Security Market: a registry of online stores may appear in Russia

Russia is considering the idea of creating a special state list of verified links to online stores, RIA Novosti reported. The government plans to prepare this tool in detail next year in order to more effectively counter phishing resources. Izvestia investigated the extent of the problem of phishing sites in the Russian segment of the Internet today, as well as what mechanisms for screening out fraudulent resources can be used to create a registry.

The need for change

The initiative to create a registry of domain names of business entities is still under discussion, there are no concrete decisions yet and it is too early to talk about possible mechanisms, the press service of the Ministry of Finance told Izvestia.

"It is assumed that the list would help both specialists and ordinary users to quickly and accurately distinguish the sites of real companies from phishing ones. We are talking not only about online stores, but also about the websites of any organizations offering their goods and services, which are often forged by fraudsters," the department noted.

In the Russian part of the Internet, over 100 million people encountered phishing resources in 2024, Alexandra Pozharskaya, an expert at the Popular Front for Borrowers' Rights project and the Moshelovka platform, told Izvestia. Experts refer to such schemes as fake versions of online shopping and marketplace sites, financial and investment services, government portals, as well as various pages that are used by telephone scammers to lure out personal information.

— In 2025, according to preliminary estimates, the number of phishing increased 1.5-2 times. Phishing attackers use a number of strategies that allow this type of fraud to remain relevant, despite the dynamic blocking of such resources," the expert noted.

According to her, a significant part of phishing schemes rely on domains that have nothing to do with the real addresses of brands. Such links are sent in emails and messengers, where the address bar is hidden, so attackers do not need to register a similar domain. So, it's enough to embed the brand in the message text and attach an active click. Currently, this approach accounts for more than 70% of all fraudulent practices.

Another common method is redirection chains, the expert noted. Before the user gets to the fake page, he is repeatedly thrown through a sequence of domains that are formed automatically and replaced when blocked. This helps the "blurry" navigation to distract the victim's attention and maintain the stability of the circuit.

The set of tools is complemented by behavioral analysis: scammers monitor human reactions and adjust the communication scenario on the go, Alexandra Pozharskaya said. In addition, they actively use the so-called "phishing combines". These are illegal services that create fake pages under a variety of brands, which makes the process cheaper and makes it more difficult to identify fake sites.

— The formation of the registry, taking into account the development of the designated tools, will be ineffective. It is necessary to take into account the behavioral aspects of switching to a malicious resource. Most often, users try to go to phishing sites on impulse and under the influence of social engineering. In this situation, the user does not think about the need to verify the domain," the expert noted.

Digital protection systems embedded in devices are becoming a more effective measure against phishing attacks, she noted. Representatives of the Popular Front have long emphasized that foreign search services and browsers almost do not filter dangerous links. At the same time, the Russian Yandex has been tagging verified resources for many years and preventing traffic to fake pages. Antivirus programs complement this protection: installed on the device, they automatically block access to phishing and infected addresses.

Protection schemes

In the first three months of 2025, the number of targeted phishing attacks in Russia increased by a third, Petr Shcherbachenko, an associate professor at the Financial University under the government, told Izvestia. The losses of citizens continue to grow: in nine months, the total damage has exceeded 150 billion rubles, of which about 15 billion is related to transactions without the consent of account holders. The government is developing an anti-fraud infrastructure, including an "Anti-fraud" system and the creation of a single platform within the framework of the national project "Data Economy".

— Attackers are becoming more sophisticated: they actively use social engineering and create high-precision imitations of well-known online platforms. In response, the state is strengthening comprehensive protection measures, since only a systematic approach makes it possible to reduce cyber-financial risks for the population," the expert recalled.

One of the key directions was the proposal to create a special register of online stores. This initiative is enshrined in the plan for the implementation of the concept of countering cybercrime and involves assessing the need to create a list of verified sites that operate legally. Such a tool should simplify the process of blocking fake resources and increase the security of citizens.

In addition, the government is expanding a set of anti-fraud measures, said Petr Shcherbachenko. In particular, starting in March 2025, every Russian can activate a "self-lock" on loans and borrowings, which prevents debts from being processed without a person's knowledge. Additionally, a "cooling—off period" has been introduced: for amounts from 50 to 200 thousand rubles, funds are issued no earlier than four hours later, and for a larger loan - two days later.

Banking applications will receive a "special button" for instant complaint filing against fraudsters, and starting in November 2025, restrictions will be introduced, in particular, no more than 20 SIM cards per person, which should reduce the turnover of "gray" numbers and make it more difficult for phone fraud schemes.

In the Russian segment of the Internet, the scale of phishing is growing rapidly: in 2025 alone, hundreds of VPN services, anonymous email platforms and malicious applications were blocked, Egor Diashov, chairman of the Financial Markets Commission of the Moscow branch of Opora Russia, told Izvestia. Fraudsters are using increasingly sophisticated schemes, from forging powers of attorney that are checked in registries to creating copies of rental websites where users are asked to log in and thereby give attackers access to their accounts.

The proposal to create a registry of verified online stores, according to the expert, can be a key step towards reducing such risks: it will allow you to quickly determine whether a site is legal. Protection mechanisms can include multi-level verification of online platforms, mandatory disclosure of owner data, the use of AI to automatically analyze suspicious signs, as well as the creation of an updated "blacklist" of fraudulent sites and interaction with banks and payment systems.

However, it is impossible to completely stop phishing without the participation of users and businesses, Egor Diashov is sure. It is important for people to check links and handle personal data carefully, and companies should implement multi-factor authentication, strengthen cyber defenses, and warn customers about threats. Only the joint efforts of the government, business and citizens will make it possible to create a secure digital environment and make phishing attacks a rare exception.

Izvestia sent a request to the Interior Ministry, but no response had been received at the time of publication.