JSC State Technical Service

The KZ-CERT Computer Incident Response Team of JSC “STS” reports on the frequent cases of online fraud under the guise of charitable activities.

This is not an isolated case when attackers create phishing, scam Internet resources to collect personal data, bank cards and withdraw funds from users. However, in the identified cases, the attackers, based on existing public funds (operating in the near and far abroad), created Internet resources under the guise of raising funds for the treatment of cancer-stricken children with further debiting funds from benefactors’ cards.

The data of bank cards of kind-hearted citizens were collected on the donation form, where the user had to not only confirm the transfer, but also enter the number, full name, expiration date, and CVC/CVV code of the bank card.

IMPORTANT: The data of the CVC/CVV code is only needed to make an online purchase.

The peculiarity of the resources was that the words donate and fund were used in the domain name of the phishing resources. The real resources of public funds are registered without the above-mentioned words.

The mass distribution of these resources became possible through messengers, for which a preliminary calculation of the attackers was made.

The KZ-CERT reminds you by sending suspicious links to contacts in messengers, thereby you help attackers to spread fraudulent Internet resources and expose your close people around to cyber threat.

Taking into account the above, we recommend:

– Check the site for authenticity, especially if advertising on it causes you strong emotions of pity, anxiety, fear.

– If you have received an email from an unknown recipient containing an attachment or a link to suspicious Internet resources.

– Check the limits of bank cards for online purchases, enable two-factor authentication.

– Pay attention to the domain name in the address bar of the browser, as well as in case of detection of a suspicious Internet resource, you can contact the specialists of KZ-CERT.

If you have become a victim of an information security incident, please inform our specialists by toll-free number 1400 (around the clock) or send a request to the Telegram chat: https://t.me/kzcert .