Unauhtorised transactions (UATs): in general
| Number of UATs | Amount of UATs, ₽ ths | % of social engineering | % of reimbursed funds (of the total amount) | Number of prevented UATs | Amount of prevented UATs, ₽ ths | |
|---|---|---|---|---|---|---|
| Average over the previous four quarters (from 2022 Q2 through 2023 Q1) | 217 651 | 3 855 141,40 | 49,8 | 4,0 | —* | —* |
| 2023 Q2 | 279 706 | 3 622 543,21 | 46,5 | 4,5 | 6 598 750 | 911 120 726,78 |
* The data have been collected from 1 January 2023.
Individuals
| Bank cards | Accounts (remote banking, funds transfers) | FPS | E-wallets | Without opening accounts | |
|---|---|---|---|---|---|
| Number of UATs | 244 557 | 12 915 | 20 099 | 1 718 | 50 |
| % of social engineering | 44,9 | 52,8 | 57,9 | 99,0 | 100,0 |
| Amount of UATs, ₽ ths | 1 700 972,78 | 1 027 385,45 | 767 881,33 | 20 648,74 | 6 279,20 |
| % of reimbursed funds | 7,2 | 1,7 | 1,7 | 0,0 | 0,0 |
Legal entities
| Accounts | FPS | |
|---|---|---|
| Number of UATs | 316 | 51 |
| % of social engineering | 26,9 | 2,0 |
| Amount of UATs, ₽ ths | 91 130,39 | 8 245,32 |
| % of reimbursed funds | 12,5 | 0,0 |
Main types of cyber attacks: number of detected attacks, % change
| Attack type | Average over the previous four quarters | 2023 Q2 |
|---|---|---|
| Social engineering attacks | 14 016 | 18 433+31,51% |
| Phishing attacks | 2 015 | 1 243-38,31% |
| Attacks using malware1 | 151 | 99-34,44% |
| DDoS attacks | 195 | 112-42,56% |
| Other attacks2 | 42 | 65+54,76% |
1 Malicious software.
2 Compromising authentication data (login details); changes in route and address information; exploiting vulnerabilities; scanning ports, etc.
Fraudulent phone numbers: detected numbers, % change
| Average over the previous four quarters | 2023 Q2 | |
|---|---|---|
| Using phone numbers 8 800 | 563 | 2 688+377,44% |
| Landline phone numbers | 46 127 | 34 528-25,15% |
| Mobile phone numbers | 144 170 | 239 559+66,16% |
Over the reporting period, the Bank of Russia initiated 276,775 requests to communication operators to implement response measures in relation to the phone numbers used for illicit purposes.
Fraudulent online resources: number of blocked resources, % change
| Average over the previous four quarters | 2023 Q2 | |
|---|---|---|
| Unlicensed operations1 | 1 542 | 1 365-11,48% |
| Phishing2 | 2 484 | 4 924+98,23% |
| Financial pyramids | 1 235 | 1 767+43,08% |
1 Online resources that contain information about the possibility of receiving services of credit institutions, insurance companies, securities market services, as well as services of consumer lending companies, pawnshops and other organisations operating without a special permission (licence) of the Bank of Russia.
2 Online resources of non-financial organisations, companies operating under the guise of real financial organisations, websites providing information about the possibility of receiving compensation payments from the state, earning money for participating in surveys (tests), online cinemas, sites selling tickets, travel tours, etc.
The Bank of Russia sent requests for inspections and de-delegation of 890 internet domain names used for illicit operations to domain name registrars.
Besides, the Bank of Russia provided data on 7,166 internet domains to the Prosecutor General’s Office of the Russian Federation for carrying out inspections and further blocking them according to Article 15.3 of Federal Law No.