Unauthorized transactions: general overview
| Number | Value, RUB thousand |
Share of social engineering, % |
Share of funds reimbursed, % |
|
|---|---|---|---|---|
| Q2 2021 | 236,971 | 3,013,664.38 | 47.0 | 7.4 |
| Q2 2022 | 211,263 | 2,848,614.92 | 44.8 | 5.0 |
Number of unauthorized transactions, share of social engineering
| Q2 2021 | Q2 2022 | |
|---|---|---|
| ATMs, payment terminals, imprinters | 20,371 18.9% | 32,396 12.6% |
| Remote purchase of goods and services | 166,734 40.1% | 139,950 44.6% |
| Individuals’ RBS* system | 48,882 81.8% | 37,272 74.3% |
| Legal entities’ RBS system | 984 74.3% | 1,645 21.7% |
Value of unauthorized transactions (RUB, thousand), share of funds reimbursed
| Q2 2021 | Q2 2022 | |
|---|---|---|
| ATMs, payment terminals, imprinters | 435,555.79 3.9% | 295,990.42 6.1% |
| Remote purchase of goods and services | 856,980.84 22.1% | 581,994.08 18.5% |
| Individuals’ RBS system | 1,239,244.71 1.3% | 1,807,456.44 0.9% |
| Legal entities’ RBS system | 481,883.05 0.2% | 163,223.98 1.1% |
Unauthorized transactions executed using ATMs, payment terminals and imprinters
| Number | Value, RUB thousand |
Share of social engineering, % |
Share of funds reimbursed, % |
|
|---|---|---|---|---|
| Q2 2021 | 20,371 | 435,555.79 | 18.9 | 3.9 |
| Q2 2022 | 32,396 | 295,990.42 | 12.6 | 6.1 |
Unauthorized CNP transactions*
| Number | Value, RUB thousand |
Share of social engineering, % |
Share of funds reimbursed, % |
|
|---|---|---|---|---|
| Q2 2021 | 166,734 | 856,980.84 | 40.1 | 22.1 |
| Q2 2022 | 139,950 | 581,944.08 | 44.6 | 18.5 |
* Card-not-present transactions — transactions made without payment card physically present.
Unauthorized transactions executed using individuals’ RBS systems
| Number | Value, RUB thousand |
Share of social engineering, % |
Share of funds reimbursed, % |
|
|---|---|---|---|---|
| Q2 2021 | 48,882 | 1,239,244.71 | 81.8 | 1.3 |
| Q2 2022 | 37,272 | 1,807,456.44 | 74.3 | 0.9 |
Unauthorized transactions executed using legal entities’ RBS systems
| Number | Value, RUB thousand |
Share of social engineering, % |
Share of funds reimbursed, % |
|
|---|---|---|---|---|
| Q2 2021 | 984 | 481,833.05 | 74.3 | 0.2 |
| Q2 2022 | 1,645 | 163,223.98 | 21.7 | 1.1 |
Number of attacks against financial institutions and their clients, quarterly change
| Q2 2021 | Q2 2022 | |
|---|---|---|
|
Attacks on clients of financial institutions. |
1,160 | 682-41.2% |
| Attacks on clients of financial institutions. Social engineering |
11,173 | 8,781-21.4% |
| Attacks on financial institutions. Malware |
112 | 34-69.6% |
| Attacks on clients of financial institutions. Exploiting software vulnerabilities |
56 | 1-98.2% |
| Other incidents | 251 | 428+70.5% |
Scam phone numbers identified, quarterly change
| Q2 2021 | Q2 2022 | |
|---|---|---|
| Numbers starting with 8 800 | 208 | 277+33.2% |
| Landline phone numbers | 8,475 | 41,482+389.5% |
| Mobile phone numbers | 3,166 | 75,875+2296.6% |
Over the reporting period, the Bank of Russia sent 117,634 requests to telecom service providers asking them to take measures against scam phone numbers.
Number of scam websites withdrawn from delegation, quarterly change
| Q2 2021 | Q2 2022 | |
|---|---|---|
| Unlicensed activity | 570 | 175-69.3% |
| Fraud* | 804 | 467-41.9% |
| Malware | 1 | 0-100% |
| Pyramid schemes | 74 | 61-17.6% |
* Scam websites of non-financial institutions and companies disguised as real financial institutions.
The Bank of Russia sent requests to domain name registrars asking to carry out appropriate verification procedures and withdraw from delegation 703 domain names that were used for conducting illegal activities.
Moreover, the Bank of Russia sent information about 2,132 domains to the Prosecutor General’s Office of the Russian Federation to initiate verification procedures and take measures to restrict access to these domains under Article 15.3 of Federal Law No.