Security

Dear JINR employees!
Currently, there is an increase and expansion of the range of fraudulent activities using phone calls, SMS messages and instant messengers.

Main fraudulent schemes

SCHEME ONE. A call from an alleged representative of the mobile operator used by the victim, under the pretext of the end of the contract for the provision of mobile services.

The attackers call the victims and introduce themselves as employees of the mobile operator whose services the victims use and inform them that the contract for the provision of mobile services is expiring, but it can be extended remotely by providing a code that will be sent in an SMS message. The victims, unsuspectingly, provide the code to enter the State Services portal, after which the victim receives either an SMS message or an email about the hacking of their account on the State Services portal with a contact number for an alleged hotline. The victim calls the phone number indicated in the letter, where they are informed that their personal data have been compromised and that the integrity of the victim's accounts should be verified with the help of Central Bank employees. After which, the victim receives a call from an alleged Central Bank employee that informs them that funds were transferred on behalf of the victim to the account of a person in one way or another associated with the Armed Forces of Ukraine, this operation was "frozen" but the "Central Bank employee" is obliged to transfer the information to the FSB. Afterwards, the victim is contacted by an alleged FSB officer that escalates the situation, threatens to prosecute for treason (Article 275 of the Criminal Code of the Russian Federation), but at some point, takes the victim's side and offers the latter to participate in identifying unscrupulous bank employees that allegedly transfer funds on his behalf. And in order to identify these employees, it is necessary to cash out all available personal savings in banks and deposit them into a safe/reserve/insurance account using the Mir Pay application installed on the victim's mobile phone. If bank employees ask about the purpose of withdrawing funds, it is necessary to provide a plausible pretext invented in advance (for a granddaughter's wedding, to buy a car/apartment, for repairs, others), in no case should you disclose the true purpose, for everyone is under suspicion and in no case should you tell anything to relatives, because disclosure of preliminary investigation data is also punishable by law (Article 310 of the Criminal Code of the Russian Federation). After the victim deposits all his savings allegedly into a safe/reserve/insurance account, it turns out that applications for loans in different banks were allegedly submitted on his behalf and in order to "beat" them, it is necessary to apply for loans yourself, having exhausted your credit limit and deposit funds also through the Mir Pay application and an ATM into your safe/reserve/insurance account, after which the loans will allegedly be closed.

If the victim has no personal savings, the criminals immediately turn to loans. Under various pretexts, it is possible to install tracking programmes on the victim's mobile phone.

SCHEME TWO. A message on the Telegram social network allegedly from the account of the head or former head of the organization where the victim works or worked.

In the Telegram application, the victim receives an unsuspicious message. For example, "How are you?" and after the answer, a request to talk to someone, since an investigation is carried out with respect to the organization and the victim is in the list of the employees they want to talk to. After that, as in Scheme No.1, "employees" of various government representatives and departments are connected: the FSB, Rosfinmonitoring, the Central Bank, others and in the same way, through the Mir Pay application installed on the victim's mobile phone and an ATM, funds are deposited through bank cells into a safe/reserve/insurance account.

If the victim does not have personal savings, the attackers immediately proceed to applying for loans. Under various pretexts, it is possible to install tracking programmes on the victim's mobile phone.

SCHEME THREE. A call from a supposed representative of a mobile operator (Beeline, MTS, Megafon, Tele2, others) used by the victim, under the pretext of replacing the company's equipment and the need to update the SIM card.

The attackers call the victims and introduce themselves as employees of the mobile operator whose services the latter use and inform them that the operator changes its equipment to one that supports 5G and therefore, the SIM card needs to be updated. In order to update the SIM card, it is necessary to install a programme that later turns out to be spyware and to log in to the application using a PIN code that is usually universal for all applications. Having obtained the PIN code, while the SIM card is supposedly being updated, accompanied by a pleasant conversation with the "operator" on various topics, the attackers log into the victims' banking applications and themselves transfer funds to criminal accounts or apply for online loans and transfer the obtained funds to criminal accounts.

SCHEME FOUR. Investments.

The victim receives calls allegedly from a brokerage organization with an offer to take part in a game on the financial exchange, promising fast, large and guaranteed profits. The victim agrees, registers an account on an Internet resource or in an application that has nothing to do with a real financial exchange, yet the victim does not replenish his wallet directly but by transferring funds to bank cards of individuals, usually justified by Western sanctions. In the application, the victim sees the increase of his alleged investments, wants to withdraw them and is told that in order to withdraw investments, he should deposit a certain amount and then more and more. However, no funds are returned.

Please note! All these calls and messages are from fraudsters. We strongly recommend everyone to interrupt any suspicious calls and do not respond to dubious messages. By entering into any contact with fraudsters, one risks becoming their victim. Please, note that fraudsters may address you by your first name and patronymic, call back, insist. All this is done in order to cause a feeling of confusion and to take possession of your personal financial resources.

For any calls that arouse your suspicion, we recommend that you urgently contact the following for advice: the reception of Assistant to Director of JINR for Security Alexander Mikhan, tel. 216-50-05, or JINR Security Service, tel. 216-65-97.