Features and types of fraud in the field of computer information

Illegal acts such as computer fraud are considered the most controversial. They remain closely associated with manipulating people, exploiting others' trust and lying. At the same time, the peculiarities of this type of fraud are that it is carried out by entering, changing and erasing data that is on computers. Computer fraud is a fairly new item in the Criminal Code, as technology develops rapidly. More and more people are becoming victims of scammers, whose tool for committing crimes is the Internet.

Types of fraud in the field of computer information.

Computer fraud schemes differ from the standard concept, but at the same time they have common features and characteristics. To investigate such crimes, it is necessary to use additional resources and slightly different methods. We will try to understand what fraud in the field of computer information is, what key features it has, as well as what preventive measures are provided for such illegal actions.

Other attacks based on requests to valid addresses

The demand for valid network email addresses has grown so much today that various types of attacks are already emerging to satisfy the demand. At the same time, some attackers specialize in infecting legitimate web pages with special Trojan programs and keyloggers.

Another attack involves hacking into the databases of popular employment sites or any other sites that collect correct email addresses.

What advice can be given in connection with such crimes? Only regular password changes and, of course, unique strong passwords for each network account.

Social media scam

A wave of fraudulent messages has flooded the popular Twitter network, making it impossible to trust even those people whose messages we have always trusted. “Today we are seeing old scams successfully moving onto social media,” says Matt Marshall, lead researcher at Redspin.

“The attacks began after the attackers created accounts on Twitter, then began sending out messages that contained links to pages advertising fake antiviruses,” says Mikko Hypponen, an employee at F-Secure. (https://content.usatoday.com/topics/topic/F-Secure).

One attack generated messages with topics that were in the TOP 10 best topics on Twitter, the other copied messages sent by real people. At the same time, the fake messages contained links to fake antiviruses, says Beth Jones (Sophos) (https://content.usatoday.com/topics/topic/Sophos).

According to Microsoft Security Report Release 7 (January - June 2009), views of phishing pages increased significantly in the first half of 2009, mainly due to an increase in phishing attacks targeting social networks.

Phishers attacked a wider range of websites than in the first half of 2009; The most frequently attacked sites were gaming sites, portals, and Internet resources of large corporations.

The number of views remained approximately the same during the second half of 2008 and early 2009, then almost quadrupled in April 2009 and further in June 2009, partly due to the campaign or campaigns targeting social networks.

Figure 1 Number of views of phishing pages, monthly compared to January 2009

The main targets of fraudsters remain financial institutions, social networks and e-commerce websites. In addition, attacks began to spread to the sites of other organizations, for example, to online gaming sites, web portals, as well as to large software and telecommunications equipment companies.

Give everything away at once

No one can be an expert in all matters: that's why repair services exist, so that a car mechanic can have his computer repaired by a computer specialist, and he can have his car repaired by a car mechanic. And if they deceive each other, each in his own place, there is some kind of higher justice in this, says Dmitry Svetlovsky, a partner at the law firm Tekhnika Prava, philosophically.

Svetlovsky recalls a case from his practice when one woman, a victim of the “advertising master,” followed the principle and filed a complaint against him with the police. It was a matter of principle because the police are extremely reluctant to accept such statements, given the small amounts of damage and the almost zero legal prospects of such cases.

“She had a normal operating system crash on her computer. But the “master” deliberately made the car unusable in order to extract more money from the client for repairs. As a result, the client turned out to be principled, and after the repairman was called to the police, he considered it best to compensate her for the damage caused. But such cases can be counted on one hand,” he told Reedus.

This is the textbook case when the rescue of drowning people is the work of the drowning people themselves. Prevention, as in medicine, is more important than treatment. Because it will be extremely difficult to prove malicious intent after the fact, the expert admits.

“First of all, you are unlikely to be able to find the culprit purely physically. This is an absolutely viral business. Someone calling himself “Sergey” in the ad is not one person, but the pseudonym of an organized group of people, and it has neither an address nor any other clues except a telephone number, which they will immediately turn off if it smells of kerosene. Secondly, you will never prove that it was this “Sergei” who caused you harm: he will simply state that he sees you for the first time in his life. So I don’t recommend wasting time on such lawsuits, but my main advice is the same as in another important activity: to protect yourself,” advises Svetlovsky.

What is "phishing"?

Here is the definition of “phishing” given by DrWeb specialists (https://support.drweb.com/faq/a5/#fish).

Phishing is an Internet fraud technology that involves stealing personal confidential data, such as access passwords, bank and identification card data , etc. In December 2005, there was a sharp increase in the number of phishing sites (by 65%, in November 2005 4630, and in December already 7197). According to APWG experts, this growth became possible thanks to the emergence of so-called “phishing kits” - utilities that allow you to create a phishing site in a short time. According to Websense, one of the most popular tools for constructing phishing resources is called the Rock Phish Kit. The current situation with phishing is reminiscent of the situation in the field of writing viruses several years ago, at the time of the emergence of virus designers.

Briefly, the essence of phishing can be summarized as follows. The fraudster tricks the user into providing his confidential information: Internet access data (name and password), credit card information, etc. It should be noted that the victim performs all actions absolutely voluntarily, without understanding what she is actually doing. Social engineering technologies are used for this purpose.

Today, phishing can be divided into three types - email, online and combined. Postal is the oldest. In this case, a special letter is sent by e-mail with a request to send any data. Online phishing means that attackers copy any websites (most often these are online online shopping stores). This uses similar domain names and a similar design. Well, then everything is simple. The victim, entering such a store, decides to purchase some product. Moreover, the number of such victims is quite large, because the prices in such a “non-existent” store will literally be junk, and all suspicions are dispelled due to the popularity of the site being copied. When purchasing a product, the victim registers and enters his credit card number and other information.

Such phishing methods have been around for quite some time. Thanks to the spread of knowledge in the field of information security, they are gradually turning into ineffective ways to “take money.”

If you think that phishing attacks are relevant only for foreign countries, then you are mistaken.

The first phishing attempt in the CIS was registered in 2004. Its victims were clients of Moscow Citibank.

In Ukraine, clients of Privat-Bank and .

In the case of clients, scammers sent email messages to potential victims and made advertising postings in popular Ukrainian Internet forums about a “possible” account replenishment, which should cause damage to the Kyivstar mobile operator (it was proposed to carry out a special set of USSD commands, which leads to debiting money from the account of a gullible subscriber), the subscribers themselves suffer from this. Some experts consider this type of Internet mailing to be the first serious Ukrainian phishing attack, since it relies on the use of a new mobile operator service that allows the transfer of amounts from one subscriber's account to another. Banks and other organizations that use IP telephony for voice communications risk exposing themselves to phishing attacks, for which there are currently no means to prevent them. This was stated by an information security expert who calls himself The Grugq at the Hack In The Box Security Conference (HITB) in Malaysia.

“Criminals will be able to penetrate banking networks and take control of their telephone channels,” The Grugq is convinced. The use of VoIP is an increasingly popular technology that helps reduce telephone costs. However, VoIP makes company networks more vulnerable to attacks. According to the expert, phishing attacks via VoIP will be recorded before the end of this year. Criminals will have access to personal data, including credit card numbers and banking information, and only a small number of information security specialists will be able to stop them. “Theoretically, you call your bank, and the client’s phone line is already hijacked by hackers,” The Grugq admitted.

If this scenario occurs, the hacker will ask the customer to provide credentials information before contacting a customer service representative. “There is no technology that allows companies to cope with the problem,” the expert said, noting that existing attack detection systems are not able to detect the fact of a VoIP attack. To organize it, hackers will now only need ordinary software to support IP telephony or telephone billing.

How to protect yourself from this ? First of all , with the help of common sense , namely :

• Your bank (or the credit card company whose card you use) usually addresses the customer by first and last name, both by phone and by email. If this is not the case, then it is most likely a scam;
• You may not call the phone number provided to you regarding credit card or bank account security. For emergency calls, you are provided with a telephone number on the back of your payment card. If the call is legitimate, then the bank keeps a record of it and will help you;
• If someone calls you claiming to be your provider and asks questions regarding your confidential data, hang up.

The publication Switched cited typical signs of phishing emails.

1. Requests for Personal Information
2. Typos or spelling errors
3. Links in email
4. “Market research” asking for personal information
5. Investment advice from random people or companies
6. File attachments in emails from strangers
7. Emails without words
8. Outdated information
9. Prohibition phrases
10. General greetings

Investigation methods

The process of investigating criminal proceedings for fraud in the field of information and computer technologies proceeds in different ways. This depends on the specific circumstances, the content of the case, fraud with personal data, etc. Experts identify two main situations:

• when attackers are caught red-handed or identified using photo and video evidence;
• when there is evidence of fraud, but the attacker has not been identified.

If the fraudster was caught red-handed directly at the crime scene, or he was identified using available photos and video materials, then the investigation involves the following:

1. Establishing the fact of a crime. First, you should confirm the fact that certain manipulations were performed with computer devices by analyzing the event log in the system or changes in the data registry. This procedure is performed by a qualified specialist who is well versed in computer technology and programming.
2. Evidence of intent. Intent will be obvious if the manipulation of the computer, which as a result was hacked, was not the official or professional duties of the accused. Roughly speaking, if access to data on a computer was not obtained by the company's system administrator, who was asked to do so, then malicious intent is obvious.
3. If manipulations with information repositories are part of the work process of an employee who is suspected of fraud, then it will be quite difficult to prove his guilt. The difficulty lies in the perceived lack of awareness of the consequences that may result from installing malware or performing manual manipulations. It is quite problematic to refute this ignorance.

If, in order to establish the identity of a suspect, it is necessary to carry out search activities and confirm involvement in fraud, then all the above steps are performed without reference to a specific person. It is necessary to determine the potential circle of suspects, taking into account the people interested in committing such a crime.

Facts of identifying similar crimes committed by suspects earlier can contribute to the investigation. But the search for a computer fraudster does not always end successfully. Many crimes are carried out anonymously, which is more than possible on the Internet. It is extremely difficult to track down a swindler without a staff of qualified specialists involved in information and computer security.

But if the fact of computer hacking and data theft has been confirmed, the fraudster will face appropriate punishment. A feature of the crime can also be considered the fact that the preventive measure largely depends on the damage caused. Less serious crimes are followed by relatively weak penalties. And vice versa.

How to fight phishing?

If you are using Internet Explorer 8.0, you should note that although the anti-phishing filter existed in Internet Explorer 7.0, protection has been strengthened in IE 8.

Anti-phishing protection has been combined with anti-malware protection using SmartScreen® Filter. This will help users not to fall for the tricks of phishers. This filter will warn the user that he is on a phishing site or a site that distributes malware. This will allow users to participate in improving the Internet by reporting potential phishing or malware sites. However, do not forget that you always have the opportunity to turn this filter on or off at any time.

What is the responsibility under Art. 159.6 of the Criminal Code of the Russian Federation and what else may threaten?

The Criminal Code of the Russian Federation provides for liability and extends its effect to criminal activity on the Internet (Article 159.6). The offender may suffer the following types of punishments, in the absence of qualifying criteria (we will describe them later):

1. Imprisonment for up to four months.
2. Assignment of forced labor for up to 24 calendar months.
3. Imprisonment for up to two years.
4. Assignment of correctional labor for up to 12 months.
5. Penalties up to 120,000 rubles.
6. Assignment of compulsory work up to 360 hours.

For small-scale theft (up to 2,500 rubles), only administrative liability is provided under Article 7.27 of the Code of Administrative Offenses:

• According to Part 1 (if the amount is less than 1000 rubles):
  imposition of an administrative fine in the amount of up to five times the value of the stolen property, but not less than one thousand rubles;
• or administrative arrest for up to fifteen days;
• or compulsory work for up to fifty hours.
• According to Part 2 (if the amount is less than 2500 rubles):
  imposition of an administrative fine in the amount of up to five times the value of the stolen property, but not less than three thousand rubles;
• or administrative arrest for a period of ten to fifteen days;
• or compulsory work for a period of up to one hundred and twenty hours.

But liability under 7.27 of the Code of Administrative Offenses will only be provided that there are no signs of crimes provided for in parts two, three and four of Article 158, Article 158.1, parts two, three and four of Article 159, parts two, three and four of Article 159.1, parts two, three and four Article 159.2, parts two, three and four of Article 159.3, parts two, three and four of Article 159.5, parts two, three and four of Article 159.6 and parts two and three of Article 160 of the Criminal Code of the Russian Federation, except for the cases provided for in Article 14.15.3 Code of Administrative Offenses of the Russian Federation.
In all other cases - criminal liability.

More severe punishment is provided for by the qualifying elements of the crime:

1. An act committed by a group of persons by prior conspiracy, as well as causing significant damage to a citizen.
2. Acts provided for in parts one or two of this article, committed:
   by a person using his official position;
3. on a large scale;
4. from a bank account, as well as in relation to electronic funds.
5. Acts provided for in parts one, two or three of this article, committed by an organized group or on an especially large scale.

All penalties for these signs are prescribed in Article 159.6 of the Criminal Code of the Russian Federation.

• Large size – from RUB 250,000.
• Extra large size – from RUB 1,000,000.

Checking a website manually using a filter

If Automatic Website Scan is not selected, the anti-phishing icon will be displayed in the Internet Explorer status bar. To check a website, click the icon and select Check Website. In addition, checking websites in Internet Explorer can be done as follows.

1. Open Internet Explorer.
2. Go to the website you are checking.

Click Tools, select Phishing Filter, and then click Check Website. (Fig.2)

Figure 2 SmartScreen Filter

If you still consider this site to be phishing or distributing malware, then you can send information about this to Microsoft manually (Fig. 3).

Figure 3 Submitting information about a phishing site

You may note that this creates a loophole for malicious users who can report the site to simply tarnish its reputation. However, not everything is so easy.

Anti-phishing only blocks sites that have been verified as fake by Microsoft reviewers or employees of third-party data providers. Anti-Phishing also offers a web-based feedback and suggestion system to help users and site owners submit error reports as quickly as possible.

In addition, it should be noted that it is possible to block the download of malware using SmartScreen® Filter (Figure 4).

Figure 4 Attempt to download malware

Figure 5 Preventing malware downloads using SmartScreen® Filter

SmartScreen® Filter checks the download site using a database of known malicious websites.

Where to look for a computer technician

Most PC problems come down to basic problems:

• programs crashed.
• clear memory.
• install antivirus.
• install office programs.
• and other similar relatively minor problems.

To fix them you don't need any programming knowledge. Almost any adequate PC user can do this, even a schoolchild!

1. Contact your children and grandchildren.
2. If you are not around, ask your friends to give their relatives to help :)
3. Just contact your neighbors.
4. Ask your friends who repaired them. Recommendations from friends are perhaps the best way of all.

It all sounds so typical and simple. But this is the fastest and safest option of all. For a small reward, any knowledgeable person will do everything in a better way. For example, when my friends ask me for such services, I never take money.

When something burns out or breaks down, it is better to contact a real service center, of which there are many in any city. And always check the price before starting work. If they say that it is difficult to say, ask for at least an approximate estimate.

No matter what anyone says, any experienced master roughly understands how much repairs will cost. They don’t tell you in advance so that they can extract more money from the client.