As part of its information security measures, the Department of Digital Development of the Russian Ministry of Education and Science reports an increase in fraudulent activity targeting employees of organizations subordinate to the Russian Ministry of Education and Science.
For example, counterfeit accounts belonging to employees and organizations have been discovered on WhatsApp and Telegram, sending fake requests.
The Department recommends:
1. Inform organization employees about the discovery of an information security incident.
2. Do not open suspicious chats in instant messaging apps, including WhatsApp and Telegram.
3. Verify the authenticity of information sources.
4. Do not click links or download files contained in emails from unknown senders.
5. Do not open attachments, especially if they contain documents with macros, archives with passwords, or files with the extensions .rtf, .lnk, .chm, or .vhd.
6. Do not open or download attachments from emails with topics unrelated to the organization's activities.
7. Do not transmit personal or professional information through channels that have not been officially verified.
8. If you detect suspicious behavior or have any doubts about communication with potential attackers posing as employees of the Russian Ministry of Education and Science or colleagues, via instant messaging or phone calls, it is recommended that you confirm the instructions received through other official communication channels.