The Center for Monitoring and Response to Computer Attacks in the Credit and Financial Sphere of the Central Bank of the Russian Federation (FinCERT) presented a detailed report on cyber fraud and theft of personal data of Russians.

According to the document, from September 1, 2018 to August 31, 2019, FinCERT discovered a surge in fraudulent activity on the network.

“In the reporting period, there was a significant, almost seven-fold, increase in the number of sites in the fraudulent category: false questions, false compensation, false gains and so on. FinCERT initiated the removal of 9,778 phishing domains from delegation – 486% more than a year earlier, ”the report says.

In addition, FinCERT has identified about 780 thousand sites containing malware. Researchers noted that the introduction of malware remains one of the main tools of cybercriminals:

“Sending letters with virus-infected files or links to websites with malware is actively used to attack financial organizations and their customers.”

At the same time, social engineering became the most popular type of fraud last year. 97% of the theft of funds from accounts of individuals were committed precisely with its use.

FinCERT experts have highlighted a relatively new way of cheating victims of bank customers. It is a matter of replacing telephone numbers with identical numbers of bank call centers.

It is noted that this technology allowed "to successfully impersonate employees of bank security services under the guise of blocking suspicious transactions to commit theft of victims' funds."

As a result, FinCERT sent almost 5 thousand telephone numbers for blocking over the year, which is 39 times higher than last year.

The Bank of Russia also first disclosed data on the extent of leakage of personal information. In the first half of 2019, almost 13 thousand announcements about the sale and purchase of personal databases of Russians were discovered.

The report emphasizes that banks are not always to blame for them – only 12% of all databases with personal information that were sold online in the first half of 2019 belonged to credit and financial organizations.

The main channels of leaks FinCERT called various trading platforms on the Internet, where users leave their bank card numbers and personal information.

“The data of payment cards are often reported in correspondence or in telephone conversations by the participants themselves. In the future, they can be compared and compiled with information previously obtained from other sources, including from past leaks of other databases available on the market, ”the report said.

FinCERT experts believe that the identity theft trend will continue to grow.

“Increasing the degree of security of information systems of credit organizations has led to the fact that the focus of attention of criminals has shifted to attacks on bank customers. As a result, demand for data will continue to grow, ”the document says.

Recall earlier, the Chairman of the Bank of Russia Elvira Nabiullina said that the regulator intends to tighten liability for cybercrime.

Subscribe to BlockchainJournal news on Telegram: BlockchainJournal Feed – the entire news feed, BlockchainJournal – the most important news and polls.