New banking scam: Criminals send fake letters or bank documents to gain victims’ trust

A new variant of the well-known phone banking fraud is putting thousands of users at risk. According to network penetration testing experts, scammers call potential victims to notify them of an illegitimate attempt at their accounts and then send them a forged document with information about an alleged “secured account” to which they must transfer their money; the document contains stamps and logos from a bank, which makes the scam more believable.

This is a variant of fraud originating in Russia, usurping the names of major institutions such as Sberbank, Rosbak and Ak Bars Bank.

According to various testimonials, it all starts with a phone call: “An alleged bank officer called me to tell me that my bank account was under attack, offering me the possibility to transfer my money to a secured account in Sberbank.” The user, identified as Ivan, claims that he even received a letter with a stamp from the bank and the signature of an alleged manager.

The document received by Ivan contained data from two accounts offered to transfer their money to safe the offenders, although they continued to call him for two more days informing him of alleged loans. By then, Ivan had already gone to the local authorities, who notified him that he was facing an attempted fraud.

La imagen tiene un atributo ALT vacío; su nombre de archivo es russianbank1409202001.jpg

Network penetration testing experts mention that by sending these letters criminals seek to convince the affected user that they are communicating with a genuine bank official, although the attack targets are not chosen at random: “Before sending these messages, the attackers make sure they have as much information as possible from the victim, including their account number and amount of money available”, mentions a report from the Russian bank Sovcombank.

Researchers believe that due to the large amount of sensitive data required to deploy such attacks, it is highly unlikely that this will be a massive campaign.

Although banking institutions have undertaken constant work to improve their security systems, this effort does not extend to users, whose unsecured practices have favored threat actor groups: “Many users share their banking information carelessly, which can pose a severe security risk,” said the report.

Moreover, a team of network penetration testing experts from security firm Zecurion mentions that scammers can also act randomly, betting that victims will fall into the trap and deliver their information themselves. In any way it presents, this is a variant that has shown unusual growth in Russia and other European countries, so it could be a matter of time before this attack is detected in America and other parts of the world.