RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

Anti-phishing (Gosplatform for monitoring phishing sites and data breaches)

Product
Developers: Ministry of Digital Development, Communications and Mass Media of the Russian Federation (Ministry of Digital Development)
Date of the premiere of the system: September 2020
Last Release Date: 2024/02/20
Branches: State and social structures,  Internet services
Technology: Information Security - Information Leakage Prevention

Content

2024

Ministry of Digital Development of the Russian Federation: Since the beginning of the year, 60 thousand phishing sites have been blocked

On June 20, 2024, the Ministry of Digital Development, Communications and Mass Media of the Russian Federation announced on its Telegram channel that more than 60 thousand phishing sites have been blocked since the beginning of 2024. These measures are aimed at combating Internet fraud, the purpose of which is to obtain personal data of users, such as bank details and passwords, through fake sites and letters. Read more here.

Connecting the Megafon anti-phishing platform

MegaFon has connected its own anti-phishing platform to the monitoring system for phishing sites from the Ministry of Digital Development. Now the operator's specialists identify fraudulent resources and transmit information to the Integral Research Institute to block these sites. In January 2024 alone, 6.7 thousand such resources were identified. The operator announced this on February 20, 2024.

MegaFon's platform has supplemented the InformSystem of the Ministry of Digital Development "Antifishing," which identifies sites masquerading as official resources of government agencies, companies, marketplaces and social networks. In daily mode, the operator's smart algorithms scan and analyze more than a million Internet resources. Those that the system recognized as suspicious are viewed by specialists, after which a list of phishing sites is formed. Then the authorized authorities decide to block the site or divide the domain.

In January 2024 alone, MegaFon's platform identified about 6,700 fraudulent sites. Most often, attackers disguise the login interface as an account on social networks or instant messengers: VK, Telegram or WhatsApp. In second place among the most popular phishing resources are sites imitating Public services, and in third place are resources imitating the official websites of banks.

Fraudsters often create fake payment forms used to steal bank card data, sites of non-existent investment platforms and resources that allegedly sell tickets for popular performances, stand-up shows and other events. In January, most of them were located in the domain zones ru, shop, com and top.

File:Aquote1.png
MegaFon has deep expertise in the fight against phishing and its subscribers, we always warn about the risks of switching to suspicious sites. We have a large amount of computing power at our disposal that allows you to quickly identify resources that can be used to steal confidential user information. At the end of 2023, we identified over 200 thousand phishing and other malicious resources, which is 4.5 times more than in 2020, - said Sergey Khrenov, director of prevention of fraud and loss of income at MegaFon.
File:Aquote2.png

2023: Plan for the allocation of 3.7 billion rubles for the development of state systems "Antifrod" and "Antifishing"

The Ministry of Digital Development, Communications and Mass Media of the Russian Federation is going to invest about 25.2 billion rubles in the development of cybersecurity until 2030. Such data are given in the materials of the national project "Data Economics."

In particular, 3.7 "Antifrod" fraudulent calls Main Radio Frequency Center To Roskomnadzor Ministry of Digital Development billion rubles are supposed to be allocated for the development of state systems to counter (subordinate) and Anti-Phishing to block fraudulent sites () in general. More. here

2022

Creation of a pre-trial blocking system for fraudulent sites

On August 11, 2022, it became known about the decision, Ministry of Digital Development communications and mass media RUSSIAN FEDERATION to block fraudulent resources disguised as official sites without a court ruling. To do this, the department will expand interaction with the Prosecutor General's Office within the framework of the Antifishing information system.

The Ministry of Digital Development told Kommersant that by mid-August 2022 they were working together with the Prosecutor General's Office to block resources in accordance with the 149-FZ ("On Information, Information Technologies and Information Protection"), while "working on issues of making the necessary changes to regulatory legal acts to use IS" Antifishing "to promptly block fraudulent resources."

In June, the Ministry of Digital Development launched its Anti-Phishing information system, thanks to which you can find resources that disguise themselves as sites of government agencies, companies, marketplaces and social networks.

As specified TASS in the Ministry of Digital Development, by August 11, pre-trial blocking of phishing sites identified using the Antifishing system is already possible within the framework of the law on information, information technologies and information protection, and further expansion of cooperation with the Prosecutor General's Office, including grounds for extrajudicial blocking, will increase the efficiency of blocking phishing resources.

Phishing sites appear every minute, and in order to minimize potential losses, it is necessary to quickly block them, says Irina Zinovkina, director of consulting at InfoWatch Group. In her opinion, accelerating this process is a logical solution to this problem.

When implementing the project, an increase in the burden on the prosecutor's office is possible due to an increase in the number of orders for extrajudicial blocking, says Yuri Fedyukin, managing partner of Enterprise Legal Solutions. Given that the validity of the complaint will be checked at once at two levels, on the part of both the system operator and the prosecutor's office, this may lead to a decrease in the number of unjustified decisions, he added.[1]

System start-up

On June 6, 2022, the Ministry of Digital Development announced the launch of a phishing site monitoring system.

This InformSystem automatically identifies sites that disguise themselves as official resources of government agencies, companies, marketplaces and social networks.

On phishing sites, scammers illegally get personal data users, offer for download, harmful software sell non-existent services, using various approaches social engineering to deceive citizens. This causes serious damage to users and creates reputational risks for organizations domains whose fraudsters copy.

Capabilities of the anti-phishing system

  • The system monitors suspicious site activity and allows you to:
    • receive information about phishing sites from third-party sources;
    • Track new, re-registered, and migrated domains at speeds of up to 1 million addresses per hour;
    • store information about suspicious resources in the database for subsequent phishing checks;
    • stop the activities of phishing sites with automated interaction of government agencies.

  • Results of trial operation

    • The system discovered 30 thousand suspicious resources in two months of trial operation. These are sites-copies of authorities resources, online casinos, fake accounting services, sales of fake tickets, documents, etc.
    • 9 thousand blocked (separated) sites with confirmed phishing.

If a citizen suspects phishing activity on the site or has become a victim of scammers, he must report the incident on the site.

This information will be sent to the monitoring system, which will check the site for phishing.

The system was developed by Rubitech LLC under a state contract with the Ministry of Digital Development. As of June 2022, the operator of this system is the Integral Research Institute, subordinate to the Ministry of Digital Development. The development of the system and the deployment of infrastructure cost the state budget 240 million rubles. The system is planned to be put into commercial operation in the summer of 2022.

2021

"Rubitech" is chosen by the developer of the phishing site monitoring system

In November 2021 Ministry of Digital Development , she signed a Rubitech contract with the company "" for the creation of a phishing site monitoring system. The winner of the competition proposed to implement the project for 128.3 million rubles with an initial (maximum) contract price of 132.2 million rubles. The contractor will need to perform the work until June 1, 2022.

At the first stage, it is planned to analyze anti-phishing technologies and the regulatory framework governing this issue, as well as the design of the information system. At the second stage, pilot operation of the platform is planned.

Rubitech is a developer of a phishing site monitoring system

As the D-Russia edition writes with reference to the terms of reference for public procurement, a phishing site means "an information resource on the Internet that is similar to the degree of confusion with the sites of well-known brands, often the sites of banks and other financial institutions, specially created by cybercriminals in order to mislead users to seize their personal data and commit fraud against them." Definitions of "phishing activity" and "phishing attack" are also given.

The Ministry of Digital Development notes that the project is being implemented to fulfill the following tasks:

  • Countering phishing scams
  • improving reliability and safety of socially important services;
  • reducing financial risks for citizens and businesses;
  • increasing privacy for citizens, businesses and officials.

Expert on information security of the Digital Economy League Artem Kazantsev in November 2021 called phishing the most common way in Russia to steal money from bank clients. The attacker sends an SMS on behalf of the credit institution with a request to follow the link. Moving along it, the victim downloads malware to implement the attack and reveals the required data for withdrawal of funds, he explained.[2]

Creating a platform for monitoring phishing sites for ₽132 million

On October 22, 2021, the Ministry of Digital Development of the Russian Federation posted a tender on the public procurement portal to create a system for monitoring phishing sites. The agency is ready to conclude a contract worth up to 132 million rubles.

As Kommersant writes with reference to the materials of the show jumping, traffic in communication networks will be scanned to collect information about phishing sites and personal data leaks. For the same purposes, by the end of October 2021, special equipment of Roskomnadzor is already used - technical means of countering threats (TSPU). The Ministry of Digital Development is not going to use TSPU in the fight against phishing sites, the press service of the ministry told the newspaper.

The Ministry of Digital Development is developing a platform for monitoring phishing sites for ₽132 million

It is assumed that the system will collect data from client applications and from mail services, as well as information from foreign sources. The contractor should propose methods of control and measures to improve legislation to identify and prevent phishing attacks, develop software, test it and transfer it to the ministry.

The contractor will be elected on November 17, 2021, and he must develop the system by June 1, 2022.

As explained in the Ministry of Digital Development, scammers use phishing sites to steal data, and information about the identified violations will be available to law enforcement agencies and other departments.

Experts interviewed by Kommersant doubted the effectiveness of such a system. Igor Bederov, head of the research department at T.Hunter, told the newspaper that creating a reliable "barrier" from phishing can cost from 1.5 billion rubles. The agency's anti-phishing platform is likely to operate with Internet traffic data to identify anonymous users on sites, social networks and the dark web. Bederov noted that such information can be used by law enforcement agencies and not only for the purpose of the system.

Infosecurity a Softline company CEO Kirill Solodovnikov noted that the platform will help in monitoring threats, but it is unlikely that phishing will be defeated with its help.[3]

2020: Development of a state platform for monitoring phishing sites and data breaches

At the end of September 2020, it became known about the creation of Russia state platforms for monitoring personal data leaks. It is planned to spend 1.4 billion on the implementation of the project. rubles

The fact that by 2021 a platform for monitoring phishing (fraudulent) sites and personal data leaks will be developed was reported by Kommersant with reference to the revised version of the passport of the federal project "Information Security" dated September 24. The solution will be used to monitor state IT systems and accounts on public services. It is assumed that the compromised data will fall into a single database, and the resources using it will be automatically blocked. In addition, the system will identify the source of the leak and search for intruders.

The passport of the federal project also refers to the creation of an "antivirus multiscaner" to check files. For these purposes, 30 million rubles are allocated from the budget annually from 2019 to 2021.

In the Russian Federation, a state platform is being developed to monitor personal data leaks for 1.4 billion rubles

The development of such a multiscaner was announced at the Infoforum-2020 information security forum in January 2020 by Nikolai Murashov, deputy head of the National Coordination Center for Computer Incidents.

The need to create such a platform, according to Nikolai Zubarev, director of Information Security at ANO Digital Economy, is associated with an increase in crimes in the digital sphere, including when attackers use phishing sites.

File:Aquote1.png
This is evidenced by the statistics of the Ministry of Internal Affairs of Russia - over the year the number of crimes in the digital environment increased by 97%, - he said in a conversation with RIA Novosti.
File:Aquote2.png

With an abundance of antivirus solutions, the creation of a state product can be justified not so much by import substitution as by ensuring security in the interaction of citizens with the state, said Vikharev, director of technology practice at KPMG in Russia and SNGSergey.[4]

Notes