Experts of the company Group-IB, specializing in the prevention of cyberattacks, together with the Federal Tax Service (FTS), identified the activity of fraudsters in the Network. Criminals send emails to legal entities and state institutions allegedly on behalf of the tax authorities.
All emails of attackers looked the same. They said that the recipient must appear at the Federal Tax Service to “give evidence about the flow of funds”. Before visiting the institution, the recipient of the letter was required to fill out a special form, which was attached in the letter as an archive with a password. The password was also attached in the email. This scheme allowed bypassing antivirus protection. When the archive was opened, a program for remote access to it was installed on the user’s computer.
“The Federal Tax Service of Russia does not send letters to taxpayers about the existence of debt and offers to pay the debt online,” reported the press service of the FTS.
The mailing started at the end of July and continues to this day. Emails are sent to employees of oil and mining companies, airports, Telecom operators, and other organizations.
Experts are discussing the possibility of introducing a new article “Tax fraud” into the criminal code of the Russian Federation.
Moreover, according to Igor Bederov, General Director of the Internet Search company, in total, there are more than 1 million fake websites in Russia, up to 1 million messages are sent per day. He added that the share of phishing messages today can be up to 10% of the total volume of e-mail messages.
It is difficult to calculate the total amount of damage to organizations caused by phishing attacks, but one such successful attack can cost an average of 2,000 to 50,000 rubles ($27-680).
Earlier, E Hacking News reported that Kaspersky Lab experts described a discovered method of corporate phishing. Phishing attacks claiming to be from HR steals bank employees credentials.
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.