Fraudsters in the first quarter of 2024 stole 4.3 billion rubles from customers of Russian banks, which is 6.3% less than in the same period of last year. Is it a trend or an “occasional success”? How to resist cyber fraudsters? Invest-Foresight spoke with Andrey Zhukov, Deputy Head of the Center for Media Practices at the Institute of Communication Management at the Higher School of Economics.
– Andrey Dmitrievich, the number of transactions without the consent of customers in the first quarter amounted to 294.4 thousand, which is 16.8% more than in the first quarter of last year, but less money was stolen. What does this mean?
– This suggests that the “average size” of the deception has become smaller. Yes, citizens continue to be caught in net of fraudsters, but behave more carefully than before. Indeed, if 4.5 billion were stolen in the first quarter, then in this first quarter they stole 200 million rubles less. But I paid attention to other points.
– To which ones?
– If we compare the first quarter of last year with the first quarter of this year, then in 2023 the volume of refunds was completely insignificant – 5.6%, now it has grown to 8.4%. This is a movement in the right direction, when banks at least share responsibility with depositors for the fact that they could not protect the personal funds of citizens from embezzlement, could not resist properly.
– Is there a constant competition?
– Yes, the confrontation between shell manufacturers and armor manufacturers described by Jules Verne. As soon as one invents a more armor-piercing projectile, the other begins immediately to think about how to make more powerful armor. And this spiral is endless. And it’s good that banks are a little more included.
– The number of cyberattacks using social engineering methods in the first quarter of this year increased to 29.5 thousand, which is 14.8% more than the average for the previous four quarters. Is social engineering the future in such illegal operations?
– People have not become more trusting, just the opposite. But scammers began to work much more competently than before. As psychologists say, a “hook” can be found for every person. Everyone has their own fears, and shortcomings: someone is less greedy, someone is afraid for children, or for his own health. And if this hook is chosen correctly…
– Should a whole group work for this?
– Yes, modern fraudsters are well-organized criminal groups, often transnational ones. Moreover, psychologists also work with them, those people who compose scripts and schemes of what to say, in what case, and what soul strings to try to touch.
When we at the Higher School of Economics made a consensus forecast regarding the prospect of the development of fraudulent schemes in 2024, the complication of social engineering was one of the points that was discussed.
– Anything else to remember in the Bank of Russia report?
– I remember the growth in the first quarter of this year compared to the first three months of the past, an increase in the number of “other schemes” by 10%. What exactly this is, the regulator did not specify, but I can assume that these may be schemes using AI – voice generation, fakes with images.
– But is it still possible to prevent fraud cases relatively well?
– If we compare the number of prevented operations year by year, the figures are simply excellent: there were 1.45 trillion prevented write-off transactions, and now this number is more than 2 trillion, that is, an increase of 50%.
The Central Bank leads this fight very actively, and this figure just speaks of the results. The only problem is that fraudsters do not stand still, and the regulator is simply predetermined to be in the role of catch-up.
– Who should stand at the forefront of the fight against fraudsters: banks, the state, or bank customers themselves?
– There were Soviet slogans in the format… “this is everyone’s business.” And this is really everyone’s business. Some banks, for example, introduce systems that allow you to analyze the client’s behavior and block some suspicious transactions. But these systems, for example, do not react in any way if the client received a call not from the bank’s replacement phone, but simply “from another number”.
We need to connect mobile operators, and not just the Big Four, but everyone. Because most of the fraudulent calls go either through instant messengers, or through small operators who, in order to survive in the competition, distribute their SIM cards without due control.
Therefore, we, society, need to move from financial literacy to financial hygiene.
– Are there any general tips: how to protect bank card and deposit holders from fraudsters?
– Before transferring money, check to whom you transfer it. If you are told that you need to do something with your account, call the bank and clarify whether this is so? Talk to someone you trust. And this is a common task in fact.
The general advice can be: take your time and think. If you are told that you need to do something quickly, then pause, ten deep exhalations, drink a glass of water and tell yourself that you will make a decision only after an hour and not earlier.
You can call someone. And here there is a very good idea: nowadays it is very useful to create some “fact-checking networks” from friends and acquaintances. If you have an extensive circle of acquaintances, where there are lawyers, financiers, then this is already good, and this will help you catch and identify both fakes and fraudulent schemes.