Internet fraud in Kazakhstan is becoming more sophisticated. Attackers use not only technical vulnerabilities, but also psychological techniques, forcing people to transfer confidential information on their own. Eurasian Bank draws the attention of customers to current cheating schemes and shares recommendations that help keep your money and personal data safe.

Phishing Under the Guise of Official Services

One of the actively spreading schemes involves fake messages on behalf of well-known services and brands. In particular, scammers send SMS and iMessage messages designed as Apple Find My notifications. The message indicates the details of the allegedly “found” device – the model, color and amount of memory, which creates the illusion of authenticity.

The link in such a notification leads to a fake website that completely copies the interface of the official service. The entered Apple ID data instantly gets to the attackers. Once they have access, they can bypass the locks and take over the personal information of the device owner.

The Danger of the “Call Me Back” Scheme

Another insidious trap is based on the initiative of the citizens themselves. Fraudsters send messages on behalf of banks, delivery services, management companies, or service companies with phrases like “authorization error,” “intercom replacement,” or “meter check.”

In such messages, they ask you to call back to the specified number. During the conversation, criminals use social engineering methods and extort confidential data under various pretexts. The danger of the scheme is that the person initiates the contact himself, considering it safe.

Eurasian Bank reminds that banks never request card details, CVV codes, one-time SMS codes or passwords by phone or in correspondence.

Clickbait: When a Loud Headline Is a Bait

A separate threat is the so-called clickbait messages – sensational headlines and tempting offers that encourage you to click on a link. “Half-price iPhone”, “unexpected gift”, “exclusive offer for today only” – all this is often used to spread phishing sites and malware.

By clicking on such links, the user can imperceptibly install malware or get to a fake website that looks indistinguishable from a real online store or news portal. As a result, attackers gain access to logins, passwords, and bank data.

How to protect yourself

Eurasian Bank recommends following the basic rules of digital security:

• do not follow suspicious links from messages and emails;
• check information only through official websites and apps;
• call back exclusively to the numbers listed on the official resources of companies;
• use two-factor authentication;
• do not disclose bank card details, confirmation codes and passwords to third parties;
• do not install apps from unknown sources and update antivirus software regularly.

The Bank urges you to remain vigilant and remember that in the digital environment, caution remains the most reliable way to protect yourself.