Special project

Online fraud is constantly evolving. Attackers adapt and change divorce schemes: they can use cases that have already been forgotten by most users, as well as use “fresh” little-known options. It’s hard to deal with the latter - it happens that the user seems to have done everything right so as not to fall for tricks, but ended up in a not very pleasant situation. Today, together with Kaspersky Lab, we will look at several such non-obvious scam schemes and tell you how to avoid them.

Phishing and scam content in social networks and instant messengers

To begin with, let's recall what phishing is in general. This is a type of fraud that involves forging the page of a well-known organization in order to steal personal data from the user (login / password, bank card details, etc.) and then use them to steal money or other confidential information.

Example: a letter purporting to be from Google (or any major Internet corporation) arrives in the mail, which reports that the user's profile has been hacked and invites you to follow a link to verify the identity of the real account owner. This link - of course not real - can lead to a fake login page. If you enter registration data in it, they will become known to attackers.

Less is known about the fact that ill-wishers can distribute phishing and scam messages on social networks and through instant messengers - allegedly on behalf of popular personalities or company accounts - less is known. At the same time, this method is very viral, often users themselves share links to such content with each other. A few years ago, Kaspersky Lab told how scammers advertise paid surveys on popular social networks on behalf of fake celebrity accounts. “Popular brands are conducting a rewarded survey!” or “We are giving away a million with a popular burger joint!” - in such schemes, the victim is promised easy money, and then they extort money from him with "commissions", "service fees" and "fixing payments".

Fraudsters announce their own promotions in such a way that the maximum number of social network users find out about it. For example, they post comments on the publications of real popular bloggers (it is clear that without their consent). That is, attackers are trying to ingratiate themselves: celebrities look much less suspicious than strangers and / or suspicious offers from companies.

In fact, such ads are posted from fake accounts. If a user follows such an “offer” and goes to the profile of the user who left a false comment about the survey and / or draw, then it contains a link to a web page where everything is allegedly clearly described. It also works with the "Read More" button in advertisements.

But the result is the same. Those who agree to take the survey because of a cash prize will first be asked for personal information - first and last name, phone number, email address - and then they will be asked to make a "fixing payment". After it, the victim will not receive anything, and it is also unlikely that the amount transferred to the attackers' account will be returned. In addition, a person risks the safety of his personal data if he entered them on such a resource.

Recommendations on how to avoid such divorces in social networks and instant messengers:

Fake Social Benefits and Identity Theft Apps

An even more sophisticated form of fraud that official app stores suffer from is fake software. The sites are struggling with them, but due to the large amount of software, it is not always possible to do this quickly.

So, at the end of August, several new scam programs using the topic of social payments, including in connection with the coronavirus infection, were discovered in a popular app store. Applications are created in order to extort money from users. If a person downloads and opens any of them, he automatically gets to a fraudulent page, where he is asked to enter personal data (full name and date of birth) and pay a fee allegedly for making a transfer or legal services in order to receive money. But, having fulfilled this requirement, the user does not receive anything. To add credibility in some applications, the attackers even created a dialog box in which the user can correspond with a bot - supposedly a lawyer who calculates the amount of the due payment.

Another example: Kaspersky Lab talks about a row of twenty applications (one with over a million installations) masquerading as a catalog of mods for Minecraft. These applications did not contain any mods and did nothing useful - except for intrusive display of ads and launching "left" programs. The danger is also that even after the removal of “malware” from Google Play, after a while they appear there again. Their developers make minor changes and reload them.

Неочевидные примеры онлайн-мошенничества: когда юзеры делали все правильно, но стали жертвами злоумышленников

There are other types of scams as well. Not without the theft of accounts already mentioned above through the entry of logins and passwords by users on fake authorization pages. For example, a fake app for advertising on the social network TikTok required you to enter your Facebook credentials. If this happened, the profile was stolen.

But all these types of threats have one thing in common - they are designed for mobile devices. Often, users do not expect to encounter fraud when using a smartphone. This is what attackers are counting on.

Recommendations on how to avoid such situations for mobile device users:

The offer to download the expected game before the official release is most likely fake

The purpose of the scammers in this case is exactly the same as in the others - the user's personal information or his money. Let's do it again: the most valuable thing in your smartphone, tablet, laptop and any other technology is not the screen, motherboard or camera that is expensive to replace, but the personal and payment data stored on the device. It is their loss that threatens with the greatest financial and reputational costs in case of loss or theft. Remember this!

Some time ago, cybercriminals passed off the ransomware as a beta version of the Cyberpunk 2077 game for Android. In December 2020, Kaspersky Lab experts discovered a “beta version of Cyberpunk 2077 for Android” online. It could be downloaded for free. But at that time, the developer did not announce a mobile version of the game in any form.

The site of the "mobile version" outwardly did not look like the official site of Cyberpunk 2077. But its creators assured that the beta was released on the day of the official release of the game and at that time about a thousand people had already downloaded it. Some of them even left reviews, noting that the game is not bad for a beta version. Of course, the reviews were fake.

At startup, the application first of all required access to files on the device and did not want to work without this permission. If the user gave it out, he still couldn’t play. Instead of Cyberpunk 2077, the victim saw a ransom demand.

Recommendations on how gamers can avoid such situations:

Fraud targeting crypto investors

It would seem that people involved in the cryptocurrency business are definitely aware of the possible attacks of scammers and will not fall for them. But this is not always the case. This once again proves that attackers quickly adapt to changing market conditions.

Experts describe several common schemes designed to both swindle user data and get money from them. Among them:

Recommendations on how not to fall for the bait of intruders are quite standard, but no less effective:

Kaspersky Internet Security for Android is the protection of mobile devices. The solution will protect your smartphone or tablet from malware and unwanted ads, warn you about phishing links in instant messengers, mail and browsers. The app will also notify you of spyware and stalkerware that can track your location, chats, and social media activity. The application has an "Anti-theft" function, with which you can remotely lock the device, as well as erase confidential data from it in case of theft or loss. The rating of Kaspersky Internet Security on Google Play is 4.8, and the number of installations has already exceeded 50 million.

The special project was prepared with the support of Kaspersky BLR Laboratory LLC, UNP 193371227.