Do you use a QR code and “Gosuslugi”? Your identity can be stolen


Information about a new type of fraud using the Gosuslug portal has appeared on the network. This was reported in Kommersant.

According to the source, the Russians’ new “divorce” scheme is to take control of a user’s account on Gosuslugi, essentially stealing their identity. The personal data of the person and his digital signature are subsequently “cashed out” – that is, they are used to obtain illegal profits.

Here’s how it goes. An unsuspecting user receives an incoming call from an unknown number. Recently, these are often corporate numbers, the pool of which scammers rent immediately after some closed office – such a maneuver allows you to bypass caller IDs like those provided by Tinkoff or Yandex.

The caller introduces himself as a Gosuslug employee and offers to link a “covid” QR code to the “victim’s” account. This reason is 100% far-fetched, since the “covid” QR code is automatically linked to the account.

In order to “bind”, the scammer asks the user for a username and password from his Gosuslug account. Although many people already know that certificates appear automatically in the state database, the fear of a person one day not to get to the place he needs due to a non-working QR code can play in favor of “divorced”. For this reason, as well as simply out of ignorance, a person can recklessly “gift” his account to scammers.

There can be several ways to use someone else’s Gosuslug account. Since it can be used to verify your identity on the Internet, attackers can, say, buy an eSIM in the name of the victim, and then use these numbers for criminal purposes. Moreover, it is quite possible to “slip” the data from your personal account to a bank or a micro-lending organization in order to issue a loan or a loan for the “victim” – or maybe even several. In all these cases, the injured Russian will receive an unpleasant “surprise” after some time and will be held accountable before the law for those actions that he did not commit.

Earlier we said that in Russia they caught the world-famous team of hackers REvil.


Source: iGuides.ru by www.iguides.ru.

*The article has been translated based on the content of iGuides.ru by www.iguides.ru. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!