Skip to main content
LiMP VPN
All news

Fake 'Neighbor' Chats Steal Your Logins and Money

Fake 'Neighbor' Chats Steal Your Logins and Money

In short: A social-engineering scheme is spreading across Russia in July 2026: criminals create fake building-resident group chats in messengers, posing as your management company or a housing service. Once you join, they push you to follow a link, install an "app" or enter data — and hijack your government and banking accounts. Lawmakers and security experts warned about the surge on 17 July 2026. No software flaw is involved; the target is your trust, and the defence is to verify every such chat and never share codes or passwords.

What happened

On 17 July 2026, Kaplan Panesh, deputy chair of the State Duma committee on budget and taxes, warned that fraudsters are creating fake "house" chats in messengers under the guise of official bodies to collect personal data, then intimidate residents and extort money. The alert was echoed by RIA Novosti and Lenta, and follows earlier warnings from senator Artem Sheikin in late June 2026 — a sign the scheme is scaling, not fading.

Unlike the software bugs we usually cover, this attack exploits people, not code. That makes the habits in our guide on protecting your account from hijacking the front line of defence — no update can patch a decision to trust the wrong chat.

How the scheme works

The attackers open a group with a name that looks official — something like "House No. 12 — Management Company," "Residents. Our Building" or a chat imitating a well-known housing brand. They add real residents and introduce themselves as staff of the management company, repairmen or "building activists." To look legitimate, they seed the chat with fake accounts that mimic normal neighbourly activity: meter-reading requests, repair discussions, shared-yard questions.

Then comes the hook. Under a plausible pretext — "confirm your meter account," "register in the new UK app," "vote on the repair" — you are asked to follow a link, download a file or enter your details. That step hands the attacker access to your accounts on government portals and banking apps. From there the outcome is one of two: they take out a loan in your name, or they threaten you and demand money "to verify" or unfreeze something.

Why this is dangerous for your data

A single government or banking login is a master key. With it, criminals can pull your passport and address data, apply for credit, drain accounts and study your profile to craft the next, more convincing approach. And because you handed the access over yourself inside a trusted-looking chat, the usual alarms — a suspicious-login email, a bank fraud flag — may never fire in time.

The risk compounds when your data has already leaked elsewhere. As we reported in the billion-record infostealer leak, the more a scammer already knows about you, the more believable a fake "neighbour" chat becomes — they can name your street, your building, even your management company.

How to spot a fake chat

Check the name for specifics. Real building chats usually carry the house number, the exact management-company name and a contact phone. Vague titles like "Residents" or a generic housing brand with no specifics are a warning sign.

Look for people you actually know. If not a single genuine neighbour is in the group, you are probably in a fake one.

Distrust any request to act. A legitimate management company does not ask you to install an "app" via a chat link, log into Gosuslugi through a forwarded page, or read out an SMS code. Any of those is the scam.

How to protect yourself

Verify through the official channel. Before acting on anything in such a chat, call your management company on the number from your receipt or its official site — not a number posted in the group.

Never share SMS codes or passwords. No real service or official will ask for a one-time code. Treat any such request as an attack, full stop.

Turn on two-factor authentication for Gosuslugi, banking and email, and store unique passwords in a password manager so one leaked credential cannot open everything.

If you already entered data, act fast: change passwords on Gosuslugi, banking and email, enable 2FA, block your cards and accounts through the bank, and file a police report about the extortion.

Keep your connection private on shared networks. A VPN cannot stop you handing data to a fake chat — only caution does that. But it closes a separate door: on public or shared Wi-Fi it routes your traffic through an encrypted tunnel, so others on the same network cannot intercept the logins and sessions you send to banking or government portals. LiMP VPN is a no-logs service for iOS and Android — see the features and plans, and more security news on our blog.

What if I have already joined such a chat?

Joining a group is not itself dangerous — the harm comes only if you follow a link, install something or enter data. If you have not done any of that, simply leave the chat and verify with your real management company. If you did interact, follow the recovery steps above immediately: the sooner you change passwords and block cards, the less an attacker can do with what you gave away.

Sources

This report is based on statements by State Duma deputy Kaplan Panesh, 17 July 2026, as reported by RIA Novosti, Lenta.ru and Izvestia, July 2026.

Fake 'Neighbor' Chats Steal Your Logins and Money | LiMP VPN