To whom is mobilization, and to whom is mother dear – Newspaper Kommersant No. 175 (7376) of 09/22/2022

Against the background of the announcement of partial mobilization, scammers speculating on topical issues have become more active in Runet. Cybersecurity experts have already noted the rise of phishing sites offering assistance in preparing fake medical certificates or delistings. The threat is also posed by emails and calls from spoof numbers. Roskomnadzor assures that access to fraudulent resources is blocked.

Cybersecurity companies saw a spike in phishing (fake) sites and scam emails exploiting this agenda on September 21st, following the mobilization announcement. Users receive offers to apply for a deferment from the army, mobilization, issue fake medical certificates, help with urgent relocation, and so on. According to Google Trends, the number of user searches for the keyword “who’s in stock” reached 100 points (the highest level of popularity) in the first half of the day, as did the number of requests for the word “delay”.

“The trend is gaining momentum right now, the first examples of fraud using the topic of mobilization have already appeared,” emphasizes Sergey Voldokhin, director of Anti-Phishing. According to him, the first victims are people who, amid stress, buy any fraudulent services, for example, pay for “exclusion from the lists of mobilized.” But phishing sites are not the only channel, the expert warns: “It can be a call, letter or message to a conscript or their loved ones offering help, new malicious applications in which you can see if you or your loved ones are on the list, any help with leaving the country.” . Organizations should beware of letters asking for employee details, the expert adds.

Companies and banks have not yet seen a surge in such mailings, but they are already preparing to adjust the rules for combating fraud, says Pavel Kovalenko, director of the Informzaschita anti-fraud center. The statistics for the current surge in scams will be clear by the end of the week, he said.

The Ministry of Digital Development notes that a surge in malicious mailings and the emergence of phishing sites “traditionally occurs within 24-48 hours from the moment of any significant information wave.” Roskomnadzor assured that they restrict access to resources containing fraudulent information on the basis of a court decision or the requirement of the Prosecutor General’s Office.

This is not the first time that phishing has become a scam tactic at times when the information agenda is changing.

After the outbreak of hostilities in Ukraine, the number of users who received emails in which attackers urge them to install an attached malicious file or follow a link to download it, has grown by 1.5 times. All letters were devoted to current news (see “Kommersant” dated March 23). Also at the end of spring, the share of fraudulent calls made to withdraw funds was 12.5% ​​of the total number of all incoming calls. According to the Central Bank, the amount of stolen funds in the second quarter amounted to 2.8 billion rubles. (see Kommersant dated September 5).

Security Code experts note that any event on a national scale can lead to an increase in phishing activity, and mobilization will not be an exception. “We can witness the sale of deferrals, fake sites for mobilization points, and so on,” says Pavel Korostelev, head of the company’s product promotion department. During such socially significant events, he emphasizes, “people’s attention is more distracted and emotional decisions prevail over logical ones, and this is what scammers are guided by.”

The risk of losing financial resources is now great, the source of Kommersant believes in the cybersecurity market: “The situation is non-standard, and many will not be ready for it, especially at the first stage, when there is a lot of conflicting information, even official.” Even those people who are accustomed to and have “immunity” to traditional scams, he notes, may be vulnerable in the current situation.

Tatyana Isakova