Hackers are increasingly targeting vulnerabilities in companies' software and IT solution suppliers to financial institutions, according to a review by the Bank of Russia. The report analyzes cybercriminal activities throughout 2023.
Cybercriminals continue to employ DDoS attacks, malware, and phishing emails as part of their tactics. In efforts to steal money from individuals, fraudsters use personalized deception scenarios that appear highly realistic. To achieve this, they gather information from open sources such as social networks and compile data accessed through successful computer attacks on various companies. This approach significantly increases trust in the fraudsters during phone conversations or correspondence.
The Bank of Russia highlights another trend where attackers hack users' personal accounts in online stores, delivery services, social networks, marketplaces, and other platforms using methods like brute-force attacks. The regulator advises against sharing personal and financial information on social networks or other open sources and warns against using similar passwords across different services.
The Bank of Russia recommends that individuals frequently update their passwords and utilize two-factor authentication whenever possible to secure access with an SMS code.