Financial fraud on the Internet
F inansovoe fraud on the Internet is developing and evolving with the Internet itself. The victims of online fraudsters are not only ordinary users: inattentive buyers of online stores, schoolchildren or retirees who enthusiastically lose their savings in binary options. The actions of fraudsters on the Internet harm large companies as well.
Typology of the phenomenon
The Internet is developing extremely rapidly and is just as quickly becoming a weapon in the hands of criminals. The nature of the Internet creates the conditions under which issues of combating online fraud are transferred to the transnational level. Fraudsters are becoming more and more intelligent, and the Network is used to solve various tasks of a criminal nature, from misappropriation of information to fraud itself.
From the point of view of the criminal legal structure, fraud is an attempt to take possession of someone else's property, which is committed by deception or abuse of trust. In the Russian Criminal Code, responsibility for this act is provided for in Article 159.
Interestingly, direct theft of funds from the accounts of banks and companies or bank cards of citizens cannot be qualified as fraud. Whereas, according to the Ministry of Internal Affairs, every year the volume of direct thefts approaches 450 million dollars. And if modern means of protection against illegal penetration into the banking system help to preserve the inviolability of money, then it is much more difficult to protect money from fraud when the owner voluntarily transfers it to criminals.
So, Internet fraud is theft of someone else's property, which has two distinctive features:
- Theft is committed through deception or abuse of trust.
- For theft, they use the capabilities of the Internet.
Financial fraud is different in that the motivation to transfer personal funds to a third party is based on financial calculation. The human desires that criminals use to build fraudulent strategies and the common feelings that fraudsters manipulate to steal money most often fall into one of five categories.
- Desire to earn "easy" money. A striking example is binary options, recognized as a scam in many countries, or financial pyramids.
- The desire to quickly dispose of the benefits that a citizen could count on in the future, for example, use the funds of his retirement account
- Desire to receive goods or services for free . Often, scammers offer subscriptions, payments for cellular communications or Internet access as guaranteed benefits.
- Love for rare things and a desire to purchase goods or services that are not available in any other way.
- Charity , on which false fundraisers are built for charity, for the terminally ill, for the construction of animal shelters, etc.
What resources are available to scammers?
One cannot speak of the Internet as a single whole. It is a collection of resources, networks and protocols, each of which can become a tool for fraudsters. From a cybercriminals point of view, anonymity and security become an advantage of the Internet, since a criminal's IP address can be easily disguised using proxy servers and similar means.
Most often, scammers use only a few resources:
- Sites and web pages on foreign domains that are not easy to block as they are not regulated by Russian law.
- Mass mailing programs . Thus, messages from "Nigerian" lawyers and other types of phishing emails get into the victim's mailbox.
- Electronic bulletin boards . Fake ads on Avito and similar resources are easily used to steal funds by deception.
- Online payment systems , which often become an independent way to steal funds.
This series usually includes methods of mobile fraud, the programming of which is carried out using the resources of the Internet. Sometimes mobile fraud is combined with other methods of stealing funds from bank cards.
Typical characteristics of internet scams
When studying the situation in which victims who are ready to transfer funds to scammers find themselves, there are several common features.
First, the lack of control over mass mailings, the authenticity of the signatures of the organizers of the processes, the activities of large botnet companies, whose services are often used by fraudsters.
Secondly, the lack of feedback systems and hotlines that victims of crime could use. Availability of a single mechanism for prompt response, which would help to significantly reduce risks using modern technologies to calculate the location of fraudsters.
Thirdly, the lack of a legal mechanism to resolve complaints submitted by Internet users.
All this leads to the fact that financial online fraud is difficult to detect and suppress, due to which the phenomenon receives the following signs:
- high degree of latency, concealment from the eyes of law enforcement agencies;
- a variety of ways to commit a crime, which are improving along with the improvement of information technology;
- the international nature of the activity, in which members of an organized group, their servers and communication facilities may be located in different countries of the world;
- serious difficulties in investigation and forensic evidence due to the low probability of submitting sufficient evidence to the court.
Most Popular Credit Card Fraud Methods
It is difficult to single out the most frequent methods of fraud with payment and credit cards, but in terms of the volume of funds theft, six are the most famous worldwide.
The first method is to steal code words, passwords, card numbers under the guise of a bank. Calls allegedly from client services or security services have become a frequent occurrence, with the help of which attackers try to find out any information that opens access to a client's account.
The second way is the You Win mechanism. The scheme is as follows: the victim receives an SMS, which says about a certain big win. To receive it, the “winner” must independently create an Internet wallet in the specified payment system or transfer the amount using the specified details.
The third way is to receive an SMS or e-mail message, which contains information about the replenishment of the victim's wallet or account. The message is signed by a trusted bank or company. And soon a message comes from a third party who asks to return the incorrectly transferred amount. Sometimes the victim does this automatically, without even checking the recharge. The policy of Russian providers of mobile networks or the Internet allows you to put a credible signature under the SMS message. This service costs money, but often pays off.
The fourth method is an old scam method called "Magic Wallet". The victim receives an offer to send a small amount to the electronic wallet, which will be returned twice. The money is not returned, the phone number to which the wallet is registered never answers, but this does not reduce the interest of beginners in this easy way to make money.
The fifth way is to create an online store where the desired product, for example, a model of a popular electronic device, is sold for a penny. If the money needs to be transferred to the seller, then the store customer will most likely never see it again. A careful study of delivery methods helps to recognize fraudsters: such stores rarely offer to deliver a purchase by courier.
The sixth method is invoicing. If a mobile phone or e-wallet has already been used to pay bills, then fraudsters can easily issue a similar or new bill, for example, related to payment to a charitable foundation. Cybercriminals usually benefit from the lack of time to make a decision to transfer the amount.
You can protect yourself from the described fraud methods if you carefully treat all messages and check all wallet or phone numbers. Banks do not return the debited money simply on the basis of a client's complaint - it is often required to involve law enforcement agencies and initiate a criminal case against an “unidentified person”. Even if the “face” is identified, it is unlikely that the full amount will be returned.
Other ways of online financial fraud
Theft of money from online wallets and payment cards is a common, but not the only form of online fraud. Other popular ways to take money from an individual or legal entity through deception or abuse of trust include:
- affiliate programs representing failure pyramid schemes;
- online auctions;
- brokerage companies offering binary options;
- "Nigerian letters";
- "Black brides";
- offers to purchase a non-existent product.
In any case, the main method to involve the victim in a fraudulent scheme is deception. A breach of trust is only possible if there is a prior relationship between the victim and the fraudster, which is unlikely given the anonymity provided by the Internet. The only exception here may be a situation when the victim himself provides the fraudster with his bank card details for transactions. If information about the details is obtained using virus programs and other malicious software, the act gets a different qualification and is no longer a financial fraud.
If you directly interpret the Resolution of the Plenum of the Supreme Court of Russia No. 51 of December 27, 2007, fraud can only be a direct circulation in your own favor or in favor of third parties of those funds that are in bank accounts, if it was committed by deception and abuse of confidence ... If the cybercriminals used information tools to penetrate protected systems, then the provisions of Articles 272 or 273 of the Criminal Code, which deal with crimes in the field of computer information, should be applied.
Investigators also highlight another peculiar corpus delicti, which can be recognized as a combination of financial fraud and pseudo-business. In this case, fraudsters create a fictitious legal entity solely to gain access to accounts, codes, electronic keys. Such a company becomes an instrument of crime.
All of these types of crimes are usually committed in three stages.
- Attracting the attention of a potential victim to his proposal using the resources of the Internet.
- Taking possession of the asset targeted by the criminal's interest.
- The passage of a certain period until the victim realizes that he has become a victim of deception. Moreover, the period sometimes exceeds a whole year, which significantly complicates the investigation.
Internet fraud is a hard-to-prove crime. Recording evidence is almost impossible, tracking transactions is hampered by the boundaries of jurisdiction, and courts will not always accept the data of software products that track Internet traffic as admissible evidence. All of this speaks to the need to raise awareness and regularly remind users of the risks of online fraud. To facilitate the fight against this type of crime, state information programs, hotlines and unified databases on incidents would help.