The Department of Digital Development of the Ministry of Education and Science of the Russian Federation (hereinafter referred to as the Department), as part of its information security measures, reports an increase in fraudulent activity targeting employees of subordinate organizations of the Ministry of Education and Science of the Russian Federation (hereinafter referred to as the organizations).
In particular, there has been an increase in the number of instances of forged documents containing false information and calls to action (attached) being sent to organization managers via email (hereinafter referred to as an information security incident).
In accordance with subparagraph "e" of paragraph 1 of Decree No. 250 of the President of the Russian Federation dated May 1, 2022, "On additional measures to ensure information security in the Russian Federation," and to prevent the realization of information security threats, the Department recommends:
1. Do not respond to suspicious email messages.
2. Do not transmit personal or business information through channels that have not been officially verified.
3. Do not open suspicious chats in instant messaging apps, including WhatsApp and Telegram.
4. Verify the authenticity of information sources.
5. Do not click links or download files contained in emails from unknown senders.
6. Do not open attachments, especially if they contain documents with macros, archives with passwords, or files with the extensions .rtf, .lnk, .chm, or .vhd.
7. Do not open or download attachments from emails with topics unrelated to the organization's activities.
8. If you detect suspicious behavior or have any doubts about incoming correspondence or communications with potential perpetrators posing as employees of the Russian Ministry of Education and Science or colleagues, via instant messaging or phone calls, it is recommended that you confirm received instructions through other official communication channels.
Information letter from the Ministry of Education and Science of Russia