Unmasking the Shadows: Inside the CRM System of Scammers Targeting Vulnerable Victims

When former employees of the Autonomous Non-Profit Organization «Digital Platforms» (the publisher of Runet) were targeted in a mass fraud scheme, the editorial team of Runet initiated an investigation. This inquiry allowed them to gain access to the fraudsters’ IT system, where criminals coordinate their operations and maintain a database of victims. The system functions as a comprehensive CRM (Customer Relationship Management), designed like a sales funnel where various departments engage with victims at distinct stages to extract funds.

The database contains records of 150 individuals, featuring numerous directories of elderly contacts that are regularly updated with new entries. Victims can be filtered by city and region for targeted schemes.

For each victim, a profile is created containing relevant information. The system enables phone calls and messaging via platforms such as Viber, WhatsApp, Telegram, and Zoiper. Status updates are logged for each contact, indicating whether the perpetrators were able to connect or if the victim is in a stage of readiness for further manipulation.

When a call is successful, the scammers meticulously record details such as the identities they adopted, the victim’s responses, any agreements reached, account balances involved, and any individuals present. Pre-written scripts guide their conversations, providing templates and instructions on how to communicate effectively.

Additionally, the system boasts a feature that allows the creation of counterfeit documents, including IDs, certificates, statements, and powers of attorney with altered information and images. These documents are crafted to appear highly credible.

The fraudsters employed this tool to deceive former employees of the Autonomous Non-Profit Organization «Digital Platforms.» The scam begins with initial communication, where the scammer messages the victim from a familiar account, instilling fear by claiming an investigation is underway by governmental bodies like the FSB and Rosfinmonitoring. This is followed by calls from «agents» of these organizations, who threaten legal repercussions and demand the transfer of funds to a “safe” account.

The scammers also propose «fake deals» involving real estate, taking out loans while directing the money to themselves. They keep the victim engaged, pressuring them to purchase items like a power bank or new phone to maintain control.

Experts from the Association of Professional Social Media and Messenger Users note that fraudsters often issue demands in a gradual manner, causing victims to act in a daze as they comply with every request. This can lead to devastating losses, including homes, cars, savings, and significant debts. While elderly individuals are commonly targeted, other victims can include well-known personalities as well.

According to Deputy Anton Nemkin, damages from cybercrime amounted to approximately 170 billion rubles in 2024.

Expert Hermann Paloyan identified key characteristics of scammers: time pressure, discussions about money, and requests for funds or sensitive information, all while playing on emotional responses. He advises simply hanging up and verifying details directly with banks or trusted relatives.

Removing personal data from scammers’ databases is nearly impossible. Hackers recommend using a secondary number for online orders and refraining from disclosing real information.

Specialists urge vigilance, advising against engaging in lengthy conversations with suspicious callers and recommending verification of information. If significant amounts of money are involved, having a trusted person oversee transactions and checking all received information is crucial. These precautions can offer protection against scammers, despite their intricate schemes and professional tools.