Security Security strategy Government regulation For the user Business IT in banks Equipment
26 November 2022 16:1226 November 2022 16:12 | Share
Criminals have mastered a new scheme to deceive Russians - they call them on behalf of credit history bureaus and say that banks have repeatedly requested their credit history in order to provide a loan, possibly to scammers. The callers convince the victim that she needs to take out a “mirror” loan so that the money does not go to third parties, and immediately return it to the bank, slipping them their own bank account.
The evolution of fraudulent schemes
A new fraudulent scheme to steal money from the population is gaining popularity in Russia. The attackers call potential victims and introduce themselves as employees of a credit history bureau, stating that unknown people want to take out a loan using their passport.
“Scammers call pretending to be employees of a credit history bureau. They inform the subscriber that they have received three or five requests for his credit history (CI) from major banks. When the victim objects that she has not submitted any applications for loans, the bureau’s pseudo-employees lead her to believe that right now someone is trying to get loans in her name,” the United Credit Bureau told RIA Novosti.
Having told about this, the scammers begin to wonder if the person has recently lost his identity documents, simultaneously finding out which banks he uses. Having specified the information they need, they notify the interlocutor that they will transfer it to the security service of his bank (or banks). All of the above is just the first part of the diagram.
Call from the bank
Some time after the first conversation with the potential victim, the scammers call her again, this time introducing themselves as bank employees and confirming the fact of an attempt to take out a loan using her passport details. Then they tell you that there is a way to prevent it from the comfort of your home.
Anyone can fall for a scam
The victim is told that in order to prevent illegal manipulation of her passport data, she needs to perform a “mirror” action as quickly as possible, that is, immediately submit an online application for a loan and inform the caller of all confirmation codes received from the bank. After receiving the loan, the victim will simply need to transfer the borrowed funds to a specific account, after which the loan will be automatically closed.
“Naturally, the account belongs to the scammers themselves,” the United Credit Bureau emphasized. As a result, a person deceived by a fraudster not only does not close the loan he personally received, but also transfers all the money to the criminals, after which he is left alone with a new debt to the bank, which he will have to close within a certain time, depending on the size of the loan.
Your call is very important: how scammers tried to impose a loan on me
Lately, it seems that scammers have started calling even more often than friends and acquaintances. I somehow even got used to the supposed security service of supposedly Sberbank, which is interested in whether I made a transfer to Ivan I. from Novosibirsk. But then they called with a new approach for me: this time about a loan. Perhaps some of you have even encountered a similar scheme, but this is my first time personally.
So, in the midst of the working day, the bell rang. At the other end there was a girl who introduced herself as a junior specialist at Sberbank (where is the security service?!). She said that yesterday I applied for a personal loan.
Naturally, there was no real request from me, and where this conversation was leading became immediately obvious. But I decided to talk to her longer: I wanted to hear exactly how they would try to deceive me. Besides – a small thing, but nice – while I’m talking to the scammer, she won’t be able to call anyone else.
He got into character and anxiously replied that he had not applied for any loans and that he needed to cancel the application somehow. My answer clearly ended up in the scam operators’ script, and the girl began reading questions from the list in order to get my personal data.
What did the scammers talk to me about?
I was in a good mood, so I decided to properly answer the scammers’ questions and give them the opportunity to catch on to at least something:
– How many cards do you have in our bank? What's the balance on them? What was your last operation?
- Um... there’s only one card, I use it periodically, but, unfortunately, I don’t remember the amount.
– Does anyone else have access to the cards and account?
– My wife and mother also have data.
– Do you have a savings account or deposit?
Here I decided to give free rein to my imagination and said that I had 3 million rubles on deposit. Well, why not?
There was a commotion at the other end... after which the girl continued:
– Do you have accounts in other banks?
He replied that he had an account with Vnesheconombank. The name of one of the largest state corporations (VEB) clearly did not bother her, and she recorded “...economy bank.”
Then they checked my year of birth. And, although the girl was mistaken by 10 years, I confirmed the age announced to her.
Word by word, we figured out that my personal data had been compromised. True, the girl did not specify exactly how this happened: he gave the card to his wife and it was stolen from her, he went to a phishing site and entered the data himself... But who cares.
They promised to help me and switched me to a senior specialist.
After about 10 seconds of waiting (if only the support service of a real bank responded as quickly!) another female voice answered me. In her version, my false application was submitted not “yesterday”, but “today”. But no one pays attention to such trifles. Well, I “didn’t pay attention.”
We continued the conversation - this time more substantive. I was asked for the address of the branch where I usually get services and was asked to go through the identification procedure as a Sebranka client using the card or contract number.
Here, of course, I tensed up a little, since I didn’t want to name these numbers at all. He said that I don’t remember the contract number, and that I couldn’t find the card quickly.
I didn’t want to end the conversation on such a note and I said that I had to call my manager at the bank to clarify the agreement number. My interlocutor was not embarrassed by this and said that she had recorded all the data, and then law enforcement officers should contact me to resolve the situation.
What should have happened next
At that moment everything fell into place - I had already heard about this scheme. Its peculiarity is that you give money directly to the scammers.
According to the attackers’ plans, I was supposed to go to the very nearest bank branch and get a loan. They didn’t manage to tell me the amount - apparently, it was supposed to be calculated from the 3 million rubles that are (actually not) in my account.
Then the most interesting thing: false representatives of law enforcement agencies should have contacted me. To reset the loan application, I needed to give them the money so that they... would return it back to the bank! I don’t know how I was supposed to transfer the money: transfer it to a card, account, or transfer it in a bag under the cover of darkness on the playground. The latter, they say, also happens.
I decided to end the experiment with the words: “Can I call the police so that they can talk to your law enforcement officers?” The woman didn’t like this question, but she restrained herself and said that, of course, I could. After which I suggested that she find a good job where she would not have to deceive people. As expected, she hung up.
By the way, the call was from the number +7-499-009-10-76.
What did I do after
To immediately understand who is calling, I use caller ID applications. For example, from Kaspersky or Yandex. They show not just a number, but a “legend” of the subscriber. They didn’t have the number of “my” scammers in their database, so I added it with the hashtag “fraud.”
It seems that this scam is obvious and you definitely won’t fall for it. But some schemes can be very well-thought-out and cunning (I previously told you how sellers on the Avito and Yula services tried to scam me).
In a word, do not lose your vigilance and be on the alert.
Other frauds with credit histories
Credit histories are also used by swindlers in other schemes for illegal enrichment by deceiving law-abiding citizens. Director of the National Bureau of Credit Histories (NCBI) Alexey Volkov told RIA Novosti that recently scammers very often offer “clients” to improve or completely remove the CI.
“If they manage to seriously intimidate a client or identify their urgent need for a loan, scammers offer to “correct” or “delete” their credit history. Remuneration – from 30 to 300 thousand rubles. Naturally, the “client” simply loses money,” he said.
Representatives of the United Credit Bureau also spoke about the massive distribution of fraudulent resources disguised as the websites of the CI bureau. “Owners of such sites spend significant amounts of money on contextual advertising, so people who want to know their credit history can notice them in the first positions of search results. At best, the damage will amount to several hundred rubles for an unreliable report. At worst, the victim’s personal data can be used for further fraud,” the bureau said.
Russians who already have one or another loan may also fall under the radar of scammers. For example, they may receive a call on behalf of the credit bureau and demand that they repay the loan as quickly as possible, otherwise the CI will be damaged forever.
This example was given by the Equifax credit history bureau - its representatives said that scammers, claiming this, offer victims to transfer money to close the loan and provide them with their own account numbers. The company also clarified that the credit history bureau does not call customers, and that those calling supposedly on their behalf should not be trusted from the very beginning.
How to distinguish a fraudster from a bank employee?
Check the phone number. Bank employees most often call from official numbers that are available on the website. But now scammers have learned to fake numbers and call via IP telephony. They cannot repeat the exact bank number that is on the official website. The scammers' number will still differ by 1-2 digits. This is how you recognize the intruder.
Fraudsters are in a hurry and ask for unnecessary information. The attacker tries not to give time to think, demands confidential information and asks for a security code on the back of the card. Bank employees will not ask a citizen for confidential information, because they know his full name, phone number and card. Fraudsters may also have such information and even call the card number, but they always try to find out the security code.
The bank employee will not rush you. Managers call using learned scripts and do not make mistakes or pauses when communicating with clients. Fraudsters often confuse the information, and instead of the name of the bank they call “Our Bank” and say the phrase “I am recording this information.”
Bank managers do not encourage you to transfer money. Fraudsters may ask you to urgently transfer money to a “safe” account. If they try to write off money from the card, the attacker will convince you to transfer the money to another account and most often specify the amount. Bank managers do not request such information.
Bank managers do not require additional actions when applying for a loan or debiting money from an account. Bank employees actually call when they detect suspicious transactions on customer accounts. If they try to take out a loan or write off money from your card, the bank manager will simply cancel the operation without additional action on your part. Then the bank employee will ask you to come to the bank and reissue the card.
To avoid mistakes, do not take any action when there are doubts or suspicions of fraud. Take your documents, a card and come to the bank in person to sort everything out.
SMS alerts from scammers
Attackers send SMS messages. They try to rush it so that the person does not have time to realize what is happening and hastily transfers money to their account. The bank employee is at work, he has nowhere to rush and will give you time to think or even agree for you to come to the bank and verify the information in person.
Fraudsters send SMS messages during a conversation with a client, allegedly on behalf of the bank. The message asks you to tell the employee your card number or dictate confidential information. Always check the information and use the identifier to recognize scammers.
How to deal with scammers
The most effective way to protect yourself from scammers is to use software to block unwanted calls. There are special applications for iOS and Android with a database of compromised phone numbers, plus many firmware for Android smartphones, for example, Xiaomi MIUI, have a standard anti-spam system.
Denis Ageev, Research Institute “Scale”: The huge potential of virtualization was clear a few years ago
ICT in the public sector
Russians with an active civic position can contact their telecom operator or bank with a message about a call from scammers and indicating the phone number. Additionally, you can write a statement to the police about attempted fraud.
