Disrupt the voices: how scammers use the topic of online petitions
Fraudsters are actively using the topic of public initiatives and petitions to steal personal and credentials of citizens — experts have warned about a new large-scale phishing campaign. The attackers create many fake Internet resources that mimic services for collecting public petitions, including appeals to the country's leadership. For more information about how scammers use the topic of online petitions, how dangerous such schemes are and how to protect themselves from them, see the Izvestia article
What is known about the phishing campaign with online petitions
Experts from the brand protection department of Angara MTDR told Izvestia about a new large-scale phishing campaign, in which fraudsters actively use the topic of public initiatives and petitions to steal personal and credentials of citizens. According to experts, scammers create a variety of fake Internet resources that mimic services for collecting public petitions, including appeals to the country's leadership.
All identified resources have an almost identical structure, visual design, and user interaction functionality. A pseudo-register of appeals is posted on the main pages, the bulk of the petitions are aimed at supporting participants in the fighting or perpetuating the memory of those who died in the SVR zone.
The key element of the fraudulent scheme is an offer to sign a petition through the Gosuslugi system. When trying to log in, the user is redirected to a phishing page that accurately copies the interface of the official portal. The entered login and password, as well as other data, are directly intercepted by criminals.
"Scammers collect additional databases of personal data, inviting users to create a petition themselves, requesting a full name, phone number and e-mail," says Arseniy Pashinsky, an expert in brand protection at Angara MTDR. — To give credibility to the domain names of fraudulent sites, words related to civic engagement are used: zov, petition, initiative, obrashenie and their various combinations.
What is the topic of online petitions interesting to scammers?
The use of socially approved topics and an almost exact visual copy of the authorization interface through the state platform are signs of a high—risk and sophisticated attack, says Arseniy Pashinsky. According to the expert, many users, seeing a familiar design and a plausible excuse, lose their vigilance and voluntarily transfer access to their accounts.
— Online petitions are an effective tool for attracting the attention of authorities or organizations to any sensitive issue, which means that the more critical the topic of online petitions becomes, the more likely it is that people who want to speak out and receive some kind of response to their request will join this process, — says in an interview with Alexander Shmigirilova, GR Director of the Security Code Information security company, told Izvestia.
This means that the actions of scammers will not require much effort, they will not have to persuade a potential victim and spend time collecting as much information about her as possible — the person himself will voluntarily provide the necessary data, the expert emphasizes.
In turn, Sergey Polunin, head of the Gazinformservice IT infrastructure solutions protection group, points out an important point: potential victims of intruders voluntarily transfer their data, believing that they are participating in an important case, since real petitions really involve entering personal data, from full names to passport numbers. This is the perfect combination of phishing and civil position manipulation that scammers use.
What schemes on the topic of online petitions have you encountered before?
Requests for participation in petitions are most reliably made on behalf of political figures and media personalities, Alyona Yartseva, an analyst at Positive Technologies, says in an interview with Izvestia. In this regard, in 2026, attackers can use AI content for persuasiveness, create photos and videos of the person on whose behalf the fake page is being run.
— Scammers can contact you in a variety of ways — for example, write to a home chat, introducing themselves as a local MP, or post a generated news fragment on a social network with a link to their "petition," the specialist warns.
At the same time, the attackers have used the subject of online petitions before. So, according to Alyona Yartseva, most recently in St. Petersburg, fraudsters from the fake account of the vice-governor offered residents of the city to sign petitions for the installation of various equipment on the house territory. To vote, it was suggested to switch to the Telegram bot, and then send the code from the SMS. This scheme led to the loss of the account.
Previously, fraudulent petitions usually relied on some high-profile information channels, whether it was mobilization, repeal of a law or payments to families, adds Sergey Polunin. The attackers simply made clones of the websites of public initiatives, slightly changed the code and thus collected data. It was often a matter of stealing accounts, rather than trying to get money, the expert notes.
— Psychologically, people will easily feel the discrepancy if they are asked to deposit a symbolic amount on the petition site, — says Sergey Polunin. — However, on the other hand, having received a dopamine boost from the realization of their civic position, a person can click on the link and at the same time donate some money to another "noble" cause.
According to Alexandra Shmigirilova, fraud schemes on the topic of online petitions can be directed at many citizens. At the same time, if we are talking about some issue relevant to a particular district or city, the circle of those involved decreases, but the likelihood of attracting attention and receiving active responses increases. If the issue is general and relevant to the whole country, then the probability of getting an active audience for intruders will be lower.
How to protect yourself from online petition fraud schemes
In their online petition schemes, attackers can use news events and holiday-related topics to increase the number of potential victims, Alyona Yartseva notes. At the same time, the transfer of personal personal data to fraudsters may threaten the loss of digital identification — in other words, the likelihood of losing access to personal accounts on the Gosuslugi portal and in bank applications increases.
— In addition, when clicking on fake links, there is a risk of installing malware on the device, which will completely transfer control of it into the hands of fraudsters, and you will lose all the data on it, and you will not even be able to simply block it, — warns Alexandra Shmigirilova.
In turn, Sergey Polunin notes that financial damage from such phishing can occur immediately, but an attack using stolen data can begin even months later. In order to protect themselves from such threats, the interlocutors interviewed by Izvestia advise following certain safety rules.
In particular, Olga Altukhova, a cybersecurity expert at Kaspersky Lab, recommends that you be critical of any online messages and not follow links from questionable correspondence. At the same time, to protect your data and money from scammers, you should use a reliable security solution — it will not allow you to switch to a phishing or scam resource.
— It is important to check the source of information and the platform itself on which the petition is posted, as well as carefully look at the website address, since scammers often use domains that visually resemble well—known resources, - advises Alexander Vinokurov, R-Vision technical account manager.
If a friend sent the link with a request to do something urgently, it is better to additionally contact them in another way, for example by phone, and clarify the details. Also, it is not necessary to provide excessive personal data if their request does not look reasonable, the expert concludes.
Переведено сервисом «Яндекс Переводчик»
