- Статьи
- World
- A game for promotion: how scammers use the topic of indexing social benefits to deceive Russians
A game for promotion: how scammers use the topic of indexing social benefits to deceive Russians
Fraudsters are trying to steal personal data of Russians against the background of the indexation of payments, the Social Fund of Russia (SFR) warned about this. According to the SFR, at the beginning of 2026, people began to receive offers to check the amount of payments using chatbots and applications that need to be installed on a smartphone - but in fact, such an installation opens up wide opportunities for criminals to commit crimes. For more information about how scammers speculate on the topic of indexing social benefits, how dangerous their schemes are and how to protect themselves from them, read the Izvestia article
What did the SFR say about the new fraud schemes?
The SFR published a message on February 9 in its channel on the MAX platform that fraudsters are trying to steal personal data of Russians against the background of the indexation of payments.
"Against the background of indexation in January and February, people began to receive offers to check the amount of payments using chatbots and applications that need to be installed on a smartphone. As a result, such services steal SNILS, bank card data and other information, giving attackers access to people's funds and the opportunity to act on their behalf," the report says.
The SFR urged Russians not to use unknown services and applications. They also recalled that official information on the amount of payments is available on the Gosuslugi portal, in the client services of the Social Fund, the IFC, as well as in the unified contact center for social issues. Izvestia contacted the SFR for an official comment on fraudulent mailings, but at the time of publication of the material, no response had been received from the foundation.
— Topics related to financial charges always arouse increased interest among the population, — says Anastasia Osipova, an analyst at the Positive Technologies research group. — News about the indexation of benefits, pensions and other social benefits are becoming the object of special attention not only from citizens, but also from intruders who have long learned how to use this topic to create effective fraudulent schemes.
What schemes on the topic of indexation of payments to expect in 2026
In 2026, the most common method of fraudsters on the topic of indexing social benefits remains the use of messengers, says Anastasia Osipova. The attackers offer citizens to use special chatbots to find out the amount of charges. Under the guise of government online services, they massively collect personal data of citizens.
"From the point of view of transmitting information, a chatbot is a tool for interacting with a user, just like, for example, a form for filling out data on a website," Mikhail Sytnik, an expert at Kaspersky Lab, explains in an interview with Izvestia. — Therefore, when transferring personal data, you should always keep in mind confidentiality.
In addition, according to Anastasia Osipova, there are cases of fake applications being posted in official smartphone stores, chat rooms, messengers or social networks. Such applications usually copy the names and interface of services in whole or in part, but in fact they also collect all confidential information from the device or directly steal user funds.
In February 2026, attackers advertised bots and applications that make it easy to find out how the unified cash payment (EDV) has changed, a measure of social support for privileged categories of citizens, which is established and paid by the SFR, adds Maria Mikhailova, head of the Angara MTDR brand protection group. In January 2026, the media reported on the next indexation of EDV from February 1, 2026 by 6.8%, which the scammers took advantage of.
— In particular, the bots requested information about the SNILS, INN and other personal data of the victim to "verify the right to index," says the expert. — In the end, such a leak of personal data leads to a loss of funds.
What schemes have you encountered before on the topic of payment indexing?
Fraudulent schemes exploiting the topic of indexing social benefits are a cyclical threat: according to Konstantin Larin, head of the cyber intelligence department at Bastion, they become active at the beginning and end of the financial year, when people apply for a tax deduction or wait for recalculation on payments already made. Anastasia Osipova agrees that they have existed for a long time.
— Previously, such schemes were based on the use of mass phone calls: for example, fraudsters pretending to be employees of the Pension Fund could call with a request to provide card details for pension recalculation, — says the interlocutor of Izvestia.
According to Anastasia Osipova, with the development of digitalization of public services, instead of directly requesting data, fraudsters prefer to create the illusion of legitimate interaction with government agencies through imitation of official online services: chatbots, third-party applications, messenger channels and groups on social networks.
In turn, Maxim Fedosenko, a leading engineer and analyst at the Gazinformservice cybersecurity analytical center, points out that the target audience of such schemes has greatly expanded. Previously, these were mainly people with low digital literacy (mostly pensioners), but now the entire economically active population receiving salaries, social benefits and tax deductions is under attack by fraudsters.
"The main danger of such schemes is not only the one—time loss of all your savings, but also the digital compromise of your identity," says the expert. — By downloading a malicious application or archive, the victim gives the attackers his digital portrait and the digital key to his life with his own hands.
Thanks to this, fraudsters gain access to the device and all the data on it, which allows them to read correspondence, intercept SMS checks from banks, apply for loans through financial applications, while the owner is unaware of what is happening, Maxim Fedosenko warns.
How to protect yourself from fraud schemes on the topic of indexing payments
According to cybersecurity experts interviewed by Izvestia, in order to protect themselves from fraud schemes on the topic of indexing social benefits, it is necessary to follow the basic rules of digital hygiene. According to Maxim Fedosenko, first of all, it is important to enable the "zero trust" mode for any incoming files from unverified sources and to understand in general terms how to verify fraud attempts.
—Protection is based on basic but strict rules: to receive information about indexing and payments only through official channels — a personal account on the Gosuslugi portal or the SFR website," says Alexandra Shmigirilova, GR Director of the Security Code Information Security company. — In case of doubt, dial the hotline number of the government agency or bank yourself, found on their official website.
Government agencies never send archives (.zip, .rar) and application installation files (.apk, .exe) in messengers or by mail, and any urge to "update the application" or "download documents in the archive" via a link from an unverified chat is a hacking attempt, Maxim Fedosenko recalls.
As for verification, official chats often have a "blue check mark" next to the name, official websites have a "green lock" next to the address, and you can double—check information about them from a well—known official source. To do this, simply log into your personal account on the Gosuslugi portal.
— It will also be useful to use a separate card with a limit for online payments and enable SMS notifications about transactions. And it's also worth using a reliable security solution that recognizes a phishing or scam resource in time," concludes Mikhail Sytnik.
Переведено сервисом «Яндекс Переводчик»
