The number of fraudulent attacks on children of Russian bank clients increased 5-fold in two months

F6 warns of a new telephone fraud scheme: criminals contact children to steal money from their parents' accounts. In February 2025, experts recorded about 600 such cases, 5 times more than in December 2024, and the number of incidents keeps growing. The average amount of damage from such crimes is ₽80 thousand. Most often, criminals commit such thefts at night. They ask children to put the finger of a sleeping parent on the smartphone screen in order to bypass biometric protection and enter the personal account in the online bank.

Cybercriminals have used similar schemes before, including scenarios with a demand to conduct a “remote house-check” at home and transfer the money found to unknown persons. However, since the end of last year, attackers have been using social engineering techniques that allow them to get to parents' money in bank accounts.

The average age of children attacked by fraudsters is 10-14 years. Most often, attackers meet them in game chats on the Minecraft and Roblox platforms. Criminals can offer a child to buy or receive free game currency, purchase add-ons for a game character. This is a common scenario, but far from the only one. Recently, scammers have been actively using other, more complex schemes.

To force a child to do certain things, criminals can intimidate and blackmail them. Such attacks often begin with a call via messenger, supposedly from a delivery service or under another pretext, and a request to give the code. If the child makes contact with strangers, scammers continue to mislead them on behalf of different people. Recently, a favorite trick of attackers is to convince children that their parents are at risk of being accused of aiding terrorists, and the only way to rescue them is to follow certain instructions. In all cases, scammers, under various pretexts, persuade children to remain silent and not tell their mom or dad anything.

The ultimate goal of the criminals is to convince children to log into their parents' online banking account and transfer money. A distinctive feature of this scenario is that the scammers carry out the final attacks at night, when the adults are asleep. The attackers instruct the children to put the finger of a sleeping parent on the screen - in cases where a fingerprint is used to unlock the smartphone and banking application. In other cases, the scammers demand that they spy on the passwords that parents use to log into the online bank, and then take the smartphone at night, log into the personal account themselves and make a transfer. The attackers can also force the child to take the mother or father's phone to take a photo of the screen, send a code, and delete an SMS.

“For cybercriminals, a child is the most vulnerable link in the family's defense. Due to a lack of life experience, children are more easily manipulated, and due to a poor financial literacy, they may not understand the consequences of their actions. If a child contacts a stranger and provides any personal information, this is enough for the attackers to launch a targeted attack on their parents. Traditional means of protection against fraudulent attacks are practically powerless when the user, under the influence of persuasion and manipulation, transfers money from accounts and repeatedly confirms all transactions,” explains Alexandra Radchenko, Head of Data Analytics at the Fraud Protection Department of F6.

Tweet