T-Bank: Cybershqual

Main article: Fraud Detection System

2024: Creation of the Cybershqual project

On October 17, 2024, T-Bank announced the creation of the Cybershkwal project, a platform for special bots to proactively combat investment fraud. This project - continuation of the Humanoid Robot Factory. Now bots not only answer the calls of scammers, but also proactively neutralize false brokers, creating a flurry of applications from allegedly potential victims on sites with clear signs of fraud.

jcomp на Freepik

As reported, CENTRAL BANK OF THE RUSSIAN FEDERATION thousands of organizations with signs are detected annually, and the loss financial pyramids of citizens from pseudo-investments amounts to billions. rubles Unscrupulous investment projects are among the top popular types of fraud in terms of the number of cases, and in terms of the average amount of losses they occupy the first place, ahead of the classic with telephone fraud the "security services" or "operators." cellular communications

To combat this type of crime, T-Bank created Cybershqual based on its own developments in the field of artificial intelligence and voice assistants. The key task of the service is to complicate the life of false brokers and spend their working time talking to bots, which they mistake for potential clients interested in investments.

AI-based technology scans the internet space and searches for sites advertising pseudo-investments. The vast majority of false brokers or financial pyramids have their own pages, and some large ones even have a series of spare sites in case of blocking the main ones. They usually do not contain any specifics about investments, but there are always promises of ultra-high incomes, instant payments, the absence of investment risks, and so on. These and hundreds of other signs are detected by the scanner.

The ML model of the scanner is trained on 20 thousand similar sites and detects signs of fraud with an accuracy of 90%. The scanner sends all suspicious pages for additional verification to the T-Protection employee to confirm signs of fraud.

On sites containing clear signs of fraud, the service automatically leaves hundreds of applications for a free consultation or callback. At the same time, Cybershkval does not have a critical impact on the infrastructure of providers and the performance of sites.

Next, the fraudster begins to call potential victims, but ends up on humanoid robots. Their task is to keep the criminal on the line as long as possible and prevent him from reaching real people.

{{quote 'author
= said Oleg Zamiralov, head of the Center for Ecosystem Protection of T-Bank' Financial pyramids mutate and transform, now instead of MMM tickets, fraudsters use beautiful sites with schedules for the growth of pseudo-stocks, rent offices in business centers to dust their eyes. We see an increase in the problem according to official statistics: in 2024, the Central Bank reported that almost twice as many pyramids were discovered than a year earlier. Weekly we identify 50 pyramid sites. They lure Russians with promises of high incomes, risk-free investments, but in the end a person remains with a bunch of loans, without savings, and the offices of these "brokers" simply disappear at one moment. Unfortunately, such victims are the most difficult to "fix" - to convince them to invest in dubious projects. False brokers have already paid them some amount, a person is sure that he will be able to get rich quickly, and often deceives a bank employee about the true purpose of his transfers. Therefore, we decided to act proactively - to infiltrate the den of criminals with the help of saboteur robots, create a flurry of false applications, confuse fraudsters and waste their time. On the day of the Cybershkwal bots 1500-2000 fraudulent calls are received. At the peak - 3500. The average call duration is 3 - 5 minutes.}}

Most conversations take place according to the same scenario: the fraudster clarifies his age, citizenship, checks if the victim is in bankruptcy. This is necessary to assess the financial condition of the victim and the possibility of obtaining loans. They clarify whether a potential victim has experience in investing, and also use well-known terms - "assets," "stocks," "bonds," "cryptocurrency," and so on to get involved in trust. And to "close" the client, they promise him interaction with an experienced VIP analyst who has a limited number of clients.

Real employees of financial institutions will ask questions exclusively on the specific investment product that the client chose, they cannot guarantee specific income from investment activities, since this is prohibited by law.

Some of the fraudulent calls are redirected to the Frod Roulette project, where calls from telephone fraudsters are intercepted in real time and transferred to users. As of October 2024, the project is under active testing, and the first users with access to it, along with bots, can communicate with false brokers and keep them on the line. In addition, the received conversations between bots and scammers are used to teach new scenarios to bank employees and protective technologies such as Neuroscience, antispam, number identifier, and so on. In the future, it is planned to send lists of phishing sites not only to the Central Bank of the Russian Federation, but also to providers, on whose infrastructure fraudsters create pages, as part of intersectoral interaction.