Cyber fraudsters deceive legal entities less often than individuals, however, the stolen amounts in these cases are much larger
The Sberbank team spoke about a new fraudulent scheme that attackers began to use to deceive corporate clients. To do this, criminals create a fake account in messengers for the imaginary head of the company.
For greater authenticity, they can upload a photo from available sources to a fake profile: take, for example, from the company’s website or use the avatar of a real account.
Then, from the fake account, the scammers begin correspondence with the company’s accountant. After a few general phrases, including a greeting and a question, the «manager» gives instructions to transfer funds to the details specified in the message. If the subordinate does not notice the substitution and completes the task, the company’s money goes to the accounts of «drops» — people who cash out and transfer funds stolen by cyber fraudsters.
Cyber fraudsters defraud legal entities less often than individuals, but the stolen amounts in these cases are much larger. Now a new method of fraud has emerged through the creation of a fake account for the head of a company in instant messengers. Sber successfully identifies such schemes, and the bank’s fraud monitoring has already been supplemented with knowledge about this type of fraud.
Deputy Chairman of the Board of Sberbank Stanislav Kuznetsov