The exchange of data on suspicious transactions between the Central Bank and the Ministry of Internal Affairs, the requirement for the return of money and the introduction of a self-ban on loans will become the main directions in the fight against fraudsters for the next three years. German Zubarev, Deputy Chairman of the Bank of Russia, announced this on the main day of the Ural Cybersecurity Forum. According to the chairman of the regulator, Elvira Nabiullina, there has not yet been a turning point in the fight against intruders, but the effectiveness of calls is already declining. The market conceptually supports the initiatives of the regulator, noting that the details need to be improved.

Three Directions

On the eve of the plenary session of the Ural Forum on Cybersecurity, which the Bank of Russia is holding in Yekaterinburg in February, Deputy Chairman of the Central Bank German Zubarev presented the main directions for the development of this area for 2023-2025. He recalled that last year the volume of transfers without the consent of customers continued to grow – it increased by 4% and exceeded 14 billion rubles. Social engineering remains the main tool of attackers.

– It is necessary to improve the mechanism for the return of stolen money. Therefore, we need to improve the quality of anti-fraud procedures, establish monitoring of transactions with abnormal behavior of customers, disable electronic means of payment for droppers, introduce an obligation to return money to customers if the bank has not completed the mandatory anti-fraud procedures,” German Zubarev explained.

He continued: the second direction is the debugging of information interaction with the Ministry of Internal Affairs. In 2023, law enforcement agencies will be able to quickly receive information about fraudulent transactions, which should increase the speed of investigation of such cases.

Another vector in which the Central Bank plans to deal with fraudsters is the theft of borrowed money. To do this, it is planned to give citizens the opportunity to put a self-ban on applying for an online loan in their name, German Zubarev added.

The head of the Bank of Russia Elvira Nabiullina, speaking at the plenary session of the forum, said that the number of fraudulent attacks on bank customers will continue to grow. However, the amount of damage is no longer increasing at the same pace as the number of attacks. That is, their success is falling, stressed the chairman of the Central Bank.

According to her, the draft law prepared by the Bank of Russia will help in the fight against fraudsters. It involves several measures: blocking the accounts of droppers (to which Russians transfer money) and the mandatory suspension of transfers to such accounts (“cooling off period”). If such an operation has not been frozen, the bank will be obliged to return the entire amount of stolen funds.

— For me, it is certainly necessary to adopt this law, that is, if money is transferred to the account of a fraudster, and the Central Bank has a database, it can be seen from it that this is a fraudster’s account. Firstly, this account should be blocked as soon as possible, and secondly, a person should not transfer money there for at least two days,” Elvira Nabiullina noted.

She stressed that fraudsters are creative and very focused, while regulators, banks and telecom operators act in a fragmented and slow manner. In response, Anatoly Aksakov, head of the State Duma committee on the financial market, promised that the bill would be adopted in the spring session.

Consensus

The market and the regulator are of the same opinion on the need to adopt and implement the prepared document as soon as possible, Andrey Yemelin, head of the National Council of the Financial Market, told Izvestia on the sidelines of the forum. He clarified that, given the importance of the bill, it was decided to work out all the comments before considering it in the first reading. In particular, the details of the mechanism for the rehabilitation of clients who are included in the “base of droppers”, as well as the procedure for blocking remote access to their accounts are discussed.

In general, banks do not even criticize the requirement for a refund. The Central Bank offers a specific mechanism for protecting customers – only if the credit institution does not fulfill it, the damage will have to be compensated, said Alexander Kondratenko, Deputy Director of the Department, Head of Risk Management and Development of Information Security Processes of Rosbank. He stressed that this would be a kind of penalty for a credit institution that did not protect the client.

Conceptually, the market also supports the introduction of a self-ban on loans, Vice President of the Association of Banks of Russia Alexei Voylukov told Izvestia on the sidelines of the forum. At the same time, he stressed that before its adoption, a number of improvements are required: in particular, all credit history bureaus should connect to the service at the State Services. In addition, it is important that self-prohibition is not removed in one click – otherwise social engineers will easily force a person to do this, Alexey Voylukov added.

Stanislav Kuznetsov, Deputy Chairman of Sberbank, spoke about the transformation of the behavior of malefactors at the Ural Forum. According to him, a few years ago, scammers stole citizens’ savings, then they set their sights on loans, after that they began to force Russians to re-register housing. In recent months, Sberbank has revealed a new trend: scammers, plus everything else, force people to commit illegal actions – set fire to bank branches, while causing direct damage to credit organizations.

Another new trend is calling Russians via instant messengers. There, it is easy for attackers to substitute the number and brand of a credit institution, thus increasing the trust of the interlocutor. Vladimir Bengin, head of the Department of Cybersecurity of the Ministry of Digital Development, said that about 65-85% of fraudulent calls already fall on What’s App. Therefore, the Ministry of Digital Development called on credit organizations not to provide financial services through social networks and instant messengers.

However, Elvira Nabiullina did not agree with him. Answering a question from Izvestia at a press conference, she said that there are no additional technological risks when providing banking services in instant messengers. At the same time, the Central Bank sees that Telegram channels are often used by scammers as a means of communication.

Share this: Twitter

Facebook

LinkedIn

Telegram

WhatsApp

