Scam artists are perfecting a novel deception tactic aimed at Russian citizens, involving two telephone conversations.
Warning: Scammers are using a cunning strategy to deceive Russians
There's a new technique on the rise, a two-call scam targeting unsuspecting Russians. This scheme, initially reported by Lenta.ru, indicates that cybercriminals are getting trickier in their pursuit of personal information and monetary gains.
Security expert Ekaterina Rudaya from SKB "Contur" explains how it works. First, scammers call the victim, pretending to be sending a package or offering a service. The objective at the outset is to draw the victim into a conversation, gathering crucial details like SMS codes, addresses, and card numbers. Even minimal information sets the stage for future attacks, Rudaya points out.
Next arrives the second call—scammers impersonate employees from government agencies, banks, or even claim an emergency hack has occurred. They ask the victim to call back and share these previously gathered details, leading the victim to believe they're being offered assistance.
"The scammer increases the pressure, stating that hackers have breached your data but they're willing to help," Rudaya clarifies. The final stage grants the scammer complete control, as the victim, panicked, may supply any information.
Scammers aim to transform panic into money, often through blackmail or access to the victim's bank account. Don’t let them!
So, as per Rudaya, refrain from sharing SMS codes with anyone, even if they claim to be banking or government personnel. Avoid answering calls from unknown numbers, too.
Just a heads up, while the specific "two-call scam" details aren't explicitly revealed, current Russian scams employ social engineering tactics across multiple phases. You might find scammers posing as authorities, medical professionals, or financial institutions and escalating their requests for sensitive data or actions.
Fraudsters may also adopt fake credentials, such as spoofing French government agencies and media outlets to construct a sense of legitimacy. Keep these protection strategies in mind to dodge such scams:
- Don't hand over authentication codes: Genuine organizations never demand SMS codes, Gosuslug passwords, or banking details over the phone.
- Verify independently: If you have doubts, contact institutions directly using their official phone numbers or websites instead of relying on the information provided by the caller.
- Secure your loved ones: Install caller ID apps, enable loan-blocking features on their banking apps, and alert elderly relatives about urgent payment demands or claims of family members in danger.
- Question implausible claims: Scammers are beginning to weave narratives centered around geopolitical events to exploit patriotism or fear.
Past cases exemplify the damage these scams can inflict. For instance, a Russian woman lost over 1 million rubles due to manipulation, and a pensioner parted with 10 million rubles to phone scammers. If a caller presses you to act urgently, hang up and report the number to the Russian Federal Security Service (FSB) or local cybercrime units immediately. Stay vigilant and safe!
- Scammers, employing a two-call strategy, are deceiving unsuspecting Russians by first posing as courier services or offering services, gathering SMS codes, addresses, and card numbers.
- Ekaterina Rudaya, a security expert, warns that even minimal information can set the stage for future attacks, as scammers subsequently impersonate government agencies, banks, or claim an emergency hack has occurred.
- Scammers ask victims to call back and share previously gathered details, increasing pressure and creating a sense of assistance, but their true intention is to access personal finance and technology details.
- In 2025, it is essential to refrain from sharing SMS codes with anyone claiming to be banking or government personnel, avoid answering calls from unknown numbers, and be wary of implausible claims that exploit geopolitical events.
