"We have decided to open an Oreshnik for scammers to all residents of the country"
Phone scammers continuously adapt their schemes to changing circumstances. If in 2024 analysts recorded 40 new scenarios, now their number has grown to 95. And 70 of them were detected at an early stage with the help of Fraud Roulette, a project that helps neutralize cybercriminals, Oleg Zamiralov, head of the T-Bank Ecosystem protection center, told Izvestia. Oleg Zamiralov spoke in an interview with Izvestia about who is most susceptible to fraudsters today, how the portrait of their average victim has changed, and how Fraud Roulette can help in the fight against intruders.
"The fraudster does not notice the substitution and is sure that he is talking to the intended victim"
- T-bank announced the scaling of the "Fraud Roulette", which previously existed only in test mode. Now it has been decided to open the service to everyone. Tell us, how did the idea to create it come about?
— First, we came up with a factory of humanoid robots — special bots with different characters. They could receive calls instead of the subscriber and waste the intruders' time. Therefore, we tried to transfer scammers to real people and saw even greater efficiency. It was 2023, and then we started thinking about scaling up this idea. We tested, developed, and finally decided to open the Hazel Grove for Scammers to all residents of the country in order to form a popular front capable of paralyzing entire fraudulent call centers. There are a lot of applicants.
— What results of the test run can be noted?
— Several thousand people took part in the testing, both enthusiasts and professionals (for example, the famous prankers Vovan and Lexus). We consider the pilot stage a success.
First of all, Fraud Roulette has proven its effectiveness in distracting scammers: in total, we took them more than 2 million minutes or 44 thousand hours. But the key result is different: we recalculated this time into the actual operation of a fraudulent call center. Usually such a group consists of about 30 people, and its annual revenue reaches 500 million rubles. According to our estimates, the pilot project prevented significant losses, as the attackers were unable to reach their victims.
In addition, the service helps to identify new cheating schemes earlier. For example, when the scammers began to introduce themselves as employees of the MFC or the intercom service with a proposal to recalculate housing and communal services, we immediately warned all Russians about this. And for clients, the schemes have become less scary due to the fact that we have promptly trained our anti-fraud systems, which operate on the basis of artificial intelligence.
The mission of Fraud Roulette is to protect real victims from fraudulent calls and the influence of social engineering. Under hypnosis, a person can not only lose their money, but also commit illegal acts for which they will have to answer at the legislative level. We see how difficult it is to "bomb" people who have fallen under the influence of scammers. T-Bank has a rapid response team for such situations — our employees go to the victim and explain the situation, literally taking them out from under fraudulent influence.
— How does the service work from a technical point of view? How can fraudulent calls be intercepted?
— The service is based on our own advanced anti-fraud technologies, which are used to build the T-Protection platform, including artificial intelligence. We use several data sources, but the main thing is that redirection is instantaneous. As soon as the system determines that the call is fraudulent, it is seamlessly forwarded to the program participant.
At the same time, the fraudster does not notice the substitution and is sure that he is talking to the intended victim. For the participant, such a call looks like a call from a pre-known number from a "Fraud roulette".
An important technical nuance: at the beginning of the call, the system warns the user. You can order a call on the fraud Roulette website.Russian Federation", the user registers, orders a call, then waits an average of 30 seconds to five minutes. The conversation begins with a technical reminder phrase, "Attention, the Fraud Roulette scammer is on the line."
— Why was the dial-up path chosen instead of blocking?
— We also have blocking, of course, for example, when a fraudster has reached a real victim, the AI analyzes the sound wave, breaks the call, after which the fraudster will no longer be able to reach the victim, and his number will be sent automatically to the fraud roulette.
But one does not interfere with the other. The key task is to maximize the time and money spent by scammers. For those who want to take part in the fight against fraudsters themselves, we have created this service. And we can see how many people want to join the so-called popular front against fraudsters. Tens of thousands of people contacted us with a desire to participate in the project during the testing phase.
"The call may not arrive, but it's a reason to order a call after a while"
— Does the operation of Fraud Roulette depend only on fraudulent calls?
— The implementation of the service is based on the synergy of AI and technology, but, of course, all the work of the service depends on the number of incoming fraudulent calls. As we always say at internal project meetings, fraudulent traffic is a delicate matter.
The project has the word "roulette" in its name for a reason. It is not so easy to predict fraudulent actions, the activity of scammers may vary depending on the time. After all, they also have working days, lunch breaks and weekends.
For example, we noticed that most calls can be intercepted on weekdays during business hours — from 09:00 to 18:00 Moscow time. We connect the roulette participant with the scammer within five minutes. On weekends and holidays, users have to wait longer for a call. Sometimes there may be no calls at all. And that's fine, you just need to try again later.
If it is not possible to catch a real call, the user can order a call from a robot that will act as a scammer and help hone the skills of keeping scammers on the line.
In addition, scammers may realize that time after time they are not targeting the victim, become suspicious and change the "channel". We'll start hunting for him, of course, but it's time. Therefore, one of the most important rules of the service is not to tell a scammer that he has fallen into a "Fraud roulette", not to tell that the call has been intercepted and not to sabotage the interruption of the call (with insults or obscene language). In this way, we will build the very popular "front", which will be supported by AI and technology.
— What are the restrictions and rules for participants?
— It is important to understand: This is not a computer game, this is a real service with real scammers. Therefore, the service has natural limitations.
The first rule of "Fraud roulette" is that scammers should not know that they are in roulette. Therefore, it is better to come up with a cover story for the call in advance — why you are responsible for another person. This will help keep the attacker on the line as long as possible.
You should not argue with a scammer. Otherwise, the conversation will be short. It's better to play along with the scammer, ask questions and stall for time so that he doesn't have time to deceive someone else.
There are three calls available per day. This allows you to play roulette with a large number of participants. The call is counted if it lasted longer than 15 seconds.
The result depends on the case. The call can be received immediately or in a few minutes. It all depends on the number of scammers on the line. After all, they also have "working hours", lunch and weekends.
"There were no situations when someone shared their details or had money withdrawn from their card"
— How do I connect to the service?
— To connect to roulette, just go to the project's website, log in using your phone number and then order a call. It arrives in a matter of seconds, sometimes in minutes, but it depends on both the number of scammers and the number of users on the line.
— But how do you prepare participants to receive such a call? Do you give advice or maybe there is some kind of training?
— Together with psychologists and specialists, we have put together a training program that will help you spend your time effectively and usefully. There are three main sections available on the website where you can order calls.
The first one analyzes the most popular tricks of scammers. This will help you understand the approximate scenario according to which the fraudster will act. The second section is about your own safety. Although the interaction may resemble a game, in no case should the real data be disclosed — the card number, passport data.
The third section contains techniques that help increase conversation time. But in practice, beginners often get lost when an attacker starts asking questions. Therefore, we offer specific advice: for example, to constantly ask again or to act out a life situation. Let's say you can imagine that you are driving — if you periodically comment on the traffic situation, it looks natural and allows you to stretch the conversation.
The main thing is to prevent the fraudster from suspecting that he is participating in the game. For him, this is working with specific KPIs, so you need to distract.
— How stable are the participants after such training?
— The most common thing is that a beginner does not immediately navigate, so the conversation ends very quickly. However, there were no situations when someone shared their details or had money withdrawn from their card. The most important thing is that scammers are good at introducing hypnosis when they act on the surprise factor. Here, a person is as ready as possible, and this is exactly what makes the situation different.
— Can other telecom operators send calls?
— We have partners, mobile operators, some of whose calls, according to them, are fraudulent or spammy. By the way, it is very difficult to distinguish them, because by nature these calls are artificial. We are open to cooperation and synergy of forces, this will help us all get one step closer to defeating phone fraud.
"Increasingly, young people are becoming victims of crime, not the elderly"
— What is the current general situation with phone fraud in Russia?
— In the period from January to September 2024, there was a significant increase in the number of telephone fraud — by about 30% compared to the same period last year. This is largely due to the fact that other schemes, such as pyramid schemes, have become less effective.
Phone fraud remains a major problem today. At the same time, the victims of such crimes are "getting younger." Increasingly, young people are becoming victims of crime, rather than the elderly. The attackers do not make a clear division by age and gender groups — they call everyone in a row. But someone is served just a little more, someone a little less.
Unexpectedly, young people who seem to be as digitalized as possible — from 20 to 33 years old — began to fall for these tricks on a rampage. The attackers, posing as employees of Roskomnadzor or Rosfinmonitoring, intimidate with serious accusations, for example, of financing terrorism. Two-step schemes are often used: fraudsters can ask for a code from the "State Services", and then simulate receiving it.
The victim, confident that he has exposed the criminals, feels like a winner and thinks to inform the police. However, then, by a "lucky coincidence," law enforcement officers call her and inform her of an attempted fraud. Thus, a person gets to the second level of deception — here the consequences are more serious.
Through young clients, scammers can gain access to the finances of the whole family. Especially if they isolate themselves from relatives and begin to carry out transactions with family property.
"Scammers operate according to the hydra principle: once one scheme is stopped, new ones appear in its place"
— How to eliminate fraud in this case?
— Scammers operate according to the hydra principle: once one scheme is stopped, new ones appear in its place. Last year, we recorded about 40 main scenarios, but now their number has grown to 95. This suggests that it is difficult for attackers to use the same method for a long time, so they are constantly adapting.
Blocking calls via messengers has really dealt them a significant blow. However, criminals quickly adapt to new conditions — for example, they began to actively call from abroad. They specifically select international country codes that are visually similar to city codes. For calls to St. Petersburg (code +812), they use a number with a suitable code. At a glance at the phone screen, such calls do not arouse suspicion.
We have built a layered T-Protection platform. It includes more than 30 security technologies that protect customers at every stage of the fraudulent scheme: from the first call to the withdrawal of money. So, last year we saved 33 billion rubles in customer accounts.
For example, T-Bank's toll-free caller ID will tell you who is calling and when not to pick up the phone. He records 22 million calls from scammers and spammers per month.
If the criminals somehow managed to reach the customers, they will be stopped by a "Neural shield" - one of the most powerful tools. The technology analyzes the sound wave during a conversation, searches for communication patterns of scammers and compares the information with an internal database. If there are a lot of suspicious matches, it will break off the conversation and warn the client about the danger.
Every month, Neuro Shield, along with other security technologies, detects and interrupts over 82 million fraudulent calls.
In addition, we are implementing services such as "Protection of loved ones". The user can set a limit — for example, 1 thousand or 500 thousand rubles — above which a confirmation of a loved one will be required. Even if the limit is not exceeded, but there is an early withdrawal of the deposit or loan processing, the relative will immediately receive a notification.
One in the field is not a warrior — when we are together, it is more difficult for scammers to mislead.
"A good criterion can catch 50 scammers, but affect half a million people"
— In your opinion, what changes in legislation are capable of dealing just such a serious blow to fraudsters, will it help to eradicate them somehow? How is the interaction with regulators and government agencies going on this issue, in this area?
— We are actively cooperating with the Central Bank and the Ministry of Finance. Earlier, the Anti-Fraud law was adopted, the first version of which later became known as 41-FZ. The GIS anti-fraud system is currently being developed, a comprehensive system that helps banks and telecom operators share important information about customers who may be at risk of fraud. This will make it possible not to wait for each bank to independently determine that the customer is a victim or a fraudster, but to centralize the data for a more rapid response.
In my opinion, this is a very good initiative. The signals that will be transmitted will help raise the level of anti-fraud in the country. It is important that the interaction is as open as possible. If there is an attempt at commercialization, then instead of protecting citizens, there will be a situation where someone will try to benefit. We believe that the approach should be comprehensive — it should be useful to everyone, and citizens should be protected by both telecom operators and the banking community.
It is important to continue the dialogue between the expert community and banks, this also applies to the cooling criteria. When new criteria are being developed, it is necessary to take into account how many ordinary citizens they will affect. A good criterion for detecting fraud can catch 50 scammers, but also affect half a million people who will not be able to meet their needs and will have to wait. It is important to maintain a balance here.
Переведено сервисом «Яндекс Переводчик»
