Annual data on information security incidents related to funds transfers are available in the Analytics section on the Bank of Russia website.
Authorised frauds (AFs): in general*
| Number of AFs | Amount of AFs, ₽ ths | % of reimbursed funds (of the total amount) | Number of prevented AFs | Amount of prevented AFs, ₽ ths | |
|---|---|---|---|---|---|
| 2025 Q4 | 541,163 | 7,943,755.00 | 5.8 | 23,177,863 | 2,347,015,538.28 |
| 2026 Q1 | 495,761 | 7,397,909.76 | 5.7 | 16,776,474 | 1,813,291,076.63 |
Individuals*
| Bank cards | Accounts (remote banking, money transfers) | FPS | E-wallets | Without opening accounts | |
|---|---|---|---|---|---|
| Number of AFs | 254,758 | 104,309 | 127,875 | 7,200 | 801 |
| Amount of AFs, ₽ ths | 1,571,621.57 | 2,334,702.58 | 2,636,011.60 | 67,854.92 | 214,373.33 |
| % of reimbursed funds | 10.5 | 3.6 | 3.3 | 1.9 | 0.0 |
Legal entities*
| Accounts | FPS | |
|---|---|---|
| Number of AFs | 753 | 65 |
| Amount of AFs, ₽ ths | 553,070.32 | 20,275.44 |
| % of reimbursed funds | 15.9 | 2.4 |
Main types of cyber attacks: number of detected attacks, % change
| Attack type | 2025 Q4 | 2026 Q1 |
|---|---|---|
| Social engineering attacks | 13,926 | 19,151 +37.52% |
| Phishing attacks | 385 | 450 +16.88% |
| Attacks using malware | 41 | 95+131.71% |
| DDoS attacks | 88 | 60 −31.82% |
| Other attacks | 104 | 90 −13.46% |
Fraudulent phone numbers: detected numbers, % change
| 2025 Q4 | 2026 Q1 | |
|---|---|---|
| Using phone numbers 8800 | 138 | 80-42.03% |
| Landline phone numbers | 615 | 586 −4.72% |
| Mobile phone numbers | 11,041 | 7,672-30.51% |
Over the reporting period, the Bank of Russia initiated 8,338 requests to communication operators to implement response measures in relation to the phone numbers used for illicit purposes.
Fraudulent online resources: domain names sent for blocking to the Prosecutor General’s Office of the Russian Federation and domain name registrars, number and % change
| 2025 Q4 | 2026 Q1 | |
|---|---|---|
| Unlicensed operations | 4,393 | 4,174 −4.99% |
| Phishing | 4,174 | 2,863 −31.41% |
| Financial pyramids | 1,472 | 3,429+132.95% |
The Bank of Russia sent requests for inspections and de-delegation of 265 internet domain names used for illicit operations to domain name registrars.
Besides, the Bank of Russia provided data on 10,201 internet domains to the Prosecutor General’s Office of the Russian Federation for carrying out inspections and further blocking them according to Article 15.3 of Federal Law No.
* Starting from 25.07.2024, banks shall submit authorised frauds according to the reporting form 0403203; the data may be adjusted in the future to take into account the updated information based on the results of interaction with credit organizations.