Fraudsters began to transfer money from banking applications to third-party accounts, making copies of SIM cards by phone number. This follows from a message received by RBC from the manufacturer of ESET antivirus software.
ESET has described the actions of the scammers step by step. It all starts with creating a fake social media account or buying an account that a real user rarely uses. At the second stage, cybercriminals use an advertising account and search on Facebook and Instagram to look for victims – entrepreneurs and business owners.
Further, the scammers try to find out the phone number, for example, by writing on behalf of some girl. “She often lives in another city, but has little in common with the object of deception (she graduated from the same university, their hobbies coincide, etc.). Further, the fraudster under the account of a friendly interlocutor tries to find out the phone number of the person who entered the correspondence, ”- says ESET. One of the options could be to transfer the communication to WhatsApp, where the phone number is always visible.
Having found out the phone number, the attackers make a fake power of attorney to receive a duplicate SIM card. In this case, most often the application is submitted at a small branch of a mobile operator in the other end of the country or time zone. As a result, the scammers call the bank, to whose card the phone number is attached, and try to recover the password from the banking application, in which they then transfer money to another account.
Earlier, Sberbank warned how fraudsters steal money through instant messengers under the guise of raffles of cash prizes. Initially, the competition is announced on the Internet, and then those who subscribed to the newsletter are offered to choose a messenger where a phishing link appears with a “prize” size, for example, from $ 50 to $ 5 thousand.
Following this link, the user goes to a chat with the “administrator” of the drawing, who asks to pay a commission in order to convert the winnings into rubles. Thus, attackers deceive the card number, name, expiration date and three-digit CVC code.
