Cybercriminals in Russia have devised a sophisticated two-stage scheme to steal personal data by luring victims with the promise of a “personal intercom code” for their residential buildings.
The scam typically begins with a fraudster contacting a potential victim, stating their address, and offering a unique code that supposedly allows keyless entry into their building. Upon the unsuspecting individual`s agreement, a six-digit code is then sent to their “Gosuslugi” (Russian public services) account. The victim mistakenly believes this code is specifically for operating their intercom system.
Shortly thereafter, the victim receives a call via a messenger application from someone impersonating a “Gosuslugi” employee. The scammer claims there has been an attempted account breach and cleverly persuades the victim to provide the SMS code they had previously received. By disclosing this seemingly innocuous code, victims unknowingly hand over control or access to their personal data to the cybercriminals.
Important Warning: Official “Gosuslugi” support staff will never ask for passwords, SMS verification codes, or any other sensitive personal information.
Clement Ashworth 
Barnaby Whitfield