From Envelope to Theft: How Cybercriminals Use Traditional Mail

MegaFon has warned about a new fraud scheme using far from digital technologies, RIA Novosti reports.

As the operator's expert, director of the department for fraud and loss of income prevention Sergey Khrenov, said, there have been cases in which fraudsters are returning to "old-fashioned" methods, but with a modern approach. Paper letters have become a new tool for engaging potential victims.

Fraudsters try to make their schemes multi-component in order to bypass the security solutions used by operators at the first stage. To do this, they use different methods so that the potential victim gets in touch independently. For example, they can send SMS or e-mail with supposedly important information and a phone number for a call back to force the subscriber to call back. Recently, regular letters have begun to appear as the “first link” in the chain of fraudulent schemes: a sheet of paper with a phone number is put into the postal envelope, which is offered to call back. You could say - phishing on paper.

"Fraudsters study information about their potential victims and then send personalized letters on behalf of well-known companies. The letters contain some kind of trigger, for example, the need to reissue some bank documents," Khrenov comments.

The goal of the scammers is still the same - to force the recipient to call the specified number themselves. The expert said that the scheme did not appear by chance: "Operator protection systems do an excellent job of identifying fraudulent SMS and calls, but are powerless against regular mail - personalized letters that imitate company correspondence. Phone numbers from paper letters, as a rule, do not appear in operator databases as malicious, which allows scammers to remain undetected longer. And a personalized approach increases trust." Moreover, such fraud "on paper" can be found not only in the form of mail: for example, scammers print out QR codes that supposedly lead to home chats, or send fake utility bills, where instead of the account of the management company, fake data may be indicated, according to which the money will go to the criminals.

To protect yourself from fraudulent letters, you should always pay attention to the details: how it is written, whether there are any mistakes in the text, what the envelope looks like, whether it was sent by mail or was simply dropped into a mailbox. “Do not call the number indicated in the letter. Instead, contact the sending company at the official number. Do not rush, even if the letter shows an attempt to create excitement and specifies some short deadlines. Be sure to report such letters to the companies on whose behalf they come - this will help them in the fight against fraud and prevent similar cases in relation to other clients,” the expert advised.

If there are elderly relatives in the family, be sure to tell them about this scheme. They are the ones who are used to receiving important information via mail, so they are most susceptible to influence. Agree that when they receive such letters, they will definitely tell their loved ones about them.