Cyber Criminals Sending Phishing Mails Pretending to be from Russian Government Domain

The administration of RSNet (Russian State Network) recommended not to open letters from unknown senders, not to click on links from emails of legitimate users of the RSNet, including from the administration of the RSNet, and also not to open attachment files contained in such emails.

According to Andrey Kovtun, the head of the mail threat protection group at Kaspersky Lab, scammers set up phishing mailings allegedly from a domain He explained that the attackers use a fake sender's address

"Such attacks are usually more complicated than mass attacks, even the real names and phone numbers of employees of the organization can be used," added the expert.

In turn, Alexey Drozd, the head of the information security department of SearchInform, warned against using links from emails even from legitimate users because of the possibility of hacking their accounts.

The expert also noted that recently, scammers sent phishing emails allegedly from the tax authorities.

"People trust domains that look like government domains. In addition, if any letter comes from a government agency, we consider it important," he added.

Earlier, the Ministry of Internal Affairs of Russia reported on the arrest of a group that published ads for the sale of real estate and premium cars and stole money from the accounts of Russians. The attackers asked potential buyers to confirm their solvency by transferring a certain amount to friends or relatives through certain payment systems, and then to provide the potential seller with a receipt for a financial transaction.

Thus, the attackers found out the personal data of the recipients of the transfers and made fake passports in their names, with which they visited credit and financial organizations and withdrew money from the accounts of citizens.