Scammers send phishing emails on behalf of the Ministry of Finance and Roskomnadzor


Cybercriminals have started sending phishing emails to users en masse on behalf of Russian agencies. Malwarebytes, a company specializing in cybersecurity, told about the new deception scheme.

Since March 23, messages have been regularly sent to the e-mail of Russian users, allegedly on behalf of representatives of the Ministry of Finance and Roskomnadzor. The letters contain a warning about the illegality of using websites, social networks, messengers and VPN services banned in Russia to bypass their blocking. The message is accompanied by an RTF file with a list of prohibited resources.

Experts have found out that when opening a document on a smartphone, PC or any other user’s device, an HTML file is downloaded, which activates a script that allows fraudsters to gain remote access to device data.

The mailing of phishing emails is configured primarily to the addresses of electronic mailboxes with domains , , , and .

Start a discussion …