Citizens are led to a phishing line – Newspaper Kommersant No. 54 (7499) dated 03/30/2023

Financial market participants propose to allow everyone to complain about phishing sites, and the responsible federal agency will have to check the complaint in one day. To submit relevant applications, the Ministry of Digital Transformation will prepare the Anti-Phishing GIS. According to market participants, this measure can speed up the blocking of fraudulent sites, but cannot make it instant in order to avoid errors and abuse.

The National Council of the Financial Market (NSFR), together with representatives of credit institutions, developed and sent to Anatoly Aksakov, Chairman of the State Duma Committee on the Financial Market, a bill (Kommersant got acquainted with it) on combating phishing sites. The document introduces the concept of “replacement resource” and suggests the inclusion in the process of combating fraudulent sites of the state information system designed to counter phishing resources (GIS “Anti-phishing”). “The bill was worked out in working order with the Ministry of Digital Development, which assessed the initiative positively,” the NSFR letter says.

In 2020, the Central Bank initiated an experiment to exchange information about fraudulent websites with the Prosecutor General’s Office of the Russian Federation in order to block them. In 2021, this mechanism was enshrined at the legislative level, and the Bank of Russia received the right to extrajudicial blocking of illegal sites. The average block time has been reduced from several weeks to several days. At the same time, in 2022, access was restricted based on information from the Bank of Russia to 10.7 thousand websites. Of these, 12% were resources from the “Phishing” category, which were disguised as the sites of existing financial organizations.

The new bill intends to significantly expand the circle of those who can claim the discovery of a phishing site – except for the Bank of Russia, this right will be given to any government agencies, organizations and citizens. At the same time, according to the text of the draft, after receiving information about a suspicious site, the responsible federal executive body (to be determined) is given one working day to verify the information received and prepare a conclusion on the presence or absence of grounds for recognizing the resource as a replacement. If the applicant’s suspicions are confirmed, the conclusion must be sent to the Prosecutor General’s Office or the Central Bank within the same day.

The bill will give the Anti-Phishing GIS an official status and establish a system for collecting and analyzing information about suspicions of phishing from any person who has identified such a site, Andrey Yemelin, head of the NSFR, explained to Kommersant. “This will make it possible to create a clear and extensive system and on an ongoing basis to identify and stop the functioning of sites that illegally collect information about citizens,” he is sure. Last year, the Ministry of Digital Transformation announced that by the end of summer it would transfer the already created system for monitoring phishing sites into commercial operation, and citizens would be able to access it through the public services portal. According to the head of RTM Group Evgeny Tsarev, the proposed measure can be very effective, but the issue is ease of use. At the same time, he draws attention to the fact that the Anti-Phishing GIS will most likely be inundated with messages from chat bots, hackers, etc., and an algorithm will be required to sort the flow of information.

Market participants note that at the turn of 2022–2023, phishing activity overcame the decline caused by the foreign policy situation and returned to pre-crisis levels, and in some ways even exceeded them. According to Alexander Vurasko, an expert at the Solar AURA external digital risk analytics center at RTK-Solar, the main trends in modern phishing are automation and the use of malicious site camouflage tools. At the same time, according to him, in some cases, the measure proposed in the bill will be able to shorten the path of a complaint about phishing, and therefore speed up the response. “At the same time, it is necessary to understand that this will not work according to the principle “the user sent a complaint – the site was blocked”, since this opens up a huge scope for errors and abuses,” warns Alexander Vourasko.

Maxim Builov, Yulia Poslavskaya