Once you have access to your banking app, you can steal money from all your accounts at once. You don’t even have to hack your smartphone to do this. Together with an expert from Sberbank, we understand the working scenarios of cyber fraudsters
Why hacking and surveillance usually have nothing to do with it
Users often misjudge the risks associated with the theft of money and data. For example, many people think that in order to gain access to a bank account, cybercriminals hack smartphones or obtain passwords by watching the victim through a laptop camera.
“In fact, we have never encountered a situation where hacking a phone or access to a camera led to the theft of funds,” says Sergei Veligodsky, director of the anti-fraud department at Sber.
Attacks on bank accounts, which customers also fear, occur relatively frequently. But banks are successfully fighting them. Thus, according to the Central Bank, in the second quarter of 2023, credit institutions repelled 6.5 million such attacks. As a result, the scammers failed to steal 911 billion rubles.
The situation is similar with biometrics. Now there are many tools that allow you to synthesize voice, photo and even video with user participation. Including based on recordings posted on social networks. But banking biometric systems cannot be fooled by this.
“Our algorithms read facial movements and many other parameters,” the expert emphasizes.
In fact, criminals do not need such technical tricks: everything happens much simpler. Fraudsters use three main scenarios to steal data that gives access to customers’ money.
Scenario 1: the client transmits the data itself
More than 90% of data theft cases are the result of communicating with scammers over the phone. They are presented by the bank’s security service, employees of the mobile operator, and the Gosuslug portal.
The user is asked to check card details and is asked to dictate codes from SMS messages or a password for online banking.
Prepositions can be very different. For example, the details allegedly do not match each other in some banking systems, or some transaction on the card turned out to be suspicious. To avoid having your cards and accounts blocked, you need to provide up-to-date information.
“As a result, clients share all their data and disclose critical information to third parties. This is the most common scenario,” says Sergei Veligodsky.
When talking to a user, scammers use information obtained through leaks or information from social networks. For example, if a potential victim has a pet, then the attackers may mention that a suspicious operation was carried out at a pet store.
To carry out a transaction using a client’s card, fraudsters only need the details – confirmation codes are not always needed. “Not all online services require confirmation of transactions via SMS. On many sites you can make a large purchase, worth several tens of thousands of rubles, without a one-time password,” explains the expert.
If the client also shared his online banking password, the damage is much greater. Criminals instantly withdraw funds from all available accounts and deposits.
Scenario 2: Remote Access Connection
Approximately 5% of all cases of cyber fraud involving the theft of data and funds are associated with remote access to a mobile phone. Moreover, users install fraudulent software themselves.
Attackers call the client, posing as employees of a bank or law enforcement agency, and ask to install the software “as part of an investigation of offenses” or under other pretexts.
After Russian online banking applications were removed from official foreign stores, scammers came up with another scheme. Customers are asked to reinstall the application and are sent an installation file, the name of which is displayed as “Sberbank Support”.
“But the customer actually downloads open source software to access information on the device and control it remotely. This is how attackers gain access, including to the Sberbank Online application and SMS from number 900,” says Sergey Veligodsky.
Moreover, such software gives fraudsters access to all banking applications installed on the smartphone. And the user loses funds in all credit institutions.
If a customer’s account has pre-approved loans, criminals sometimes apply for final approval and withdraw the loan funds. But this is a relatively rare case. When applying for a loan, real bank employees can call the client to clarify the details. Criminals are afraid of unnecessary communication: after such a call, the user will suspect something is wrong and will realize it before all the money is withdrawn.
Scenario 3: Phishing
Stealing data and money through phishing has recently become less popular. Thus, in mid-2023, the Central Bank noted a reduction in phishing attacks by 40%.
But this type of fraud scheme has seasonal spikes. Before the holidays – New Year, March 8 and February 23, fraudulent sites appear on the Internet, allegedly selling cheap gifts. A similar situation occurs at the beginning of the summer season: fake stores offer to buy gardening and vegetable gardening goods at prices below market prices.
Then everything is simple: the user follows the phishing link and enters the card details on the fraudulent site. The data gets to criminals who try to withdraw funds from the cards.
According to the director of Sber’s anti-fraud department, the bank has already learned how to stop such cases. “Our system identifies such cases with 99.6% efficiency. When card data is compromised, it is blocked. And the client reissues the card to get new details,” he says.
How to properly protect yourself from cyber fraudsters
- Since data theft most often involves communicating with scammers over the phone, the main protection tool is a service for checking incoming calls. It can be connected in the Sberbank Online application. This is part of the bank’s comprehensive protection against intruders.“Today, our database contains about 1.5 million fraudulent numbers,” notes Sergei Veligodsky. In addition, they use their own fraud monitoring system to check calls.
- How does the service for checking incoming calls from Sber work?
- To activate the service, you need to go to the “Security” section of the Sberbank Online application. Then activate the “Check incoming calls” option.
- If a scammer calls a customer, a warning appears on the screen.
The system checks calls received both over the mobile network and from popular instant messengers. - The service is completely free and works on Android and iOS.
For cases where the client did provide data to fraudsters, there is another level of protection – blocking access to accounts. The “Close access” button is located in the “Security” section. After the user activates this option, he will be served only at the bank office until the accounts are unblocked and cards are reissued.
In the same section of the application, you can report the attacker to the bank and check whether your data has been leaked to scammers.
Sergey Veligodsky from the anti-fraud department also reminds us of the “golden rules”, the observance of which allows us to secure user data and funds.
Be critical of all unverified sources of disturbing news. Fraudsters often use socio-political events and incidents (both real and fictitious) to convince customers to hand over data or transfer money.
Remain vigilant when communicating with strangers by phone or instant messenger. Neither bank or Central Bank employees, nor law enforcement officials ever ask for card and account details or to transfer funds anywhere.
If they try to convince you that something happened to your loved ones or friends, contact them before making any transactions.
Be careful when posting information about yourself in the public domain, including in instant messengers and social networks.
Change your passwords regularly, especially in those services where you indicated your phone number and bank card details.
Do not hesitate to contact the bank and call the support service yourself if you have any doubts.
Read more about how to prevent yourself and your loved ones from being deceived in our special project “Security Tip: How to Protect yourself from Cyber Fraudsters.”
