en.Wedoany.com Reported - Experts at BI.Zone (ООО "БИЗон") have discovered a batch of phishing emails disguised as well-known investment funds and organizations, offering passive income and 15,000 rubles in exchange for participation in investment projects. Attackers replicated the email style, structure, and brand names of these institutions to lure users into clicking links.

In an investigation on May 29, 2026, BI.ZONE Digital Risk Protection identified over 1,000 unique links pointing to fraudulent websites. After clicking, users were directed to two types of fake resources. The first type mimicked the design of well-known companies, using chatbots to conduct surveys that collected users' income levels, financial goals, and investment experience. The system then requested full name, email, and phone number to initiate an investment. The second type directly displayed the promised reward amount and guided users to fill out a form containing contact information. An element on the page resembled a CAPTCHA but did not actually perform any verification. Users did not have their funds stolen directly, but their personal information was collected. This data could be used for more targeted fraud or resold on the dark web, leaving victims vulnerable to new attacks and financial losses in the future.

Dmitry Tsarev (Дмитрий Царев), head of the cloud cybersecurity solutions department at BI.Zone, stated that such attacks have no specific target or industry. The scale directly determines the efficiency and success rate of the scammers. He noted that employees who regularly undergo cybersecurity literacy training are already more vigilant against such emails.

Khariton Nikishkin (Харитон Никишкин), General Director of Secure-T (a subsidiary of the Solar Group), holds a different view. He believes that despite an overall increase in digital literacy, social engineering still exploits basic triggers such as curiosity, urgency, and the desire for quick profits. Users do not fully recognize the risks, and there will always be someone who clicks the link.

Igor Bederov (Игорь Бедеров), Chairman of the Russian National Security Council's Committee on Combating Tech Crimes (КС НСБ России), noted that the attack success rate is approximately 0.5-1%. He stated that attackers do not need all potential victims to fall for it; just one person, such as an accountant with access to accounts or an elderly person with savings, is enough.

Igor Bederov (Игорь Бедеров) added that attackers have significantly expanded their reach. In the past, obtaining 1,000 responses required making 10,000 phone calls. Now, thanks to data breaches and automation technology, sending 1 million emails yields the same number of high-quality targets. Behind the decline in complaints and small transfers is the attackers' adjustment of their screening mechanisms.

Artyom Melekhin (Артем Мелехин), head of the cybersecurity literacy improvement direction at Red Security LLC (ООО "Ред Секьюрити", a subsidiary of the MTS Group), pointed out that such scams change slightly each year. In 2025, there was a surge in fake investment resources, with website designs completely copying the financial service pages of Russia's largest banks. Currently, scammers have modified their schemes by adding monetary rewards to stimulate victims.

Pavel Kalyakin (Павел Калякин), General Director of Consom Group Research Center LLC (ООО НИЦ "Консом Групп", Inka 4.0), also agreed with this view. He stated that the essence of scam techniques has not changed, only the forms, scripts, and methods of information delivery evolve. Today they ask for investment for easy money, tomorrow they might impersonate banks, e-commerce platforms, tax authorities, or employers.

Pavel Kalyakin (Павел Калякин) concluded that scammers can quickly adapt to news trends and economic conditions, exploiting the most resonant topics. Modern automation and artificial intelligence tools make it possible to create persuasive, personalized messages on a large scale and at low cost. Such attacks are no longer the exception but the norm in the digital environment. Any company must assume that its employees will regularly be targeted by such emails.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com