1. General information on unauthorized transactions1
In 2021, the number and value of transactions not authorized by customers increased year-on-year by 33.8% and 38.8%, respectively, amid the rapid progress of new remote payment services and the growing volume of money transfers (up by 28%, reaching 1,048.4 trillion rubles) performed using electronic payment methods (payment cards and other e-payment tools). The share of unauthorized transactions in the total value of money transfers was at 0.00130% (in 2020, it was 0.00120%) , which does not exceed the target benchmark set by the Bank of Russia for the share of such transactions in the total volume of transactions executed via payment cards (0.005%).
1 This overview provides data on the number and value of transactions not authorized by customers for 2021 as compared to 2020. It has been compiled based on the information provided to the Bank of Russia by money transfer and payment infrastructure services operators under Reporting Form 0403203.
The Bank of Russia continuously works to enhance the quality of information on unauthorized transactions submitted by money transfer and payment infrastructure services operators, in particular as part of its supervisory activities. As a result of this work, several organizations resubmitted a corrected version of data under Reporting Form 0403203 for a number of reasons (for example, to correct mistakes in the previously sent data identified by the organizations themselves), which explains the discrepancy between the data on unauthorized transactions presented in this Overview and the data previously published by the Bank of Russia.
Total value and number of unauthorized transactions
Transactions not authorized by customers: individuals and legal entities
2. Statistical data from the Automated Incident Processing System (AIPS)
Telephone fraud
In 2021, the Bank of Russia initiated blocking of 179,071 phone numbers used by fraudsters to steal money from individuals.
Fraudulent phone numbers identified
Scenarios used during phone calls remained practically the same. Fraudsters continued to impersonate employees of banks’ security departments, law enforcement agencies and the Bank of Russia, as well as to imitate automated voice messaging and robot assistants.
Jointly with the Ministry of Digital Development, Communications and Mass Media of the Russian Federation and telecom operators, the Bank of Russia continues its efforts to counter telephone fraud conducted using official phone numbers of banks. For instance, the Bank of Russia prepared a list of such numbers, which enabled telecom operators to block over 2 million calls that fraudsters tried to make using caller ID spoofing.
Phishing websites
In 2021, the Bank of Russia also dealt with online resources used by fraudsters to conduct illicit activities and send out malicious software (malware). As part of these efforts, the Bank of Russia routinely cooperates with domain names registrars in the top-level domains .ru, .рф, and other geographical top-level domains by sending them information on identified resources to be withdrawn from delegation. Over 2021, the Bank of Russia provided domain registrars with information on 6,213 online resources used to conduct illicit financial activities, a 19% drop from the previous year (7,680 resources). On average, it takes registrars from 3 hours to several days to withdraw a domain from delegation.
Fraudulent online resources identified
In 2020, the Bank of Russia initiated a pilot project to exchange information on fraudulent websites with the Prosecutor General’s Office of the Russian Federation for the purposes of blocking them. In 2021, this mechanism was formalized in a law and the Bank of Russia was empowered to block illicit websites under an extrajudicial procedure. With this mechanism, access to 3,100 websites was restricted in 2021. For online resources used to conduct fraudulent activities in the financial market and advertise pyramid schemes, the average time required for blocking was cut from several weeks to several days.
Most of the blocked websites (around 58%) were used to conduct unlicensed activities in the securities market and to advertise pyramid schemes. Fraudsters were stealing customers’ money under the guise of high-yield investments into agriculture, energy and cryptocurrency.
In 2021, fraudsters mostly masked phishing websites as websites of real credit and financial institutions to get customers’ personal information or online banking credentials, as well as their bank card information. Besides, they used websites containing false information on how to receive state-provided payments or earn money by completing a survey, a test, etc. Another fraud method widely used in 2021 was to clone websites of popular marketplaces and online retailers selling electronics, household appliances, computers, etc.
Key figures on unauthorized transactions
The principal strategy used by fraudsters is still social engineering — a method of psychological manipulation that makes people either voluntarily transfer money or give away their banking details, enabling theft. However, the share of such operations dropped in 2021 from 61.8% to 49.4% . Still, according to the Bank of Russia’s estimates, there was a simultaneous increase in the average amount stolen with the use of social engineering methods, which also led to an increase in the total amount of losses from unauthorized transactions. In 2021, 6.8% (920.5 million rubles) of all losses incurred by customers of credit institutions due to unauthorized money transfers were reimbursed, while in 2020 this figure was at 11.3% (1,105.3 million rubles).
Average transaction amount
Transactions not authorized by customers (individuals), distributed by type
In 2021, 83.9 thousand cases were recorded of payment cards (except pre-paid cards) being used in ATMs or bank terminals without their owners’ authorization, with total losses of 1,971.2 million rubles. Notably, 22.5% of these cases involved the use of social engineering methods. Fraudsters applied a combination of schemes, whereby victims were forced into using this channel for transferring funds, which resulted in a growing number of unauthorized transactions of this type. The average transaction amount was 23.5 thousand rubles.
Unauthorised transactions performed using ATMs, payment terminals and card imprinters
Most transactions unauthorized by individuals were CNP transactions. Bank clients reported 742.3 thousand such transactions, 44.5% of which resulted from social engineering scams. Total losses amounted to 4,140.2 million rubles, with the average transaction amount of 5.6 thousand rubles.
Unauthorised transactions involving remote purchase of goods and services (CNP transactions)
Remote banking systems of individuals were targeted by fraudsters over 204.6 thousand times, with social engineering being involved in 78.0% of cases. The losses amounted to 6,019.7 million rubles, and the average transaction amount stood at 29.4 thousand rubles.