Authorised frauds (AFs): in general*
| Number of AFs | Amount of AFs, ₽ ths | % of reimbursed funds (of the total amount) | Number of prevented AFs | Amount of prevented AFs, ₽ ths | |
|---|---|---|---|---|---|
| Average over theprevious four quarters (from 2024 Q3 through 2025 Q2) | 303,943 | 7,920,919.21 | 9.3 | 31,129,172 | 4,302,583,664.04 |
| 2025 Q3 | 460,130 | 8,176,075.88 | 5.1 | 28,473,397 | 3,516,395,514.20 |
Individuals*
| Bank cards | Accounts (remote banking, money transfers) | FPS | E-wallets | Without opening accounts | |
|---|---|---|---|---|---|
| Number of AFs | 264,377 | 98,209 | 91,881 | 4,606 | 360 |
| Amount of AFs, ₽ ths | 1,959,131.90 | 2,704,559.76 | 3,087,075.22 | 45,972.15 | 147,634.35 |
| % of reimbursed funds | 8.6 | 6.4 | 2.3 | 0.4 | 0.0 |
Legal entities*
| Accounts | FPS | |
|---|---|---|
| Number of AFs | 645 | 52 |
| Amount of AFs, ₽ ths | 223,291.68 | 8,410.82 |
| % of reimbursed funds | 1.8 | 0.0 |
Main types of cyber attacks: number of detected attacks, % change
| Attack type | Average over the previous four quarters | 2025 Q3 |
|---|---|---|
| Social engineering attacks | 17 836 | 13,166-26.18% |
| Phishing attacks | 817 | 631 −22.77% |
| Attacks using malware | 22 | 50+127.27% |
| DDoS attacks | 82 | 73−10.98% |
| Other attacks | 76 | 107 +40.79% |
Fraudulent phone numbers: detected numbers, % change
| Average over theprevious four quarters | 2025 Q3 | |
|---|---|---|
| Using phone numbers 8800 | 305 | 133-56.39% |
| Landline phone numbers | 1,167 | 665-43.02% |
| Mobile phone numbers | 25,973 | 16,495-36.49% |
Over the reporting period, the Bank of Russia initiated 17,293 requests to communication operators to implement response measures in relation to the phone numbers used for illicit purposes.
Fraudulent online resources: domain names sent for blocking to the Prosecutor General’s Office of the Russian Federation and domain name registrars, number and % change
| Average over theprevious four quarters | 2025 Q3 | |
|---|---|---|
| Unlicensed operations | 2,561 | 2,813 +9.84% |
| Phishing | 5,332 | 3,091 −42.03% |
| Financial pyramids | 2,621 | 1,922 −26.67% |
The Bank of Russia sent requests for inspections and de-delegation of 237 internet domain names used for illicit operations to domain name registrars.
Besides, the Bank of Russia provided data on 7,589 internet domains to the Prosecutor General’s Office of the Russian Federation for carrying out inspections and further blocking them according to Article 15.3 of Federal Law No.
* Starting from 25.07.2024, banks shall submit authorised frauds according to the updated reporting form 0403203; the data may be adjusted in the future to take into account the updated information based on the results of interaction with credit organizations.