What are the responsibilities for Internet fraud?

Fraud on the Internet, Article 159 of the Criminal Code of the Russian Federation, is a new type of crime.
With the advent of Internet technologies in our lives, the number of scams and extortion has increased significantly. You can lose your money just by visiting some seemingly harmless site. Fraudsters have learned to deceive us remotely, sometimes in very sophisticated ways. This is a truly serious social problem that requires special attention. What article for online fraud regulates this offense, what are the most famous methods of deception and how is it punished? Multi-channel free hotline Legal advice on criminal law. Every day from 9.00 to 21.00

Moscow and region: +7 (495) 662-44-36

St. Petersburg: +7 (812) 449-43-40

Protection of consumer rights when purchasing in an online store

The Russian Federation Law on the Protection of Consumer Rights also applies to Internet users. Buyers' rights:

• to receive all information about the product;
• to provide a guarantee for the purchased item;
• to return your purchase within two weeks.

Important! When returning, you must show the receipt and packaging.

Definition of crime

Fraud in the field of computer information is recognized as actions that are aimed at stealing someone else’s property or acquiring rights to own someone else’s property by blocking, deleting, entering or modifying computer information. Fraudulent actions can be committed due to any interference with the information storage or transmission system.

This includes not only money and things, but also information that is of particular importance and uniqueness (for example, ideas for creating a business).

Attackers can take over valuable resources under the following circumstances::

1. Entering personal data.
2. Deleting information or algorithms without the possibility of recovery.
3. Introduction of additional devices for input and output of data into PC operation.
4. Changing accounting policy algorithms that limit or completely deny access to a legitimate user or group of persons.
5. Changing the data that is on the device with manual corrections.
6. Introduction of virus programs.

Responsibility

Actions falling under Article 159 of the Criminal Code provide for punishment:

• theft - a fine of up to 120 thousand rubles, restriction of freedom for up to 2 years or correctional labor;
• if a group of people participates in fraud – a fine of up to three hundred thousand, imprisonment of up to 5 years;
• officials for theft over 50 thousand - a fine of 100 - 500 thousand rubles, imprisonment for up to 6 years or other punishment.

Important! If a group of people acts, the fine and prison term increase. Officials are punished more severely. Particularly large amounts of theft carry sentences of over 10 years.

Punishment for fraud on the Internet up to 1000 rubles

Fraudulent actions on the Internet involving theft of up to a thousand rubles fall under the Administrative Code and are punishable by fines of up to five thousand. The effect of Article 159 of the Criminal Code begins with fraud over 1000 rubles.

Fraud on an especially large scale

According to Part 2 of Article 159, an especially large amount begins with damage of 1 million rubles. But according to Part 7 of the same article, it is indicated in the amount of 12 million.

What threatens Internet scammers?

The type of punishment is influenced by factors - the number of people involved, the presence of malicious intent, the size of the theft. Types of punishment:

• fines;
• seizure of property;
• compulsory or correctional labor;
• restriction of freedom, arrest or prison term.

Arbitrage practice

Online fraud often involves theft of small amounts. But there are known cases of multimillion-dollar thefts from bank accounts, hacking of expensive software, etc.

The difference between computer fraud and other forms of theft

The above material was prepared on the basis of the most frequently asked questions, taking into account the latest trends in the interpretation of Russian legislation and established law enforcement practice.

The publication is not a guide for making independent legal decisions. If legal issues arise, as well as before taking any legally significant action, it is recommended to obtain appropriate advice from a specialist in the field of criminal law.

The author of the publication is lawyer Pavel Domkin.

Question: What kind of fraudulent actions qualify under Article 159.6. Criminal Code of the Russian Federation? How to distinguish computer fraud from other forms of theft?

When answering this question, one should proceed from the scientific interpretation of the subject of the criminal offense under Article 159.6. Criminal Code of the Russian Federation. The subject of fraud in the field of computer information (relations protected by law that the attacker violates by committing a crime) simultaneously includes two objects, which distinguishes it from other crimes against property. These are:

1. Computer information (information, messages, data presented in the form of electrical signals, regardless of the means of their storage, processing and transmission).
2. Property (a set of things that are owned by a person, including money and securities, as well as property rights to receive things or property satisfaction from other persons).

Taking into account the double subject of the attack, the guilty person, as stipulated by the disposition of Article 159.6. of the Criminal Code of the Russian Federation, is held accountable if it commits:

• or theft of someone else’s property (illegal gratuitous seizure of someone else’s property in favor of the guilty person or another person),
• or acquires the right to someone else’s property (a person has the opportunity to take possession, use or dispose of someone else’s property as his own).

provided that an unlawful act violates the established process of storing, processing or transmitting computer information or the proper functioning of information and telecommunication networks.

If the culprit, when committing illegal actions, operated with information that does not relate to computer information in the understanding of the criminal law, or his actions were not related to the seizure of property, but pursued other goals, criminal liability under Article 159.6. The Criminal Code of the Russian Federation is excluded .

Question: Does the method of committing fraud have legal significance for qualification under Article 159.6 of the Criminal Code of the Russian Federation?

In addition to the simultaneous encroachment on two legally protected relations in the field of protecting computer information and protecting property rights, the law also stipulates in detail the method of committing fraudulent actions in the field of computer information.

The law establishes that Article 159.6. The Criminal Code of the Russian Federation covers only the following methods of committing a crime, namely:

• targeted impact (interference) of software and/or software and hardware on computers, computers, information and telecommunication networks, which disrupts the established process of processing, storing, transmitting computer information;
• input of computer information (placing information in computer devices for their subsequent processing and (or) storage);
• deletion of computer information (committing actions as a result of which it becomes impossible to restore the contents of computer information and (or) as a result of which computer storage media are destroyed);
• blocking computer information (committing actions leading to restriction or blocking of access to computer information, but not related to its deletion);
• modification of computer information (making any changes to information (messages, data) presented in the form of electrical signals, regardless of the means of their storage, processing and transmission).

Each of the listed methods of manipulating computer information implies the possibility for the guilty person to take possession of someone else’s property or acquire ownership rights to it (clause 20 of the resolution of the Plenum of the Armed Forces of the Russian Federation of November 30, 2017 48).

Thus, Article 159.6 of the Criminal Code of the Russian Federation also has a legal distinction from other crimes against property, including in terms of the method of committing illegal actions.

Question: There are examples when the culprit is prosecuted under other articles of the criminal law for committing illegal manipulations with computer information. Why is this happening?

To understand the issue, let's look at a few examples.

1. The attacker, who is an official, provides legitimate access to the software in the field of debit transactions on the account of a legal entity, after which he modifies / changes the source code of the program in such a way that periodically unauthorized debits of funds are carried out to a bank account under his control. This illegal action must be qualified under Article 159.6. of the Criminal Code of the Russian Federation, since the attacker violated the established (normal) process of processing computer information, which allowed him to carry out his illegal enrichment.
2. Another example is that the attacker, as in the first case, was able to change/modify the algorithm of the software by infecting the computer of the victim legal entity with a virus. Such illegal actions will be qualified as under Article 159.6. of the Criminal Code of the Russian Federation, and under Article 273 of the Criminal Code of the Russian Federation, which provides for liability for the use of malicious software.
3. Another example with similar circumstances. Using an unattended key carrier from a client bank, an employee of a legal entity wrote off funds from the company's current account to his personal account. Since by such actions the employee does not have illegal influence on the software, his actions are qualified as committing theft under paragraph “g” of Part 3 of Art. 158 of the Criminal Code of the Russian Federation.

It is important to distinguish between fraud in the field of computer information as an illegal act related to the violation of property rights while simultaneously violating the established process of processing, storing, transmitting computer information, and other forms of theft, which, although they involve the perpetrator accessing computer information, do not entail interference with computer information, the performance of computers or their networks.

Fraud in the field of computer information, committed through unauthorized access to computer information or through the creation, use and distribution of malicious computer programs, requires additional qualification under Article 272, 273 or 274.1 of the Criminal Code of the Russian Federation.

Question: It is possible to prosecute the owner of an Internet site (resource) for committing theft of funds under Article 159.6. Criminal Code of the Russian Federation?

• The online store received an advance payment, but did not deliver the goods;
• a product was supplied that differs significantly from that presented in the offer on the website;
• the online resource collects funds to help seriously ill people, but transfers the money to other purposes;
• the debit of funds for the goods was carried out in a significantly larger amount than indicated in the offer or without the consent of the user, etc.

all of these cases are qualified in judicial practice under Article 159, and not 159.6. of the Criminal Code of the Russian Federation since they do not entail interference in relations regarding the protection of computer information.

Question: In what order are criminal cases initiated for computer fraud and who is involved in their investigation?

The detection and suppression of these crimes is, as a rule, carried out by employees of internal affairs bodies. At the same time, detection and procedural recording of crimes under Article 159.6. The Criminal Code of the Russian Federation can also be carried out by other law enforcement agencies exercising the powers provided for by the Federal Law “On Operational-Investigative Activities”.

Procedure for initiating cases

In accordance with criminal procedural legislation, a criminal case under Article 159.6. The Criminal Code of the Russian Federation can be initiated in a public manner, that is, without a statement from the injured party. An exception is made only for individual entrepreneurs and members of the management body of a commercial organization if they have committed a crime in connection with their entrepreneurial or other economic activities. In this case, in order to initiate a criminal case, a corresponding statement from the injured party will be required.

Departmental jurisdiction

Investigation of criminal cases under Part 1 of Article 159.6. The Criminal Code of the Russian Federation is carried out by the investigative bodies of the Ministry of Internal Affairs of the Russian Federation. The preliminary investigation into parts two through four is being carried out by investigators from the Ministry of Internal Affairs of the Russian Federation. In addition, the law allows that a preliminary investigation under the commented article can be carried out by investigators of the body that revealed the crime: the FSB of the Russian Federation, the Russian Federation.

Jurisdiction of cases

Consideration of crimes provided for in Article 159.6. The Criminal Code of the Russian Federation is assigned to the jurisdiction of district courts.

Territorial jurisdiction and jurisdiction

In accordance with the general principles of criminal procedure legislation, the investigation and consideration of criminal cases by courts under Article 159.6. The Criminal Code of the Russian Federation is carried out at the place where the crime was committed.

Lawyer Pavel Domkin

Computer Crime Lawyer

What should the victim do?

A user who has been deceived online should:

• contact the police with a statement;
• visit a consumer protection organization;
• write to support of the bank or electronic payment system.

Evidence base

It serves as documents - checks, contracts, screenshots of transfers. Video recordings and photographs of correspondence with scammers and their bank card information will be useful.

How to write a statement to the police

The police department will provide the victim with a form to fill out an application upon application.

Arbitrage practice

Many of us have encountered online deception at least once in our lives. Some even ended up losing money or data. As a rule, the sums of money that attackers receive from citizens are not too large.

But there are truly egregious cases where the stolen amounts were truly impressive.

1. In 2007, Russian hackers obtained more than one billion dollars from clients of a Swiss bank. Allegedly, on behalf of the bank, they sent an email campaign containing a malicious program. Bank customers ran it and thus provided fraudsters with the opportunity to withdraw money from their bank accounts. An accidental mistake made by hackers allowed their illegal activities to be detected and stopped. By mistake, the criminals sent a malicious link to ordinary people, after which one of them filed a complaint with the bank's real support service. As a result, it turned out that the bank itself had nothing to do with this mailing.
2. In 2010, a group of hackers managed to obtain $37 million from the accounts of clients of a US bank. Using malware, the attackers penetrated the bank's payment system, after which they received funds directly from clients. As a result of this incident, 6 people were detained.
3. In 2007, Estonia experienced one of the largest cyberattacks in history. A group of fraudsters carried out a hacker attack on the websites of many government agencies and bodies, media portals and banking systems. As a result, the functioning of many of the country's banks and news portals was suspended for several weeks.
4. In 1998, a fifteen-year-old computer genius was able to hack the electronic system of the school where he was studying, and then he managed to obtain information from the US Department of Defense. Later, he was even able to obtain NASA data intended to control the ISS. The cost of this software was more than one and a half million dollars. The young offender was quickly identified after this incident. However, being a minor, he managed to avoid a prison sentence.

Hacker attacks can lead not only to the theft of funds and property, but also to more serious consequences, such as the suspension of the functioning of important government and international structures, as well as the loss of important, protected information. Therefore, this offense is especially dangerous in the age of information technology.

In the published article you learned what the article for fraud on the Internet is in Russia. Article 159 of the Criminal Code of the Russian Federation for fraud on the Internet is far from the only one in this case. Article 163, as well as 272, 273 and 274 of the Criminal Code of the Russian Federation for deception on the Internet can also be applied. The choice of one or another criminal article depends on the scale of the consequences and the type of fraud. You also learned about how to protect yourself from being deceived on the Internet, what you need to do if you find yourself in such a situation, and what evidence you need to collect in order to find the perpetrators of the crime as soon as possible.

Legal characteristics of the offense

Petty fraud is considered one of the types of theft, which is considered a criminal offense and comes down to the malicious use of someone else’s property for one’s benefit. To commit a scam, criminals use illegal actions that involve selfish motives with further causing material damage to the injured party. Small-scale fraud can be committed through malicious deception or abuse of the trust of strangers. This crime can be committed in the following forms:

1. Providing knowingly false information to the injured party;
2. Forgery of documents or falsification of transaction objects;
3. Malicious suppression of truthful information;
4. Use of illegal financial schemes when concluding transactions;
5. Deception committed with the aim of misleading victims.

01
Free consultation with a fraud lawyer

02

Free hotline (Moscow and regions of the Russian Federation)

8 800 707 84 52 03

Consultations in a mobile application

Prices for fraud lawyer services

Breach of trust can be caused by other circumstances, the most important of which are the presence of family ties between the offender and the victim, prior acquaintance, as well as abuse of official position.

Kinds

Frauds in the field of computer information are divided into different types of signs , which include:

1. According to the purposes of the unlawful act:
   Theft of unique information and valuable data (graphic files, individual files, etc.).
2. Blocking an account to extort money to unlock and gain access to a PC.
3. Changing or deleting information to lose its value. The goal is the need to re-acquire data from the owner of the backup copy, who is the fraudster.
4. By method of gaining access to the information repository:
   Hacking a protected program.
5. Obtaining code through phishing.
6. Forgery or theft of an electronic key.
7. Selecting a password when connecting a special device.
8. By instrument for committing fraudulent actions:
   Entering information and changing registry data on an “infected computer.”
9. Installation of special software or standard type programs with hidden modules that execute the algorithm at a given time.
10. Infection with extraneous programs by downloading files from a removable device.