Putting it on speaker: calls to scammers from victims have become the most popular scheme

Fraudsters massively force victims to call the attackers themselves — this has become the most common deception scheme in recent months. This is how they bypass the blocking of calls in messengers. The damage from these schemes increased by almost a third and in July – September alone amounted to more than 65 billion rubles, Izvestia found out. The most popular options (when it is the person who dials the attacker's phone) are warnings about changing the intercom, meters, as well as problems with authorization. How not to become a victim of the scheme is in the Izvestia article.

How scammers force you to call them back

The scheme, in which victims are forced to call the attackers back themselves, has become the most popular ploy in recent months. This was reported to Izvestia by the interviewed experts.

Photo: TASS/Sergey Bulkin

With this method of deception, fraudsters disguise themselves as delivery services, management companies or security services and create the most everyday and plausible reason for contact, warned Ivan Goryachev, manager of the Servicepipe educational project. Formally, the victim initiates the call herself, which reduces her alertness, he added.

In recent years, a written dialogue with a person in such schemes has most often begun with seemingly abstract topics, such as replacing doorphones, checking meters, and suspicious authorization, said Sergey Golovanov, chief expert at Kaspersky Lab. Scammers can send SMS and emails, write to messengers. For example, a user receives an email stating that they have allegedly logged into an important service. The same message will say: "Call the phone number provided if it wasn't you."

There will be no carnival: how scammers play on the theme of preparing for New Year's corporate parties

Intruders are attracted by the seasonal hype and the tight preparation time.

The surge in this scheme began after the introduction of restrictions on instant messenger calls in August 2025, explained Ashot Oganesyan, founder of DLBI's data leak intelligence and monitoring service. In addition, the requirements for labeling outgoing calls from September 1 became an impetus: thanks to them, even mobile numbers used for mass calls began to be blacklisted quite quickly, he added.

Photo: IZVESTIA/Sergey Konkov

In the third quarter of 2025 alone, the number of crimes under this scheme reached about 1.2 million, said Alexander Kiselyov, a trial lawyer and managing partner of the Prov law firm. This is 22% higher than in 2024. At the same time, the damage from the scheme over the same period amounted to 65 billion rubles against 50 billion rubles, he said.

A similar assessment was given by Georgy Ostapkovich, scientific director of the HSE Center for Market Research. He warned that scammers are actively using social engineering methods, outstripping anti-fraud systems, so the damage figures remain impressive.

The callback scheme increased by 25-30% from July to October this year compared to the same period in 2024, independent expert Andrey Barkhota estimated. The amount of stolen money may amount to 85-117 billion rubles, he said. At the same time, losses vary greatly from case to case, said Vladimir Ulyanov, head of the Zecurion analytical center.

Photo: TASS/Egor Aleev

On average, the amount of damage is about 15-20 thousand rubles, but in some cases it can reach hundreds of thousands.

Izvestia asked the Bank of Russia and the Ministry of Internal Affairs of Russia how much damage was caused by such fraud schemes.

Why does deception with chime work?

The attackers' goals here are to gain access to bank accounts and personal data, install malware through calls and SMS messages, and extort money under the guise of saving funds or solving problems with government agencies, Alexander Kiselyov said. To date, more than 20% of the signals received on the Moshelovka Popular Front platform contain information about fake messages calling for a call back to the pseudo-ministry hotline, said Alla Khrapunova, deputy head of the project "For Borrowers' Rights" and curator of the platform.

One of the examples of such fraud with a callback was shared by the interlocutor of Izvestia. According to him, in mid‑August, one of the Moscow entrepreneurs received a text message allegedly from his bank with the text: "Your card is blocked due to a suspicious transaction. To unlock it, call the number." He did just that. During the call itself, the "operator" stated that the scammers were applying for a loan in his name, and in order to stop the operation, they urgently needed to install the bank's official application using the SMS link. The businessman entered the card details and the code from the message. As a result, 320 thousand rubles were debited from his card in an hour. The money went to an individual's account in another region.

Photo: IZVESTIA/Pavel Volkov

The second story happened to a man who received a message about an allegedly received parcel from China without any details. All that was needed was a phone number and the name of a fictitious shipping company. Curiosity became the victim's motivation. However, during the call, when he was asked to provide the details of the bank card to pay for the parcel, he realized that he was faced with another fraudulent scheme.

How not to fall for the tricks of scammers

In order not to fall for the tricks of scammers, you need to be critical of any incoming messages and calls, recommended Sergey Golovanov from Kaspersky Lab. If even the slightest doubt arises during the dialogue, it is better to put down the phone and not call back to the number from which the call was received, he stressed. You should also enable two-factor authentication for important services and not share confidential data with anyone: passwords, confirmation codes.

— Scammers are trying to "filter out" more gullible citizens. Fraudsters do not waste resources on calling and talking to critical people, but do mass mailing, which is much faster and easier, and potential victims call them back themselves," explained Alexander Bleznekov, head of the information security department of the Telecom Exchange.

Photo: IZVESTIA/Yulia Mayorova

If there is a need to call back, you should do so not by the suggested number, but by the phone numbers listed on the official website of the management company or other service organization, said Alexander Kiselyov from Prov. At the same time, it is important not to disclose payment data to anyone (SMS codes, CVV codes, passwords for public services and banking applications), the legal consultant summed up.