammers are foreign calls. This is also a very effective measure," he said.
A source familiar with the discussion of the initiative told Izvestia that the bill will be submitted to the State Duma this fall.
How can Russians protect themselves from fraudsters' tricks
The decrease in the number of fraudulent schemes in foreign messengers is certainly a positive trend, but it is important to understand that these services themselves initially remain an unsafe environment for Russian users, said Anton Nemkin, a member of the State Duma Committee on Information Policy, federal coordinator of the Digital Russia party project.
— We see that Telegram is trying to demonstrate certain anti-phishing measures. However, these are often reactive steps that are taken after the fact, when the problem has already worsened. At the same time, messengers themselves create a convenient ground for intruders: anonymous accounts, the difficulty of identifying real people, and the rapid exchange of links — all this turns them into a high—risk platform," he said.
The deputy noted: we must not forget that the owners of foreign services do not bear any real responsibility to Russian citizens. Today, they have limited some of the fraudulent tools, and tomorrow they may weaken control again or even change the rules in favor of those who are willing to pay.
— Foreign messengers are actively used not only for fraud, but also for the dissemination of extremist materials, fakes and attempts at information pressure on Russian society. That is why restrictive measures by Roskomnadzor regarding voice calls are not only a response to fraud, but also an element of national security protection," he stressed.
After blocking calls in messengers, criminals switched to calls from foreign numbers, as well as calls to landlines of citizens, added Igor Bederov, head of the information and analytical research department at T.Hunter.
In his opinion, some of the scammers have "rolled back" to traditional methods, such as mass SMS messages and calls with spoofed numbers imitating banks or government agencies. At the same time, cyberbullying is increasing: attackers have become more likely to create fake resources styled after popular services, including marketplaces, banks, and gaming platforms.
In such circumstances, it is extremely important for people to follow the basic rules of digital security. Olga Altukhova, senior content analyst at Kaspersky Lab, recommends that you do not follow links from questionable messages, do not enter confidential data on suspicious resources, use two-factor authentication to protect accounts, and use security solutions that automatically block attempts to follow a phishing or scam link.
Переведено сервисом «Яндекс Переводчик»
