Scammers steal money by streaming users’ smartphone screen

Sberbank has reported the emergence of a new fraudulent scheme that utilizes the screen sharing feature during video calls, available in some popular messaging apps. Initially, the scammer creates an account in a messaging app, posing as an employee of Sberbank, with an account name mimicking the number 900 and featuring the bank's logo.

The first call is made from this profile, with the cybercriminal posing as a bank representative and inquiring whether the potential victim has recently updated their mobile banking app. If the response is negative, the "bank employee" claims that another specialist will contact them soon to assist with the app update.

Another perpetrator typically calls from a different account or even a different messaging app with screen-sharing capabilities. The confusion caused by interacting with different "specialists" is intended to disorient the individual and compel them to follow the cybercriminals' instructions. The second "bank employee" asserts that they are conducting a video call for biometric client identification and requests the user to enable screen-sharing mode to connect the "robotic system for account diagnostics."

The user is then asked to log in to the bank's mobile app, with the assurance that it is entirely safe since only the robot will see the screen. In reality, screen sharing enables the fraudster to view card numbers, account balances, and SMS codes from the bank. These details can be exploited to gain access to the client's account and steal their funds or persuade them to transfer money to a supposed "secure account."

Sberbank emphasizes that users should never share their device screen with strangers via video calls, even if they claim to be bank employees, and the purported robotic system for account diagnostics is a fabrication.