Fraudulent resource – «Promotion from "GAZPROM"»

The computer emergency response team KZ-CERT of the State Technical Service of the National Security Committee of the Republic of Kazakhstan warns of the detection of a fraudulent online resource gazprom-bonus.men.

The attackers, via mobile instant messengers and e-mail, send out messages inviting to be interviewed on the Internet resource gazprom-bonus.men, for a fee in the form of a “coupon for 300 liters of AI-95 fuel”.

After the survey, the user needs to “share this link to the survey with 10 friends / groups in the WhatsApp messenger”.

When you click on the "get" button, the user is redirected to the IR - world-www.info, in turn, it is redirected to various online resources of fraudulent polls.

The service has fixed a redirect to 2 Internet resources of fraudulent polls at very-o.ru and vertebrate01.info.



It is worth noting that the Service previously discovered similar Internet resources.

The purpose of these online resources is to conduct surveys, followed by guaranteed payment of funds to the member's account. The participant must make a fixing payment by paying a fee for the transfer of funds.

In the case of a fraudulent online resource vertebrate01.info, it is necessary to pay by online payment on a third-party Internet resource oplata1.online. This Internet resource by the Service is classified as Phishing, which emulates the online resource of Sberbank PJSC sberbank.ru.

After entering and confirming the bank details of the survey participant, a message is displayed about emulating sending an SMS message to the participant number.

At the end of the payment, an error is displayed and requested to use another card.

With regard to very-o.ru, it is also necessary to make payment by means of online payment on a third-party Internet resource multi-payment.com. This Internet resource by the Service is classified as Phishing.

The method of collecting data of bank cards is similar to the phishing internet resource oplata1.online.



Recommendations from KZ-CERT

We recommend that you follow the basic rules of information security, we urge you to be especially vigilant and not to visit, not to go to suspicious pages.

We advise users to contact call centers of banks when they detect any change in the logic of operations. Please carefully and carefully use the devices (computer, laptop, tablet) from which you access the Internet banking site, as well as make payments using your cards.

We advise you not to go to gaming, entertainment sites, unfamiliar resources, not to follow links and banners with “sensations” - often such sites and news are used to infect users with various malware.

We advise you to consider any suspicious letter (from an unknown addressee, on an unexpected topic, where you are offered (or they are trying to force you) to perform some kind of operation urgently, or in a short time) - as malicious.

IF YOU BECAME A VICTIM OF FRAUD, CONTACT THE KAZAKHSTANI COMPUTER EMERGENCY RESPONSE TEAM AND GET A CONSULTATION CALL FOR FREE ON A SHORT NUMBER 1400.

MORE DETAILED INFORMATION ON THE INTERNET-RESOURCE: KZ-CERT.KZ