• 12 Neglinnaya Street, Moscow, 107016 Russia
  • 8 800 300-30-00
  • www.cbr.ru
What do you want to find?
Q2 Q1
Q3 Q2 Q1
Q2 Q1

Unauthorized transactions: general overview

Number Value,
RUB thousand
Share of social
engineering, %
Share of funds
reimbursed, %
Q2 2021 236,971 3,013,664.38 47.0 7.4
Q2 2022 211,263 2,848,614.92 44.8 5.0

Number of unauthorized transactions, share of social engineering

Q2 2021 Q2 2022
ATMs, payment terminals, imprinters 20,371 18.9% 32,396 12.6%
Remote purchase of goods and services 166,734 40.1% 139,950 44.6%
Individuals’ RBS* system  48,882 81.8% 37,272 74.3%
Legal entities’ RBS system  984 74.3% 1,645 21.7%
* RBS — remote banking service.

Value of unauthorized transactions (RUB, thousand), share of funds reimbursed

Q2 2021 Q2 2022
ATMs, payment terminals, imprinters 435,555.79 3.9% 295,990.42 6.1%
Remote purchase of goods and services 856,980.84 22.1% 581,994.08 18.5%
Individuals’ RBS system 1,239,244.71 1.3% 1,807,456.44 0.9%
Legal entities’ RBS system 481,883.05 0.2% 163,223.98 1.1%

Unauthorized transactions executed using ATMs, payment terminals and imprinters

Number Value,
RUB thousand
Share of social
engineering, %
Share of funds
reimbursed, %
Q2 2021 20,371 435,555.79 18.9 3.9
Q2 2022 32,396 295,990.42 12.6 6.1

Unauthorized CNP transactions*

Number Value,
RUB thousand
Share of social
engineering, %
Share of funds
reimbursed, %
Q2 2021 166,734 856,980.84 40.1 22.1
Q2 2022 139,950 581,944.08 44.6 18.5

* Card-not-present transactions — transactions made without payment card physically present.

Unauthorized transactions executed using individuals’ RBS systems

Number Value,
RUB thousand
Share of social
engineering, %
Share of funds
reimbursed, %
Q2 2021 48,882 1,239,244.71 81.8 1.3
Q2 2022 37,272 1,807,456.44 74.3 0.9

Unauthorized transactions executed using legal entities’ RBS systems

Number Value,
RUB thousand
Share of social
engineering, %
Share of funds
reimbursed, %
Q2 2021 984 481,833.05 74.3 0.2
Q2 2022 1,645 163,223.98 21.7 1.1

Number of attacks against financial institutions and their clients, quarterly change

Q2 2021 Q2 2022

Attacks on clients of financial institutions.
Phishing

1,160 682-41.2%
Attacks on clients of financial institutions.
Social engineering
11,173 8,781-21.4%
Attacks on financial institutions.
Malware
112 34-69.6%
Attacks on clients of financial institutions.
Exploiting software vulnerabilities 
56 1-98.2%
Other incidents 251 428+70.5% 

Scam phone numbers identified, quarterly change

Q2 2021 Q2 2022
Numbers starting with 8 800 208 277+33.2%
Landline phone numbers 8,475 41,482+389.5%
Mobile phone numbers 3,166 75,875+2296.6%

Over the reporting period, the Bank of Russia sent 117,634 requests to telecom service providers asking them to take measures against scam phone numbers.

Number of scam websites withdrawn from delegation, quarterly change

Q2 2021 Q2 2022
Unlicensed activity 570 175-69.3%
Fraud* 804 467-41.9%
Malware  1 0-100%
Pyramid schemes  74 61-17.6%

* Scam websites of non-financial institutions and companies disguised as real financial institutions.

The Bank of Russia sent requests to domain name registrars asking to carry out appropriate verification procedures and withdraw from delegation 703 domain names that were used for conducting illegal activities.

Moreover, the Bank of Russia sent information about 2,132 domains to the Prosecutor General’s Office of the Russian Federation to initiate verification procedures and take measures to restrict access to these domains under Article 15.3 of Federal Law No. 149-FZ, dated 27 July 2006, “On Information, Information Technologies and Protection of Information”.

Save as PDF
Save as PDF
Department responsible for publication: Information Security Department
Was this page useful?
Last updated on: 25.01.2023