lolzteam
Audience Engagement Tactician
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 2
900 XP
In Russia, scammers https://iz.ru/1808785/anton-belyi/f...ilis-fishingovye-sajty-s-razblokirovkoj-viber sites that offer users services for installing a "secure version" of Viber and instructions for "bypassing blocking". Those who follow malicious links to these resources may lose their account in the messenger, steal passwords and other data.
Igor Bederov, head of the investigation department at T.Hunter, an expert on the SafeNet NTI market, said that Trojan viruses are distributed under the guise of installing a "secure version of Viber", and phishing also occurs. According to him, most often attackers act through telephone fraud. To do this, they register an account in the messenger for Russian numbers, and then call users in the Russian Federation. In addition, banners about "bypassing blocking" appear on websites and social networks. Viber twin apps may also appear in stores soon.
Dmitry Dudkov, a specialist in combating financial fraud at F.A.C.C.T., noted that the popularity of Viber among fraudsters can be explained by the relative simplicity of account hijacking and initial registration. This allows attackers to communicate with victims from the same account for a long time. In addition, it is more difficult to form a complaint about spam mailings and calls in Viber.
In the instructions that scammers distribute on the darknet, Viber is mentioned among the messengers not recommended for transmitting information.
Roman Alabin, head of the information security service at InfoWatch Group, says that the messenger is used by attackers in typical ways - these are fraudulent calls, including with impersonation - when the attacker pretends to be a relative or manager of the victim. The main audience of Viber in Russia is people over 40 years old, who are more vulnerable to fraudulent schemes.
Anton Meltsov, founder of the AMsec24 Insurance Broker company, says that scammers can send messages that look like official notifications from Viber or other services, asking them to confirm personal data or follow a link, and they lead to fake sites.
Evgeny Egorov, an analyst at the F.A.C.C.T. Digital Risk Protection Department, believes that against the backdrop of blocking, attackers may offer users to install a malicious version of the messenger "available in Russia" to replace it. They can also create fraudulent sites stylized as the official Viber resource to steal users' money, as was the case in the early 2020s, for example, allegedly to pay users some kind of "compensation".
Roskomnadzor said that in 2024 it identified and blocked 30.3 thousand phishing resources and 127 malware control centers. The number of blocks increased by 558% for phishing sites and by 164% for virus control centers.
Anna Golushko, senior analyst at the Positive Technologies research group, said that in the first three quarters of 2024, 89% of all successful attacks on individuals were carried out using social engineering.
Igor Bederov, head of the investigation department at T.Hunter, an expert on the SafeNet NTI market, said that Trojan viruses are distributed under the guise of installing a "secure version of Viber", and phishing also occurs. According to him, most often attackers act through telephone fraud. To do this, they register an account in the messenger for Russian numbers, and then call users in the Russian Federation. In addition, banners about "bypassing blocking" appear on websites and social networks. Viber twin apps may also appear in stores soon.
Dmitry Dudkov, a specialist in combating financial fraud at F.A.C.C.T., noted that the popularity of Viber among fraudsters can be explained by the relative simplicity of account hijacking and initial registration. This allows attackers to communicate with victims from the same account for a long time. In addition, it is more difficult to form a complaint about spam mailings and calls in Viber.
In the instructions that scammers distribute on the darknet, Viber is mentioned among the messengers not recommended for transmitting information.
Roman Alabin, head of the information security service at InfoWatch Group, says that the messenger is used by attackers in typical ways - these are fraudulent calls, including with impersonation - when the attacker pretends to be a relative or manager of the victim. The main audience of Viber in Russia is people over 40 years old, who are more vulnerable to fraudulent schemes.
Anton Meltsov, founder of the AMsec24 Insurance Broker company, says that scammers can send messages that look like official notifications from Viber or other services, asking them to confirm personal data or follow a link, and they lead to fake sites.
Evgeny Egorov, an analyst at the F.A.C.C.T. Digital Risk Protection Department, believes that against the backdrop of blocking, attackers may offer users to install a malicious version of the messenger "available in Russia" to replace it. They can also create fraudulent sites stylized as the official Viber resource to steal users' money, as was the case in the early 2020s, for example, allegedly to pay users some kind of "compensation".
Roskomnadzor said that in 2024 it identified and blocked 30.3 thousand phishing resources and 127 malware control centers. The number of blocks increased by 558% for phishing sites and by 164% for virus control centers.
Anna Golushko, senior analyst at the Positive Technologies research group, said that in the first three quarters of 2024, 89% of all successful attacks on individuals were carried out using social engineering.