Thousands of phishing sites copy St. Petersburg Exchange after the introduction of American sanctions
[ad_1]
After the introduction of US blocking sanctions against the St. Petersburg Exchange, the number of phishing sites masquerading as it increased to several thousand. Fraudsters try to obtain personal data of citizens by creating copies of the official website, promising easy profits or offering to verify an account. Similar sites appeared en masse last year, after the introduction of sanctions against brokers and NSD. Experts admit that pseudo-consultants will appear next, who will “help unlock” investors’ assets for money.
As Kommersant was told by the Informzashchita company, after the St. Petersburg Exchange came under strict US sanctions (see “Kommersant” dated November 3) the number of phishing sites masquerading as a trading platform has increased sharply. If before the sanctions there were about a hundred of them, now the number has reached several thousand. “Previously, the exchange had almost no interest among scammers, but now more than 1 thousand new sites appear every day,” notes Informzashita.
According to the managing director of Ivolga Capital, Dmitry Alexandrov, “similar things” happened in 2022, after the first sanctions against brokers and NSD. “Fraudsters are trying to take advantage of the investor’s forced, more trusting state,” he explains. The St. Petersburg Exchange did not respond to Kommersant’s request.
Until the beginning of November, more than 2 thousand shares and depositary receipts of foreign companies were traded on the St. Petersburg Exchange. After being included in the SDN list, trading in foreign securities on the exchange was suspended. OFAC has issued a license to exit securities traded on the St. Petersburg Exchange until January 31, 2024. The exchange claims that the imposed sanctions will not affect client assets. It intends to settle transactions concluded on November 1 and 2 on Friday, November 17.
Phishing sites targeting St. Petersburg Exchange clients can use different scenarios. For example, Informzashita notes, scammers create copies of the official website, promising easy profits or special investment opportunities. They also try to obtain citizens’ personal data by posing as security services or demanding information under the pretext of account verification. Informzashita believes that “this variety of methods can make users more vulnerable.”
Phishing attacks are popular among cybercriminals due to a combination of relative ease of implementation and clear monetization schemes, according to Angara, a company specializing in providing information security services. Now there are many tools for creating a phishing site, this is “in any case inexpensive for a fraudster – the only difference is the quality and similarity to the original,” confirm Positive Technologies. Renting one phishing panel costs €150 per week, and purchasing it costs €350 (see “Kommersant” dated June 28).
It is now critical for St. Petersburg Exchange to organize a set of measures to counteract attackers who are trying to take advantage of the negative information background, Angara emphasizes.
As part of countering phishing threats, it is fundamentally important to check the accuracy of the spelling of the Internet address: a difference of even one character can mean that you are working with a fake site, warns independent financial analyst Andrei Barhota. Also, he clarifies, it is important not to transfer codes to confirm transactions to third parties, but to make sure the address is correct before entering it in the web interface.
Mr. Alexandrov adds that “you should not ignore warnings from browsers about non-compliant security certificates.” “And you don’t need to enter your personal data, the exchange website should not directly interact with investors – the exchange still exists for brokers,” the expert emphasizes. “The official website will not ask you for money or any information, it will simply be the primary source of press -releases”.
3.05 million transactions
investors concluded in the main trading mode on the St. Petersburg Exchange in October 2023.
As Irina Zinovkina, head of the research group of the Positive Technologies analytics department, clarifies, “not a single resource other than the exchange itself, as well as other official organizations, will help with solving the problem of phishing sites.”
At the same time, experts note that the current surge in phishing may be just the beginning of scammers exploiting the problems of the St. Petersburg Exchange. In the future, explains Dmitry Alexandrov, it is quite possible that pseudo-consultants will appear who will offer to “solve the issue of unlocking assets” for money. In such situations, the expert says, significant losses for investors are already possible.
[ad_2]
Source link