Director of the Department of Security Analysis and Fraud Prevention
Posted: Thu Jan 23, 2025 5:43 am
According to Bi.Zone, the scheme works like this: the interlocutor introduces himself as the CEO of the organization where the victim works. The attacker addresses the employee using his first and middle name to gain trust. During the conversation, the fraudster warns about an upcoming call from the Ministry of Industry and Trade of Russia. He asks not to tell anyone about the conversation, and after it - to report how everything went. After this, the victim receives a call from an unknown number, during which he asks for confidential information and forces her to make financial transactions in favor of the fraudsters.
at Bi.Zone Evgeny Voloshin cyprus whatsapp resource reported that the attackers continue to improve their social engineering methods. "Specifically, in this scheme, the fraudsters exploit the trust of employees in the company's top manager and the fear of facing the consequences of refusing to comply with the requirements. Attempted attacks have already been made on employees of government organizations and the consumer segment of business. However, the attacks may also affect representatives of other industries, since the scheme is universal," explained Evgeny Voloshin.
Lawyer and member of the Committee of the Chamber of Commerce and Industry of the Russian Federation on Entrepreneurship in the Sphere of Media Communications Pavel Katkov said that from the point of view of the criminal-legal qualification of the act, the law enforcement tools are wide and they will be able to apply "anti-hacker articles": Article 272 of the Criminal Code of the Russian Federation (CC RF) "Unauthorized access to computer information" and Article 273 of the CC RF "Creation, use and distribution of malicious computer programs", together with Article 159 of the CC RF "Fraud", which is traditional for such acts.
"These are old articles, they are more than 10 years old, and each has real practice. There is more of it under Article 159, because it is old, broad and "offline", while the other two are focused on the digital environment. In 2023, leaks, telegrams and calls from "bank security services" attracted the most attention, but full statistics for 2023 have not yet been collected. Perhaps, at the end of the year, the authorized body will prepare a report," said Pavel Katkov.
Vladimir Aryshev, an expert on complex information security (IS) projects at Step Logic, believes that social engineering is one of the ten main IS threats, and protection against such attacks requires a comprehensive approach and the use of multi-level protection.
"The most effective systems are those of the Security Awareness class, which allow selecting the training content needed for a specific organization, delivering it to the user in a convenient and accessible form, and then testing the acquired skills using test attacks, for example, phishing mailings. In addition, such solutions have the ability to integrate with existing training systems in the company, and some - with technical means of protection," commented Vladimir Aryshev.
Independent IT market expert Vadim Plesskiy disagrees with Bi.Zone's position and is sure that some Russian companies like to first come up with a problem, and then offer a way to solve it and send out messages about a new type of attack they have discovered.
"The absurdity of the problem of this type of attack, which Bi.Zone reports, can be understood from their phrase: "The attackers contact company employees using fake Telegram accounts. The accounts contain the last name, first name, patronymic, and photos of top managers."
Firstly, Telegram is not a corporate messenger. Communications in companies should take place through corporate means. Secondly, specially trained people who understand what information is sensitive should communicate with third-party contractors in the company. Thus, the "problem" described above is far-fetched for corporate users. Companies need to use proven corporate communication tools, and there will be no such security problems," Vadim Plesskiy concluded.
at Bi.Zone Evgeny Voloshin cyprus whatsapp resource reported that the attackers continue to improve their social engineering methods. "Specifically, in this scheme, the fraudsters exploit the trust of employees in the company's top manager and the fear of facing the consequences of refusing to comply with the requirements. Attempted attacks have already been made on employees of government organizations and the consumer segment of business. However, the attacks may also affect representatives of other industries, since the scheme is universal," explained Evgeny Voloshin.
Lawyer and member of the Committee of the Chamber of Commerce and Industry of the Russian Federation on Entrepreneurship in the Sphere of Media Communications Pavel Katkov said that from the point of view of the criminal-legal qualification of the act, the law enforcement tools are wide and they will be able to apply "anti-hacker articles": Article 272 of the Criminal Code of the Russian Federation (CC RF) "Unauthorized access to computer information" and Article 273 of the CC RF "Creation, use and distribution of malicious computer programs", together with Article 159 of the CC RF "Fraud", which is traditional for such acts.
"These are old articles, they are more than 10 years old, and each has real practice. There is more of it under Article 159, because it is old, broad and "offline", while the other two are focused on the digital environment. In 2023, leaks, telegrams and calls from "bank security services" attracted the most attention, but full statistics for 2023 have not yet been collected. Perhaps, at the end of the year, the authorized body will prepare a report," said Pavel Katkov.
Vladimir Aryshev, an expert on complex information security (IS) projects at Step Logic, believes that social engineering is one of the ten main IS threats, and protection against such attacks requires a comprehensive approach and the use of multi-level protection.
"The most effective systems are those of the Security Awareness class, which allow selecting the training content needed for a specific organization, delivering it to the user in a convenient and accessible form, and then testing the acquired skills using test attacks, for example, phishing mailings. In addition, such solutions have the ability to integrate with existing training systems in the company, and some - with technical means of protection," commented Vladimir Aryshev.
Independent IT market expert Vadim Plesskiy disagrees with Bi.Zone's position and is sure that some Russian companies like to first come up with a problem, and then offer a way to solve it and send out messages about a new type of attack they have discovered.
"The absurdity of the problem of this type of attack, which Bi.Zone reports, can be understood from their phrase: "The attackers contact company employees using fake Telegram accounts. The accounts contain the last name, first name, patronymic, and photos of top managers."
Firstly, Telegram is not a corporate messenger. Communications in companies should take place through corporate means. Secondly, specially trained people who understand what information is sensitive should communicate with third-party contractors in the company. Thus, the "problem" described above is far-fetched for corporate users. Companies need to use proven corporate communication tools, and there will be no such security problems," Vadim Plesskiy concluded.