Over the past few years, Internet technologies have deeply penetrated human everyday life. Today, banking, trade, services and entertainment operate successfully online. But with such technological breakthroughs, online fraud is also flourishing everywhere. As usual, the main goal of scammers is to lure money out of the user and disappear into the vastness of the Internet. In this article we will describe the main directions in which online scammers operate, and we will also tell you where to go to get your money back first.
Let's start with a description of the most common areas in which scammers operate. We will be based on our own experience.
Fraudulent online stores
This is the most common deception scheme that gullible users fall into. Today it costs nothing to create a fake online store and launch “trade” of non-existent goods on it. Advertising is ordered online, positive reviews are generated, and prices are quoted extremely low. All these subtleties lull the vigilance of users who send money to scammers without basic checks. Payments are accepted online and by cash on delivery, but all this happens before the fraud is discovered. With all this, the creator of such a marketplace remains in the shadows and is able to easily erase traces of his activities by simply deleting the site and blocking the “official” number of the store.
Fraud in online stores can be as simple as a seller accepting money and disappearing, or quite complex, where a whole scheme is created to sell substitute goods. Such a scheme involves official organizations and third-party recipients of money, so it becomes very difficult to prove the fact of deception. We have already written about such schemes several times; we recommend reading the article about PIM-MAIL LLC and the LLC Parcels Pro online store.
Deception through ad sites
In the case of advertisements, scammers work in two directions - they deceive both sellers and buyers. The standard scheme prevails: a person sees an ad, orders a product and makes an advance payment, but in the end nothing comes to him and the seller disappears. There are quite a lot of scam schemes with advertisements, and on the most popular resource Avito, scammers successfully bypass the special “Safe Transaction” function. Here are some examples:
- They write to the seller directly via (Whatsapp, Viber) and offer to purchase his product. Referring to a secure transaction, a fake electronic receipt indicating prepayment is sent to the seller’s email. After some time, the scammer writes that he has changed his mind and asks to send the advance payment back - people are fooled.
- They communicate with the buyer through messages on Avito, but “for convenience” they switch to a third-party messenger. Next, the buyer is sent a link to a fake website where he can make an advance payment (under the terms of the “Safe Transaction”). Very often people do not notice the substitution and transfer money.
An attempt by scammers to provide a link to a fake website
Making money through subscriptions
Also very popular on the Internet is the scheme of issuing paid online subscriptions to second-rate services. Such services include dating sites, loan selectors, and online cinemas. The deception process involves hacking a bank card and linking it to purchase online services. A person simply discovers that a debit has been made in favor of a fictitious dating site. After contacting support, the person is shown a personally signed subscription.
This is the most difficult process for a defrauded cardholder, since it is very difficult to prove the intervention of third parties. It’s easy to guess that the owners of the service personally activate people’s hacked cards, but it’s impossible to prove this fact. As a result, hackers legally withdraw money from hacked cards.
To understand the danger and scope of such fraud, we recommend reading our articles about the dating site LoveDateme and the loan selector Qzaem.
“Legitimate” withdrawal of funds in favor of a Banando subscription
Deception through spam mailings
We will call the simplest and slightly naive type of fraud spam mailings that report a “million dollar win” or “inheritance under a will.” Such notifications must include a link to the scammers’ website, where you need to pay a certain amount to process the payment. Most often these are fake lotteries, fake notifications from the tax office, notifications about government payments. This type of spam is distributed via email, SMS, Viber or WhatsApp. Oddly enough, people fall for such alerts and transfer money by flashing their bank cards.
Spam from loan selection sites
Scheme: a friend asked for a loan on social networks
One of the most common scams is when a friend asks you to borrow money on social networks, citing a sudden problem. Then it turns out that a friend’s account was hacked by scammers.
How to get my money back?
According to the press service of Otkritie Bank, if a client has become a victim of social engineering (voluntary transfer of funds to a “friend”), it will not be possible to challenge the operation and return the money. You need to contact the police so that they can find the scammers and recover damages from them.
“If the client confirms the transaction or discloses information that made such confirmation possible, compensation for damage can be obtained from the guilty person as part of a criminal case,” confirmed Sberbank.
What you need to indicate in your police report:
- Full name of the head of the police department (to whom it is addressed) and information about the victim (full name, residential address, contact phone number);
- a detailed description of what happened;
- your requirement (for example, to find the perpetrators, recover damages, initiate a criminal case, etc.);
- list the documents confirming your words (for example, receipts, correspondence) and attach them;
- The application must be dated and signed with a transcript.
Sample statement to the police
But the percentage of solving such cases and returning funds to victims is extremely low, says Gleb Zhizhanov, chief analyst of the Association of Russian Banks. According to him, during the investigation the scammers manage to withdraw money and, most likely, even spend it.
At the same time, Tatyana Akhapkina, director of the customer relations department at Rosbank, believes that it is still possible to try to return the money if the bank that issued the victim’s card for some reason delayed it and did not have time to credit it to the recipient’s account. To do this, you need to call your bank as quickly as possible and ask to cancel the payment. However, success in getting money back in this case is also minimal, since payments are made between banks very quickly.
How much does a criminal case start?
The answer to the question of which article applies for fraud on the Internet is given by the Criminal Code of the Russian Federation. Article 159.6 provides for different types of punishment. For damage from 1000 to 2500 rubles, administrative punishment is provided in the form of a fine.
If we talk about the amount for which a criminal case is opened for fraud on the Internet, the minimum amount of damage is 2,500 rubles. The fraudster may be sentenced to imprisonment for at least 2 years, depending on the amount of damage and the circumstances of the crime. If unlawful actions are committed by a group of persons by prior conspiracy, the period of stay behind bars can be up to 10 years.
Scheme: you paid for a purchase on a clone of a well-known company’s website
Since April 2021, 56 copies of the Delivery Club website and at least 30 fake Yandex.Food and Sbermarket sites have been identified on the network, according to Infosecurity a Softline Company. It is very difficult to distinguish them from real ones.
An example of a clone website, the real address of the company website is https://www.delivery-club.ru
Websites for electronics, railway and air tickets are also often counterfeited.
How to get my money back?
If a client paid for an item on a scammer’s website, the situation will depend on the parameters of the specific transaction (for example, the payment was made to a private person’s bank card or to a business account), Otkritie Bank says. When transferring funds to a private person’s account, you must contact the police, as in the case of transferring money to a “friend.” The chance of their return is minimal.
If the money went to the account of a company (legal entity), then the victim has the opportunity to challenge the operation. This procedure is called "chargeback". Sberbank explained how the challenge occurs:
- The client must contact the bank with an oral or written application to cancel the transaction.
- The bank will examine the method of conducting the transaction and the reason why the client wants to cancel the payment.
- It will then ask the merchant or its bank for payment details.
- If the cancellation of the operation is approved, money will be credited to the card.
- Otherwise, the bank will suggest other ways to solve the problem. For example, this could be contacting the police.
I searched for a sofa on the Internet for a long time and finally found it on the website of a well-known furniture company. I paid for the purchase. They promised to deliver the sofa in two weeks. Two weeks later they called from the store and said that we needed to wait another 10 days - there were no components for production.
After 10 days the sofa was still not delivered. The support specialist said that most likely they wouldn’t be able to make the sofa and it would be better to write an application for a refund. At the same time, I found out on the Internet that the sofa store had tens of millions of rubles in debt to suppliers.
I wrote a statement. They promised to return the money in 12 days, but it never came. The support service said that it was precisely because of the virus that the company had not yet produced a single sofa, but it was better to wait for it. Otherwise, the turn for a refund will arrive in at least 3.5 months.
I didn’t wait and contacted my bank (Tinkoff Bank) for a chargeback. It’s easy to do - you just need to find the transaction in Internet banking and click on the “Dispute” button. A bank specialist contacted me and asked me to send evidence that the company had not fulfilled its obligations. I submitted an electronic application for a refund. That was enough. The money for the undelivered sofa was returned to me after about 10 days.
Tatyana Akhapkina from Rosbank explains that only those customers who paid for the product but did not receive it have a high chance of getting a chargeback. But this procedure will not work if money was transferred to scammers through payment with a confirmation code from SMS or if the client voluntarily disclosed codes or card numbers to scammers.
I was planning to go to St. Petersburg for the November holidays. I typed in “tickets for Sapsan” into the search and opened the first website in Google: sapsan.ru. The site was beautifully and conveniently designed, all the company details and support number were indicated, and the price was 30% lower. There were no doubts about the reliability of the site, I chose tickets and entered my card details. After entering, I received a notification that the payment did not go through, I confirmed the operation again.
After payment, the tickets never arrived in the mail. I immediately started checking Sberbank Online - the money was written off twice to someone’s Qiwi wallet, the number provided in technical support was incorrect. I immediately called Sberbank, but the operation could not be canceled.
Then I submitted an application to the Sberbank security service, but they refused to return the money, citing the fact that the operation was confirmed by me (I entered the code when paying).
They advised me to contact the police to get my money back. I didn’t do this because I didn’t have time. As a result, I lost 13 thousand rubles, and the fraudulent site moved from sapsan.ru to sapsan.me.
Each case is individual, reminds Irina Gudkova, director of the legal department of the ICD. According to her, there are also abuses by clients themselves. For example, a person purchased something, transferred money with a code confirmation, he did not like the product, and he contacts the bank to return the money. “In this case, there will be no protest, since the bank that services it has no grounds for debiting money from the recipient’s account, and therefore there will be a refusal,” she explains.
Methods of fraud in online stores
The popularity of electronic trading platforms attracts scammers to this niche. There are many methods of deception. The most commonly used are:
- The buyer made an advance payment or paid for the goods in full, but never received the order. In these cases, they are most often asked to make a transfer to an individual’s card. At the same time, the person with whom the buyer communicates and the person indicated by the recipient of the funds may not coincide.
- The sent product turned out to be unusable - broken, damaged, expired, and so on. In this case, the seller does not get in touch, or simply refuses to compensate for the damage, citing the fact that he sent a normal item, and the buyer himself damaged it.
- The product sent does not meet the stated specifications.
- The cost of the product turns out to be more than originally agreed.
You can avoid deception: pay for the goods only upon receipt, after inspection, checking functionality, expiration date, and compliance with the declared technical characteristics.
Note!
If you are not satisfied with the product, then according to the Law “On the Protection of Consumer Rights” you can return it within 14 days and get your money back.
Scheme: scammers organized a collection of money for a sick child
Fraudsters often use the theme of helping sick children. For example, they can hack your friends’ accounts on social networks and send a message on their behalf that one of their little relatives is sick and they are now collecting money for treatment.
How to get my money back?
Tatyana Akhapkina believes that returning money in such a situation is almost impossible, since generally transfers are confirmed by a password from SMS and at the time of the client’s request, funds can already be withdrawn from accounts by fraudsters. According to the rules of payment systems, these transactions are not subject to revocation.
Despite this, Otkritie Bank suggests that affected clients file a complaint with the police.
How scammers operate
Most often, scammers try to make you transfer money to a specified account or number yourself - via SMS messages or calls. In other cases, they gain access to the necessary data that allows them to manage your money. For this purpose, Internet viruses or special reading programs are used. It is impossible to provide all options and methods, but in most cases fraudulent transactions go like this:
- You receive SMS messages asking you to transfer money to an unknown account or card number. The content of such messages can be different, for example, someone introduces himself as your relative and asks to transfer money (“Mom, I have a little problem, could you help me out and throw 300 rubles to this number <…> I’ll call you later and explain everything” ).
- You receive messages in which you are asked to follow unfamiliar links for possible registration or receive unexpected winnings (any benefit that may interest a person is offered here).
- The messages state that your card has been charged and ask you to call the number provided to cancel or refund. At the same time, the last digits of your card number are not indicated, you were not addressed by your first name and patronymic. In the future, if you call back, most likely they will try to find out your full card number, its expiration date and security code or password. Even bank employees have no right to ask you for the latter.
- There are also multi-stage schemes. For example, you receive an SMS with a message about replenishing your account with a certain amount, and after a while you receive a message asking you to return this money: “Sorry, I accidentally sent money to your number, could you return it...”.
- Any other messages with requests to send money or call back to an unfamiliar number: “We remind you of the need to repay the loan...”, “Your card is blocked, call for details...”, “Your transfer of 5,000 has been accepted, call for details...” and so on Further.
- You receive offers to follow unknown links. You can receive them through all communication channels - by phone, email and social networks, for example. The reasons can also be different - someone may intrigue you with a “fun weekend” and offer to look at a photo via a link, for example. Next, you may be asked to enter your payment information - or you will simply download the virus and give access to it yourself.
- Online stores. They are quite common both on the Internet (most often they are found through a search or pop-up advertising) and in popular social networks. You select a product and are asked to pay the full price or make an advance payment. After a while, the seller stops communicating, there is no information about the delivery of the goods, and you realize that you have been deceived.
Unfortunately, these examples are only a small part of the overall fraudulent picture. As soon as you realize that you have been deceived and the money has been transferred to scammers, you need to act immediately so as not to lose your chances of getting your funds back.
How to get my money back?
Partner at the Shcheglov and Partners law office, Musa Abdurakhmanov, reminds us of another opportunity to return money. If the amount was written off without the consent of the bank client and he did not provide card details and codes, then he must contact the bank within 24 hours from the date of the transaction and cancel the transfer. By law, the bank must return all the money. If the code from SMS was used during the transfer, the bank will refuse to return the funds. And in this case, you need to contact law enforcement agencies.
Read on the topic: What to do if money is stolen from a bank card?
Where to go if you were deceived in an online store
First of all, you need to contact the portal administration. It is quite possible that the manager simply got something wrong or does his job poorly. In this case, the administration must resolve the conflict and fulfill its obligations to the buyer honestly.
If the online store fails to fulfill its obligations, you need to file a complaint. You can send it to:
- To Rospotrebnadzor.
- To the territorial police department.
- To court.
The latter is best used when appeals to the first two authorities did not give the desired result.
Note!
In case of particularly large-scale fraud, an offer to purchase prohibited goods (weapons, narcotic substances), you can also write a statement to the territorial department of the prosecutor's office.
Preventive measures
Mandatory
| Action | Explanation | |
| 1 | Set a PIN code on the SIM card | in case of loss/theft of your smartphone, the swindler will not be able to quickly use your number, you will gain time |
| 2 | Apply at the mobile operator’s office for a ban on actions with a power of attorney | to prevent crooks from making a duplicate SIM card using a fake power of attorney |
| 3 | Issue a ban on registering real estate transactions without personal presence | to exclude the sale of an apartment using a fake power of attorney or fake digital signature |
| 4 | Set up a notification about the issuance of an electronic signature in your personal government services account | if fraudsters issue a fake digital signature in your name, you will know about it immediately |
| 5 | Set up two-factor authentication on government services, tax, mos.ru, and Rosreestr websites | scammers will not be able to log in even if they find out the password |
| 6 | Install caller ID on your smartphone | in most cases, scammers call from numbers marked as fraudulent. But sometimes they replace the number with a real bank number, then see point 40 |
| 7 | Install antivirus on your smartphone | protection against Trojans, spyware and other malware |
| 8 | Keep your smartphone software updated regularly, including security updates | protection against current attack methods and closing vulnerabilities |
| 9 | Create different passwords for different sites and applications or use a password manager | if the password for government services matches the password for a simple forum, then by hacking this forum a hacker will receive a password for government services |
| 10 | Set up an alert for each login to the government services website | if scammers gain access to your account, you will know about it immediately |
| 11 | Set daily spending and transfer limits on a bank card | Fraudsters will not be able to withdraw more than this amount. It will be more difficult for them to raise the limit |
| 12 | Configure receiving confirmations of banking transactions via push rather than via SMS | SMS is an unreliable protocol and is susceptible to eavesdropping and attacks. However, if you are leaving for an area without Internet or in roaming, temporarily return the SMS notification |
| 13 | Apply for a ban on the “Mobile transfer” service at the mobile operator’s office | if the SIM card is compromised, money will not be withdrawn from it |
| 14 | Set your smartphone to hide notification texts on the lock screen | If your phone is stolen, scammers will not be able to read bank codes on the locked screen |
| 15 | Set a code word in the office of your mobile operator | for quickly blocking a SIM card in emergency situations |
Important
| 16 | In your Google (Apple) account, indicate a spare phone number and a spare email | if your account is compromised, this will be needed to restore access |
| 17 | Set your smartphone screen to auto-lock for no more than 30 seconds | if the phone is stolen, it will have time to be locked |
| 18 | Remember the code words and security questions for all the banks you use. | so that in emergency situations, without wasting time, confirm your identity in the call center |
| 19 | Don't choose security questions that are easy to answer, such as your mother's maiden name. | this information is often publicly available or in purchasing databases |
| 20 | Learn by heart the numbers of your loved ones | to call loved ones from a number other than your own in emergency situations |
| 21 | Connect alerts about your credit history inquiries | you will be immediately notified of any intention to issue a loan to you |
| 21.1 | Connect notifications about card transactions | this will allow you to quickly identify fraudulent charges and call the bank without wasting time |
| 22 | Keep the phone number linked to your bank account with you at all times. | If a fraudster issues a duplicate SIM card, you will immediately know about it. Why you can’t keep a separate SIM card for banking transactions |
| 22.1 | For the main card you use to pay in stores and on the Internet, prohibit cash withdrawals and purchases outside your country | Stolen cards are usually used in other countries. If you need to pay for foreign goods/services, create a separate virtual card for this. If you go on a trip, temporarily lift this ban |
| 22.2 | When paying online, do not enter your card details in a pop-up window where the payment system website address is not visible | scammers can create a complete copy of the payment page, but it will lead to a fraudulent server |
| 23 | Disable auto-save passwords on your smartphone and computer | otherwise, if the phone is stolen, the thief will be able to see all the saved passwords, incl. those that were saved from the computer |
| 24 | Set limits on auto-replenishment of SIM card balance | If the SIM card is compromised, scammers will not withdraw all the money from the bank card |
| 25 | Write down the hotline numbers of banks and mobile operators on your main and backup phones | so that in emergency situations you can quickly find and call the hotline |
| 26 | Disable auto-receive MMS on your device | there is an old vulnerability that allows viruses to be downloaded to the device via MMS |
| 27 | Deprive the rights to view SMS and calls from those applications that do not need it | a Trojan can be embedded in a harmless application that has rights to SMS |
| 27.1 | Check the extensions in your browser, remove unused extensions | scammers buy old extensions and upload malicious code as updates |
| 27.2 | Review the applications on your smartphone, remove unused and old ones | scammers buy old applications and upload malicious code as updates |
| 28 | Set up push notifications for emails | so as not to miss an important notification from a government or banking service |
| 29 | Mark as not spam the phone numbers of the mobile operator and banks you use | so as not to miss SMS regarding security |
| 30 | Install antivirus on your home computer | Protects against viruses, Trojans, spyware |
| 31 | Keep your operating system and applications up to date, including security updates | this will allow you to close detected vulnerabilities, protect yourself from attacks and the latest versions of viruses |
| 32 | Disable the ability to connect remotely to your computer: disable remote desktop, close external ports | One of the common hacking methods is to try to brute force open ports from potential victims and use simple passwords for Remote Desktop. |
| 33 | Service at the bank through a call center where you cannot change the linked phone number | scammers obtain personal data in different ways and can link their phone to the victim’s account |
| 34 | Set a fingerprint or password for contactless payment with your smartphone (or disable it) | if a cell phone is stolen, the thieves will not be able to pay them |
Desirable
| 35 | Carry a spare phone with a working SIM card | to quickly block your main phone if it is lost or stolen |
| 36 | Set a PIN code on your smartphone to view files, photos and open instant messengers | if your phone is stolen, your files, contacts and correspondence will not fall to scammers |
| 36.1 | Don't use face unlock | If your phone is stolen, the thief can unlock the smartphone using a photo. The likelihood of this happening is low, but it happens, so it's best to protect yourself |
| 37 | If possible, prohibit remote access recovery via remote channels | If you have forgotten the password for any account, create a new one |
| 38 | Apply to the Federal Tax Service for a ban on registering a legal entity using an electronic digital signature | to exclude registration of an individual entrepreneur or LLC in your name using a fake digital signature |
| 39 | If possible, issue a ban on SMS banking | sms unreliable protocol |
What to do if the store sent the wrong order
In this case, you can do the following:
- Contact the online store manager and explain the current situation. Before this, you can take photographs of the product and shoot a short video review. It should contain not only the product itself, but also packaging, invoices, and receipts.
- If the manager refuses to correct the error, you can try to contact the owner of the online store directly and solve the problem.
Note!
You need to contact your local police department and file a complaint. The parcel itself will most likely be seized as evidence.
Rules of digital hygiene
| 40 | If you receive a suspicious or alarming call from anyone, hang up immediately. Don't pick up the phone until you understand the situation yourself. Call back only official numbers | protection against telephone scammers |
| 41 | Do not pay in advance, refuse advance payments in any transactions and situations if the company or person is little known to you | protection against online and offline scammers |
| 41.1 | When making an important and large purchase, carefully check and verify the seller’s documents. Do your due diligence | Fraudsters buy fake passports, punch and forge documents. Then they sell cars and real estate that do not belong to them. In such crimes, the buyer usually loses everything, and the seller takes the property back through the court. |
| 42 | Do not let us photocopy or take a photo of your passport anywhere except in branches of banks and government agencies. Do not send scanned documents by email | We reduce the likelihood of personal data leakage. If they insist on making a copy, carry your own copy with you, in which some of the information is blurred out. If copying cannot be avoided, at least avoid photocopying all the pages. How to issue cards using a scan of a passport |
| 43 | Do not leave a passport with a biometric chip as collateral | anyone who has a biometric foreign passport in their hands can open an individual entrepreneur. At least a green bank has such a service |
| 44 | Before paying online, carefully check the domain | to avoid falling for phishing |
| 45 | Check the transfer details immediately before payment | there are viruses that change the details at the last moment |
| 46 | Do not keep large sums on the card you use to pay in stores and on the Internet. | in the worst case, fraudsters will only be able to steal a small amount |
| 47 | Cover the terminal with your palm when entering your PIN code | card data theft protection |
| 48 | Do not illuminate CVV2 (do not turn the card over again) | card data theft protection |
| 49 | Carefully give permissions to applications for SMS and receiving calls | protection against spyware that steals data |
| 50 | Do not give access to your address book to instant messengers and banking applications | this way you will tell the outside world less information about yourself |
| 51 | Check device administrators in your smartphone settings | there should only be verified applications that really need these rights |
| 52 | Set a password to boot the device if your smartphone model has one | additional protection factor |
| 53 | Apply for an eSim if your smartphone model and telecom operator allow it | eSim is more convenient and reliable than a regular SIM card |
| 54 | Take your time to click on links that require you to enter personal data. If you did, check that the site is real. | One of the main threats that continues to operate to this day is phishing resources. Fraudsters can steal personal data, find out answers to security questions, or plant a virus on you |
| 55 | Do not enter your card details in unknown online stores or applications | they can be hacked and the data of all bank cards stolen. Fraudsters also create legitimate online stores. When purchasing from such a store, your card details will fall into the hands of fraudsters |
| 56 | Be careful on sites with pirated content | You may encounter malware, such as spyware, that steals passwords |
| 57 | Do not run cracked programs or key generators on your computer. If you need to use cracked software, run it on a virtual machine | viruses are embedded in pirated programs and key generators |
| 58 | Do not install potentially dangerous applications: unofficial music downloader, pirated content, etc. | they may contain Trojans |
| 59 | When opening any file that was sent to you, even by people you know, be careful. The most common way to infect a computer is for the victim to launch a malicious file. | The malware can be contained in a file of any format and can be encrypted to bypass antivirus programs. Your friends may not know that the file they send contains malware |
| 60 | Files that you received by email, via instant messengers, or downloaded yourself from the Internet, check on virustotal.com | A phishing email is no different from a regular email; it is one of the main malware infection schemes. Better play it safe. For convenience, install the extension |
| 61 | Abroad, withdraw money from the card only at bank branches | scammers steal bank card data through skimmers and shimmers installed in ATMs in places where there are few people |
| 62 | When abroad, try to pay in cash or contactless by phone | It is advisable not to pay by card. In many countries, criminal networks have been developed to steal card data, through photography, through infected POS terminals |
| 63 | Do not give your bank card to anyone. All transactions must take place in your presence | card data theft protection |
| 64 | Do not log into your accounts from other people's devices | these devices may contain a Trojan or any other malware |
| 65 | Do not store very important files on your computer | If you have to format your computer because of a ransomware virus, the data will be impossible to get back. Better to store on removable media |
| 66 | Do not store important or secret files or correspondence on your smartphone. Be mentally prepared that the phone may fall into the wrong hands | to prevent leakage of personal data and personal correspondence. Make it so that your phone can be given to anyone without any risks |
| 67 | Don't connect to free Wi-Fi | prevent attacks on you through unsecured networks |
| 68 | Install applications only from Google Play/App Store and with a good rating | protection against viruses and Trojans |
| 69 | If possible, avoid using lonely ATMs in places where there are few people | skimming protection. It is best to use ATMs in bank branches or large buildings. There they won't let swindlers commit fraud with an ATM. |
| 70 | Keep large sums in a bank that does not have a remote control connected to it | eliminate the possibility of remote theft |
| 71 | Do not store scanned documents in cloud providers | reduce the likelihood of their leakage, for example when a phone is stolen |
| 72 | Do not root your smartphone | if a Trojan gets in, it will be able to do whatever it wants on your device |
| 73 | Practice locking your device from a loved one's phone | training in case your device is stolen |
| 74 | Do not give your phone to strangers | protection against data theft and installation of malware |
| 75 | Use trusted major telecom operators | In some virtual telecom operators, you can obtain personal data using social engineering |
| 76 | Make VK and FB accounts invisible to anyone except friends | publicly available photos are downloaded from social networks and stored on fraudulent servers used by scammers. It is impossible to delete your photos from such servers |
| 77 | In social network profiles, provide a minimum of information about yourself, take a full-length photo on your avatar, delete it (or delete it), replace your last name with a nickname | Fraudsters use search by photo, phone number, last name and first name. This way they collect information and think through attack options. |
| 78 | Have cash at home | in case you have to block cards and accounts, protecting them from fraudsters |
| 79 | Change periodically: code words, answers to security questions, passwords for personal accounts | personal data can leak even from banks, fraudsters can work in bank call centers, so a good practice would be to periodically change sensitive information, for example |
| 80 | Periodically check the information on the websites of State Services and the Tax Service: digital signatures issued to you, participation in organizations, information about your property, Rosreestr notifications, FSSP. In your mail settings, check that there are no redirects to left mailboxes, as well as suspicious sessions and linked devices | In case of notifications about actions that you did not perform, you need to take action quickly. You can check whether a legal entity is registered in your name at the tax office or here |
| 81 | Change your civil passport periodically | If you treat your passport as a key to all your data and a password to identify your identity, then a preventative replacement of your passport every few years will definitely not cause any harm. And it might even be useful. However, I recognize this point as optional. |
