Cyber ​​scammers. How to eat an elephant whole? Chapter III

In recent years, the underworld has undergone major changes. Robbery, theft, theft – all these actions go from real life to virtual. Ostap Bender, with his 400 ways of taking money from citizens, simply did not dream of the opportunities that are opening up for cyber scammers now. As a result, last year alone, fraudsters stole more than 13.5 billion rubles from the accounts of citizens. For the first half of 2022 – more than 6 billion.

We continue to talk with Dmitry Ibragimov, a cybersecurity expert at the Bank of Russia Central Federal District. In the last article, we talked about why you will not be deceived with the help of cool technologies and cool specialists – hackers, hypnotists, bank employees. This time we will talk about technologies and problems with their use.

The Bank of Russia regularly initiates the blocking of telephone numbers and fraudulent websites. In April-June of this year alone, blocking of 117 and a half thousand telephone numbers was initiated! But how effective is it? I have repeatedly called back to the “lieutenants of the Ministry of Internal Affairs” and “employees of the Central Bank”, and each time I received the answer “the number you are calling does not exist”. Or the call was answered by an unsuspecting subscriber, whose number the scammers used as a “replacement”. Is something being done in this direction?

“It is worth bearing in mind that when mobile networks were created, no one expected fraudsters to competently use them for their own purposes, for example, virtual PBXs to change numbers and so on,” says Dmitry Ibragimov. – Yes, you can determine which provider this number belongs to. Yes, you can block it, but new numbers will appear, this issue should be resolved comprehensively.

To describe the situation, Dmitry resorted to a figurative expression: “you need to eat this whole elephant.”

– Now, with the participation of the Bank of Russia, a draft law is being developed on the creation of a Unified Information System for Verifying Information about Subscribers of Telecom Operators. This process is not fast, there are many participants in it, and this is not the kind of elephant that can be eaten in pieces – you need it right away. It is assumed that telecom operators will provide the system with information about the subscriber, in particular, about the owner of the number (full name), the fact that the owner of the number has changed, data on the termination of the communication contract, and so on. Using this information, banks will be able to reduce cases of theft of money from customers. So, for example, if a client, under the influence of malefactors, set forwarding to a third-party number of SMS messages necessary to confirm banking operations, the bank will be able to track this fact in the system and prevent fraud. The consultations on the bill are ongoing. Gather all mobile operators – and not just the Big Four.

There are some nuances with blocking sites. Again, the Central Bank regularly takes the initiative to block various fraudulent financial online platforms. Last year, the law on out-of-court blocking of sites came into force, and at the initiative of the Bank of Russia, 3,400 fraudulent Internet resources were already blocked in the first half of this year.

However, even here, scammers find an opportunity to influence the minds of citizens in order to bypass blocking – using technology.

“Websites can be blocked in two ways,” Dmitry Ibragimov explains. – The first is division, when the domain name registrar “unbinds” the site and the domain name. But this method will work only if the registrar company is under the jurisdiction of the Russian Federation, it will not be possible to influence foreign companies. Therefore, scammers try to register sites in another country and lure citizens to them. The second mechanism is site blocking, when the provider stops providing access to this site through Roskomnadzor, and users from our country, specifying a domain name, cannot get to this site.

The disadvantage of the second mechanism is VPN. The provider does not block the site itself, but access to it. The site itself will continue to exist, and it will be possible to get to it through a VPN or, for example, through a tor browser, since from the point of view of the provider, the client will not access the prohibited site, but the address of the VPN service. It would seem, what is the problem? Everyone knows what VPN is now, and every second person uses it…

“The problem is that every second person thinks he knows what a VPN is,” Dmitry chuckles sadly. And he thinks he knows how to use it. Initially, this technology was created so that one company could communicate with another through open channels, but confidentially. Let’s say there is a head office and there are its “daughters”. They create such a private channel among themselves, they encrypt information and communicate privately. However, the disadvantage of any technology is that it can be applied in a variety of ways.

Simply put, the VPN that you have installed on your phone can not only create such an encrypted channel, but also do many other things that you will not even suspect, such as monitoring your online behavior or collecting your sensitive data. In addition, financial scammers cleverly convince victims to go to websites blocked at the initiative of the Central Bank, for example, financial pyramids or “black creditors”, through VPN, defrauding citizens’ funds.

Technology is constantly evolving and it is difficult to keep up with them. It is even harder to catch up with even an ordinary person, and even more so for large structures. In the next issue of “Cyber ​​Fraudsters” we will talk about how the intra-bank “kitchen” is arranged and the role of the Central Bank in this difficult matter.

Yana MAYEVSKAYA.

Photo by Olga Davydova