The computer emergency response team KZ-CERT of the State Technical Service of the National Security Committee of the Republic of Kazakhstan warns of the detection of a fraudulent online resource opros-2018.info.
The attackers, through mobile instant messengers and e-mail, sent out an invitation to take a survey on the internet resource opros-2018.info, for a cash reward with subsequent payments to the survey participant.
The user must specify the name and surname to participate in the survey, after which 6 questions will be selected with guaranteed subsequent cash payments.
To obtain guaranteed cash, a survey participant must pay a remuneration of 95 rubles or 534 tenge. After agreeing with the terms of the survey, the participant is redirected to the Yandex.Money online payment service to fill in the payment card data and make the payment.
After the transfer of funds to the account of intruders, the guaranteed money is not received.
Recommendations from KZ-CERT
Bank customers are recommended to follow basic information security rules. During the holidays, due to the increase in the volume of purchases and advertising mailings, we urge to be especially vigilant and not to visit, not to go to suspicious pages.
We advise users to contact call centers of banks when they detect any changes in the logic of operations. Please carefully use the devices (computer, laptop, tablet) from which you access the Internet banking site, as well as make payments using your cards.
We advise you not to go to gaming, entertainment sites, unfamiliar resources, not to follow links and banners with “sensations” - often such sites and news are used to infect users with various malware.
Also be careful about the security of the phone, when you receive SMS - notifications and one-time codes.
For infection attempts, attachments of such formats that do not cause suspicions of the user (for example, doc, pdf, xls) can be used. Please note that you can use most common file formats for infection (including popular office applications).
We advise you to consider any suspicious letter (from an unknown addressee, on an unexpected topic, where you are offered (or they are trying to force you) to perform some kind of operation urgently, or in a short time) - as malicious.
We advise you to carefully check the address of the sender - attackers can send you a letter on behalf of your friend or trusted organization, changing one or two letters in the address.
IF YOU BECAME A VICTIM OF FRAUD, CONTACT THE KAZAKHSTANI COMPUTER EMERGENCY RESPONSE TEAM AND GET A CONSULTATION CALL FOR FREE ON A SHORT NUMBER 1400.
MORE DETAILED INFORMATION ON THE INTERNET-RESOURCE: KZ-CERT.KZ