Fraudsters have devised a new deceptive method to gain access to Russians` accounts on the “Gosuslugi” (Public Services) portal. These scammers impersonate employees of a fictional domestic messenger called Max.
According to their scheme, the perpetrators contact potential victims by phone, convincing them to urgently register in the Max application and activate a “supplementary security account.” They then request a code, purportedly needed for this activation. In reality, this code is a confirmation for logging into the “Gosuslugi” account. As soon as the victim provides the code, the fraudsters gain full access to their account.
It is crucial to note that the scammers falsely claim Max is a state messenger integrated with Gosuslugi. This is untrue; according to Maksut Shadaev, Head of the Ministry of Digital Development, the question of integration is still under consideration, and no final decision has been made.
To protect yourself from such attacks, it is extremely important to exercise caution: never disclose SMS codes to third parties. In case of any doubts or questions, always contact only the official support services of the “Gosuslugi” portal or the Max messenger, if you use it.
Clement Ashworth 
Barnaby Whitfield