3,000 Fraudulent Websites Using Stoloto Brand Shut Down in Runet

Experts from Group-IB and JSC “TC ‘Center'” (the distributor of state lotteries in Russia under the “Stoloto” brand) have blocked around 3,000 websites and thousands of accounts created as part of fraudulent money-stealing schemes.

According to Stoloto, on average, every third Russian participates in lotteries; by early 2021, the total amount of winnings had exceeded 130 billion rubles. The growing popularity of lotteries inevitably attracts the attention of online scammers, making user security a key priority when organizing lottery draws.

The most common lottery scam is the “Rabbit Hole” scheme, which involves using various platforms—from messengers and social networks to phishing web pages. For each victim, a personalized link is generated to access these fake sites.

To combat lottery fraud, Stoloto and Group-IB have entered into a cooperation agreement. So far, the partners have identified and neutralized 2,741 fake websites, 5,597 specially created accounts, groups, and pages on social networks, as well as 84 email addresses used for sending phishing emails. In all cases, the scammers disguised themselves using the Stoloto brand.

“For Group-IB, the partnership with Stoloto opened up a new business segment that requires rapid response to increasing fraudulent activity,” said Andrey Busargin, Deputy CEO of Group-IB for Digital Risk Protection. “Scammers are constantly improving their methods to avoid detection, exploring new niches and earning schemes. To ensure customer safety, companies need to stay alert and adopt modern solutions capable of detecting and blocking such threats in real time.”

To avoid falling victim to scammers, users are advised to always check the accuracy of the domain name in the browser’s address bar. It’s also important not to click thoughtlessly on links in messages promising “free cheese”—remember, free cheese is only found in a mousetrap.