In 2026, financial fraud is becoming more technologically advanced, faster and more personalized. Attackers are less likely to act at random and more often adapt their scripts to a specific person. The scammer knows your name, he has your phone number and he knows which bank you are a client of.. He calls you, introduces himself as a bank employee, convinces you to give him the code to your card - and then steals the credit funds.
And this is a real story that happened to one of Monobank’s clients, who was thus “hung” with a loan of 134 thousand. UAH.
Tatiana Ts. lives in Boyarka in the Kiev region. One day she received a call from a local number. On the phone, an unknown man introduced himself as a Monobank employee, gave Tatyana’s correct details and reported an alleged attempt to log into her application account from another phone in Dnepr. At the same time, to be convincing, he did not just voice the information, but named the specific model of the phone from which the woman’s account was allegedly attacked.
In addition, she noted, t. “a representative of Monobank” asked if she had a plastic bank card, because if not, then she needed to get one - supposedly to transfer data to a “safe” application. The woman had a card.
When the unknown person found out that the woman had a physical card, he sent her the application installation file via messenger and convinced her to install it on her phone. After all, without this, transferring data to a “safe” application was supposedly impossible.
After the woman installed the application, an unknown person asked her to log into it, enable access to the camera and show her bank card.. Then he ordered me to enter a password..
“Then he said that while the information from the card was transferred to the new application, he would be in constant contact with me. But at the same time, I could not actively maintain the conversation - on the contrary, he “allowed” me to go about my business,” said Tatyana.
This was obviously extremely important for pulling off the scam.. Indeed, despite the fact that at a certain moment, due to external circumstances on the part of the woman, the connection was interrupted, the unknown person called her again - but this time in the messenger, where he was signed as “Dmitry Monobank”.
" And then I see that money is being debited from my credit card. I ask: what is this And he: don’t worry, this is how we translate it, we will return everything, because otherwise why would I sit here with you for so long,” says Tatyana.
At the end of the conversation, the unknown person assured her that the data transfer “for security reasons” was completed and asked her to delete the application. He also promised that 15 minutes after completion the funds would be returned. However this did not happen. And later Tatyana found out that someone withdrew funds stolen from her through ATMs and tried to buy various goods in retail chains using her card. However, the fraudster managed to withdraw 134 thousand from Tatyana’s card. UAH of credit funds. Which, of course, were not returned to her..
And later she noticed that the “Dmitry Monobank” account from which the scammer called her began to be called “Privat24 Dmitry”. And then it became “Privat24 Artem”.
" But he spoke too convincingly,” Tatyana sums up.
After she realized that Dmitry Monobank would not return her funds, the woman turned to Monobank itself. They recorded the situation there and told me to wait for a solution.. “But I don’t understand why they didn’t notice that I was having such a write-off? For some reason it wasn't recorded? At least they would call me to ask if it’s really me who is “withdrawing” that amount,” noted the scammer’s victim.
She also contacted the police, where a corresponding case was opened.. Subsequently, real representatives of Monobank contacted Tatyana and reported that:.
“They also said that if I provide them with a document from the police confirming the progress of the investigation into the case, then perhaps they will provide some kind of deferment. But that's not a fact. And they still insist on returning the money,” said the woman..
For our part, we turned to Monobank with a request to comment on the situation. In particular, they asked:.
However, the bank refused to answer us.
“Thank you for the request, but we won’t comment,” they replied..
The fraudster himself, the victim emphasized, seems to have found out about her appeal to the bank. After all, over time, “Privat24 Artem” got in touch again - and tried to find out:.
Moreover. According to Tatyana, the fraudster even admitted that he is a fraudster. And started to apologize.
" What supposedly sits in prison - and the boss forces them to do it. Writes: “Sorry,” said Tatyana.
Did Tatyana have a chance of not becoming a victim of scammers Actually yes.
" Mono communicates with the client through push notifications in its mobile application,” said Raisa Fedorovskaya, head of the EMA Academy and the Cybersecurity School of the EMA Association, whom we asked to analyze the story described..
She notes: if unknown people call you, introduce themselves as bank employees and convincingly begin to talk about identified problems, you should hang up and contact the bank yourself. You can do this through:.
" Even if the interlocutor knows your name, calls from a number similar to a bank number, reports real transactions on the card. Hang up and call the bank yourself at the number indicated on the back of the card,” the expert emphasized.
The next mistake, according to her, was installing the application sent in the messenger. Here, as emphasized, it is worth remembering: banks never ask clients to install any programs.
" Banks, charities, government agencies and payment services do not send applications via Telegram, Viber or WhatsApp. If they send you a file with the extension. apk and ask to install it to receive help, protect your account, verify your identity, confirm a transaction, etc.. “This is a sign of fraud,” the expert emphasized.
In addition, she emphasized, if in order to install the application you are asked to first follow the sent link, you should under no circumstances do this. Instead, you should find out its name, search for this application yourself on Google Play or the App Store and check whether it is actually published by the official developer.
" This will help identify malicious and potentially dangerous applications. And never grant Device Admin or Accessibility rights to unfamiliar applications,” Fedorovskaya urged.
Also, she emphasized, banks never ask their clients to enable smartphone screen sharing.. Therefore, doing this at the request or request of unauthorized persons is prohibited - since in this way scammers gain access to information with which they can either steal your money or cause damage in any other way. In particular, they will see:.
The next mistake, according to Fedorovskaya, was showing the damaged card to a “bank representative”. And also enter your code.
" Bank employees never ask him,” the expert emphasized.
In addition, she noted, you cannot apply a payment card to the NFC reader of a smartphone at the direction of strangers. And if during a telephone conversation or correspondence in the messenger you are asked to do this under various pretexts, “stop the conversation immediately”.
And in general, Fedorovskaya emphasized, “you don’t need to enter the PIN code of your card anywhere”. Neither in new downloaded applications, nor on card verification sites, nor when signing “petitions”, etc..
" During a telephone conversation, you should not open the banking application, open Diya, scan your passport/ID-card/payment card via NFC, activate Diya. Sign / sign documents via Diya. Subscription. If someone gives instructions during these actions, the procedure should be stopped immediately,” she emphasized..
Another “bell” sounded when the scammer asked Tatyana to delete the application, which he convinced her to install. As Fedorovskaya noted, this is a characteristic sign of a fraudulent scheme.
And, of course, you need to keep an eye on who is trying to access your credit history. For example, if in the Diya application you see such a request from an organization to which you did not apply for a loan, immediately call this organization and report a possible attempt to fraudulently issue a loan in your name.
" It is recommended to do this when the flow of loans in your name has already begun, if you have lost your passport, or during a long trip abroad,” Fedorovskaya concluded.