it is not necessary to be surprised to that in process of development of the Internet and formation from it one more - parallel - spaces of ability to live of a society all social and economic negative smoothly has extended and there. WorldWideWeb became area of quickly expanding electronic business, sphere of industrial purchase and sale, the international market platform in which limits enormous money already circulates. And where money, there and swindlers.

And new generation - computer, technically competent, well equipped, smart and hardly perceptible.

the Criminal zone

Quantities and scales of economic swindles and the financial frauds which are carried out on the Internet, have reached already such degrees that all pluses of "virtual" commerce traditionally declared as its unconditional advantage before commerce "real" put under the doubts. Well really - about what efficiency, convenience and especially safety of electronic transactions can talk, when thefts on the Internet occur more often, than in notorious New York Central park, and any trading web-operation can end for the businessman the same as travel of a medieval merchant through the Murom wood. An order of the damage annually put by computer plunders, already we will compare with total incomes of global Internet business. And it to you not "larceny on a trifle" to which at the beginning of an epoch of the Internet of special value it was not given, it is serious, and now business (and not only business) the public of the different countries problems of protection from economic kiber-criminality and antagonisms to it more and more start to excite. Problems in which orbit appear are involved both businessmen, and their clients, and developers of hardware-software systems and web-services, both law-enforcement structures, and bodies of Office of Public Prosecutor and court, and legislators.

After all the Internet indeed turns in exclusive criminal zone where there are criminals of any nationality and a trade, any social status and age. In the beginning of last year financial services of the government of the USA have informed on capture of the 17-year-old swindler who has managed for short time to steal one million of dollars. Cole Bartiromo, the inhabitant of the State of California, has placed the message in which promised to potential investors profit to 2500 % from short-term investments on the site and several forums. Within only one month it managed to receive money for the special account in kosta-rikanskom bank from thousand persons, using various services of on-line payments, including widely known PayPal. Unfortunate investors, having found out a deceit, have made the complaint in federal bodies which have found also the bank account, and the enterprising teenager. Prisons to Cole managed to be avoided only on the early childhood, yes because it was able to return all money received with application of rather primitive roguish scheme. And here to Thomas Hauseru for the organisation of fictitious sales at Internet auctions eBay and Yahoo! It is necessary to spend in prison the whole 12 years. As a result of 268 virtual transactions it has received from buyers over 100 thousand dollars, not having put it in exchange is absolute anything.

the Data which have been saved up by the Interpol, confirm that fact, that for last years WorldWideWeb became sphere of the most active growth of criminality from all existing areas of human activity. And if in 2000 in the USA officially registered damage from swindle in this sphere has made 32 billion dollars by the end of 2002 on the tentative estimations this sum has increased at least twice. Rather symptomatically, that to number of the most Internet criminalised areas of the world concern also advanced in technological, economic and political sense of the country (first of all - the USA, the Great Britain, Canada, Australia), and the developing states (including Russia, Romania or, for example, Indonesia), and even the whole African regions as which we have got used to consider backward (from Nigeria before). Forms and methods of computer larceny, the most widespread in the different countries, naturally, differ from each other and depend on what kinds of web-services their citizens more often use: here and already mentioned "trade in air", and use of the false or stolen credit cards, and swindles with bank accounts and transfers, and much-many other things.

the Difference, by the way, exists and in the approach of electronic business to a comparative estimation of the potential danger at work in this or that region. Despite absolute superiority of the United States by quantity economic kiber-crimes, was not while it is fixed any case of boycott of this territory by any structures of electronic commerce. But all former republics USSR, Indonesia and Romania have been initially included by many known web-auctions and trading firms in "black lists" countries where businessmen promised to deliver the ordered goods. According to research company Gartner, in the fourth quarter 2001 "the peak of trading fear" when approximately 12 % of all Internet sellers in general refused to deliver the goods abroad has been fixed. And the majority of electronic businessmen of the USA and the Western Europe and until now openly do not trust the credit cards used by foreign clients, - especially if these cards are emitted by local banks. Sellers prefer to receive an absolute advance payment for the goods and only then to send them.

by Experts the rich statistics showing is already collected, that private persons suffer from business structure web-larceny much more, than. Men victims of similar crimes become more often, than women, and older persons more often, than young. If to trust calculations of the Center of the analysis of Internet swindle (Internet Fraud Complaint Center), most of all chances to become a victim of computer swindlers at participants of on-line auctions: almost 43 % of all cases of swindle fixed last years, has occurred to unlucky auctioneers. Every fifth victim has been deceived dishonest sellers of the goods and services, and about 15 % of incidents have been connected with so-called "Nigerian letters" (victims had imprudence to respond to confidential letters from so-called. " The high-ranking officials from Nigeria ", addressing with favourable offers on the help in export for limits of the country of large sums of money). And only in 1,4 % of criminal situations guilty there were enterprises of electronic trade.

It is made already and "portrait" of the average Internet swindler: it about the 30-year-old man trading in swindle by means of the personal computer in house conditions and during free time from the basic work. It steals, as a rule, gradually: 32 successful "touches" from 100 bring to it less than 500 dollars, and only in three cases it manages to pocket over 10 thousand. And according to law enforcement bodies, these three cases usually fastest also are investigated. Can be. But even if it and so, criminal "chicken" is in time and "on a kernel" with impunity peck in virtual space very much and very serious money.

Business against business

Though, certainly, cases extraordinary become property of wide publicity all the same. So, in due time the huge public resonance in the USA was received by messages on a process course "Emulex against Mark Jacob": the 23-year-old student of the Californian college has been convicted of one of the largest financial Internet swindles who has yielded to investors of corporation Emulex losses at a rate of 110 million dollars. That most to grow rich almost on an one million quarter (the exact figure of the personal benefit taken by Jacob from its fraud, made 240 000 dollars), this "young, but early" the adventurer has simply dispatched through news service Internet Wire Inc. The forged press release about current state of affairs Emulex Corp., therefore the course of its actions has decreased practically twice. However simplicity in this case did not become a genius sign: As it was obvious that extend obvious "misinformation" on network Internet Wire the person close familiar with system of its work could only, Mark Jacob who has left this company shortly before a crime, had no chances to remain not suspected. For acknowledgement of suspicions the consequence needed to direct only to college where he studied, the official inquiry, the answer on which has dispelled last doubts: at night before dispatch of the notorious press release Mark "in sweat of the person" worked in the student's computer centre. Proofs sufficed much, and unlucky "the electronic businessman" has been arrested.

That criminal cases, thank God, not too it is a lot of Such scale thieves' "affairs" in Internet history. But in the meantime one only swindles with credit cards on the Internet manage the Internet-biznesam more than in 10 billion dollars annually. Kiber-swindle has already ceased to be considered as set of separate, outstanding precedents and has turned to business - the present criminal business existing in WorldWideWeb together with business legal and a notable loss causing to it - both financial, and moral. " Incomes of shadow business on the Internet for today can be compared to profit on illegal traffic in arms and drugs, - Dmitry Chepchugov, the head of department "R", the of Moscow organised at the Municipal Department of Internal Affairs specially for struggle against crimes in sphere of high technologies speaks. - for example, the device of substitution of number for creation of illegal public telephone booths manages to the manufacturer in 30-50 dollars, to organizers of public telephone booths it is on sale for 3-5 thousand and pays off with interest, bringing the owners on the average 15-20 thousand dollars a month. It is profitableness which has not equal! " "Shadow web-business" now actively uses in the purposes and the technology of Internet trading considerably facilitating the mechanism of purchase and sale of securities. The main principle of the majority of roguish schemes consists only in placing on the unreliable information Internet about emitters. A concrete example: the American authorities managed once "to detect in the act" the owner and the director of Internet firm Alphanet - the essence of the system of enrichment created by them was reduced to artificial increase of rates of actions of 60 small companies by false information distribution as if these firms are advanced by well-known and supersuccessful giant America Online. On a speculative difference of courses criminals for short time had time to hammer together without small a quarter of one million dollars. As experts - typical "pump and dump" are expressed: most, by the way, dangerous even for the tempted traders model of a financial cheating. Market manipulation consists in extraction of profit at the expense of sale of securities, demand on which has been generated is artificial. So, the manipulator gets papers real, but the unknown company. Then the false information about the emitter extends, than the raised demand for the given actions, thereby promoting increase of their price is created. The sharp rise in prices involves in actions interest of strangers (more often individual) investors. Having waited the peak price, swindlers carry out sale of the package of securities under obviously overestimated prices. After fulfilment of similar manipulations the price in the market comes back to the initial level, and ordinary investors appear at a loss.

the Following complex of roguish receptions is based on banal human greed: on possibility "riskless capital investments" are pecked by very many fans of easy profit, having believed in the information extended through the Internet on variants of superprofitable investments with a low risk level. As a rule, this offer nonexistent, but very popular projects, such as investments in a "better" securities of banks, the telecommunication companies, in a combination to unconditional guarantees of return of the enclosed capital and high profits. Here it is possible to carry and so-called "exotic" offers - such, for example, as on-line sale of actions "central-american coconut plantation having the contract with a network of supermarkets of the USA and bank guarantees of return through a short time interval of the basic sum of investments plus of 15 % of profit".

Save yourself

to define how business with computer safety in your company is, answer ten questions:

> whether you Understand basic importance of maintenance of computer safety?

> whether There is a concrete person or structure who are responsible for computer safety?

> whether Has provided company management how to provide computer safety?

> whether you Know, how many is spent for information safety and how this money is used?

> whether you Consider as a paramount problem maintenance of computer safety (especially if be going to do business on the Internet)?

> whether your organisation Faced attacks? What were their consequences?

> whether you Understand, than risk, if we will get reputation of the company, helpless before electronic attacks?

> What steps should be undertaken to improve a situation in the field of computer safety?

> whether you Use independent experts in the field of computer safety for check of the systems of protection?

> How you estimate efficiency of the actions in this area?

Is also dashing payment system "WebMoney" where conditional money which it is possible to buy, pay off with them for the goods turn or to convert them in the present currency. But as this payment system is virtual, its organizers, to is formal-legal signs, do not render any financially-bank services and consequently taxes do not pay for it, - and at the same time and to all clients help to hide from the taxation. Well and for payments in this system has been created, for example, quite real International Metall Trading Bank - hardly probable not the most considerable legally registered enterprise of shadow Internet business. Being based in Montenegro, this bank exists for a long time, and many hackers use it. " Obviously we work, - with badly hidden feeling of specific pride the chief of department on struggle against computer crimes of management "R" Alexander Slutsky speaks. - the Bank allows to work mediate; the payments arriving through it, it is impossible to trace. It is possible to open the account, to operate it, - and it is possible to transfer a package of documents necessary for it by fax, and nobody will check their authenticity. And official founders - two Moscow mechanics-sanitary technicians with surprise have learnt from us, that are owners of Internet bank. Earlier they never did not meet at all, and unites their one: both once lost the passports... " "Exclusive disorder and self-confidence of the western companies which easy allow to involve itself in the next swindle amazes, it is illegal to take advantage of the possibilities and easier to crack the sites, - Alexander Slutsky is surprised. - And despite accumulated sad experience, criminal conditions continue to remain, and swindle precedents repeat". If so the whole business structures what to speak about separately taken ordinary citizens imprudently behave? Yes among them swindlers in general feel as in reserve non-frightened Internet gawks. One only "financial pyramids" during web-criminality existence was made and it is destroyed so many that even mister Mavrodi extremely tempted in this question could envy. One Belarus swindler has somehow dispatched letters of approximately such maintenance:

"Hello! To you the manager of your bank addresses. We spend verification of the given clients and we ask to inform us number of your credit card and term of its action". In letters, certainly, there were no data confirming powers requesting, however from one and a half thousand received letter third has sent the requested data of which the author has not failed to take advantage. By the way, for realisation "extracted dishonest by" hackers and other swindlers frequently address to the same to "respectable visitors of the Internet". One number of a credit card in a network costs on the average from 50 cents to dollar. Numerous "bulletin boards" of web-space dazzle to impropriety with frank offers: "Hot of credit cards!" By the way, not too impudent swindlers use one number no more an once, removing there are more 100 dollars, that almost always passes if and is no imperceptible for the victim it is absolute without consequences for the criminal.

All on struggle!

In management "R" the case when for detention of criminals on already traced chain of fictitious electronic sales of the goods on credit cards through CD Universe it was necessary to receive only at employees of the company of the address of deliveries has been fixed. Also what? Employees in reply to the reference of detectives only have made a helpless gesture - even these elementary data at them were not stored, the appointment country - Russia has been only specified. Yes, it is visible, and desires special to help to an investigation they did not test.

Nevertheless, after the massed hacker attacks which have come to the end for the suffered companies with astronomical losses, to Internet malefactors it has been decided to find a justice. In the end of November, 2001 of 26 European countries, and also the USA, Mexico, Canada and Japan have signed the first international convention on struggle against computer crimes. The parties were obliged to enter at themselves a certain minimum of laws on struggle with nonautorized access to computer networks, interception of data, Internet swindle, a computer piracy etc. Non-alignment of Russia to the convention became an unpleasant surprise for world around as our fatherland is famous for the large-headed fellows bossing in another's systems and computers as at home. " That we have joined in the convention, the State Duma should ratify it, - made comments on this fact Alexander Slutsky. - However in the virtual environment such grandiose sums now rotate, that the certain part of the government somewhat is interested in preservation of the developed disorder: if Russia passes the laws allowing effectively to struggle with kiber-crimes, it will be possible to trace with ease all illegal electronic payments and transfers ".

But the flywheel of the organised international counteraction of web-criminality continued to be untwisted. The government of the Great Britain has addressed to a management of 12 states of the world with the invitation to an exchange of the confidential information on the complaints which have arrived from Internet users to use it with a view of search and neutralisation of swindlers. The federal trading commission of the USA has voted for joining to this initiative, and then to the project Australia, Canada, Denmark, Finland, Hungary, Mexico, New Zealand, Norway, South Korea, Sweden and Switzerland were connected. In the meantime the Commission on exchange activity and securities of the USA has created in the structure special division from 100 with superfluous policemen for the control over reliability of the information on the Internet. Supervision over a correctness of the data dispatched by e-mail and placed on electronic bulletin boards and sites has been carried to functions of this group.

do not lag behind the state bodies and many private companies. Visa, for example, undertook the organisation on the Internet of own financial investigation, declaring creation of the specialised company which would spend web-monitoring of transactions and would trace attempts of realisation of suspicious electronic operations. According to the head of the Russian representation of international payment system Lu Naumovsky, for increase of degree of safety of the trading activity to all Internet shops accepting cards Visa, it will be expedient to conclude with the new company contracts that weigh their information stream will go through it. All communications should go with observance of the report of safety 3D-Secure, approved by payment system. Thus it is supposed, that actually equaring will be, as well as now, to be engaged directly banks. By the initial plan for creation of such company it was taken away about one year, and expenses for its organisation were estimated in 3 million dollars. The director of department of plastic cards of Avtobank Valery Nikitin in one of interview named this idea Visa enough sensible, having noticed, the truth, that degree of its utility will depend on, whether can defray decrease in losses from swindle increased expenses on work with Internet shops.

Consulting company Ernst and Young has interrogated heads of 500 largest companies on purpose to define, in what measure of business structure are ready to struggle against computer criminality. As has shown research, the greatest efforts on prevention kiber-crimes undertake the companies operating in sphere of telecommunications. On the second place - the companies, rendering financial services, on the third - the multimedia companies. Less all attention computer criminals are given by the firms operating in branch of power (at the same time they are famous for the greatest quantity of "traditional" security guards and safety systems). Research also has shown, that databases, and least carefully - e-mail systems are most carefully protected. In the regular reviews of web-servers service Netcraft with alarm concludes, that now the Internet is vulnerable to attacks of hackers as never earlier. All experts, analysts and specialised IT Firms unanimously blow alarm concerning a state of affairs with maintenance of safety of corporate sites and information networks. Despite persevering, apparently, efforts and numerous actions from state systems and business structures, the extensive Internet finance still remains rather transparent and accessible to "technologically developed" underworld of a global network. According to data Celent Communications, expenses of the companies which are engaged in trade on the Internet, on maintenance of own and client safety should increase from 730 million dollars in 2002 to (at least) 2,6 billion dollars in 2006

the Law. - there is a law?

However, besides organizational and technological, the problem of struggle against Internet swindle has also one more aspect - legal. For today the American Internet business from the legal point of view can be considered as the subject who has to the greatest degree suffered from electronic burglars, swindlers and speculators of all colours. That is why absence of the accurate legislative definitions qualifying their acts, cannot serve any more frequently as circumstance extenuating fault and to stop punishing sword of justice. For the present it is impossible to tell, that "specificity" of the crimes made in the environment of the Internet, absolutely it is not considered by judicial instances, - but the further, the more often these crimes are equated to "traditional" and receive the same legal estimation, as usual larceny, fraud and swindle. It is necessary to note, as the public opinion of the United States tends to more and more to put in prison of all computer schemers.

we Will return to incident with Mark Jacob: the public prosecutor of district court of Los Angeles Alexandro Mayorkas has demanded a recognition of the swindler to articles of accusations guilty on all three brought its. Thus the maximum punishment provided by the American legislation on set of these articles, makes neither much nor a little - 25 years of prison! Nevertheless, taking into account all legal incidents and ambiguities, the court was limited Mark's to conclusion under guards for the term of 3,5 years with payment of indemnification of company Emulex and to its shareholders in size twice exceeding the caused damage. " Our legislation still very much and very imperfectly for effective opposition of expanding electronic criminality, - was declared by the public prosecutor. - but the fact of a recognition of Jacob guilty already corresponds to the efforts of the federal government directed on suppression of criminal activity in the environment of the Internet for similar activity not only has for an object reception of illegal personal profit, but also yields essential losses to the companies, but also, undermines authority of an electronic stock exchange ". The originator is punished, - an another matter, that investors Emulex Corp. Hardly will wait compensation of the suffered damage: after all for payment of 220 million dollars" the poor student "should work exclusively for the blessing of the corporation plundered by it, probably, not one hundred years!

Under FBI messages, only for last months 2002 and only in the USA about 90 physical persons and the companies have received charges in Internet swindle within the limits of the investigation spent by bodies of the law and order in territory of all country. As a result of operation under the code name "Kiber-losses" ("Cyber Losses") it has been raised 61 criminal case, is put forward 88 charges, and 62 persons are taken into custody. Who from them, under what articles and in what measure will be punished - depends now and on behaviour of the American legislators among which measures on toughening of legal sanctions against web-swindlers are strenuously lobbied. Even in Turkey the law is already passed, according to which for a defamation or the publication on the Internet obviously a false information the court can impose on its authors (and at the same time - and on Internet providers) the penalty to 195 thousand dollars. Without necessary legislative base really to struggle with web-criminality it is really impossible. " We cannot adequately react. Here have seized by a hand lzheinternet-shop - and where it? It is impossible to recognise it illegal because in Russia there is no accurate definition of lawful Internet shop. The most widespread crime in Moscow - use of another's passwords and logins, however the Russian legislation does not provide punishment and for it ", - Alexander Slutsky complains. It is possible to speak About severity of the law only when it is. And when there is no - any remedial actions or technological shifts in a direction of anticriminal self-defence appear passive.

Safety precautions regulations

the Recommendations developed by experts Internet Fraud Complaint Center at the desire of Vseamerikansky association of consumers.

> Participating in Internet auctions, remember: your duties of the buyer arise after the seller will carry out of the obligations.

> Specify, how the site-auction provides safety of the clients and guarantees delivery of the ordered goods by it. Learn, whether there is an insurance or other guarantees, that you will not incur a damage.

> Learn as much as possible about the seller. Specify, where there is its headquarters. Study reputation of the seller. Whether cases when it did not carry out the obligations are known? For check of reputation of sites it is possible to visit Internet page of the authoritative organisation on protection of the rights of consumers Better Business Bureau: www.bbbonline.org/consumer.

> do not look only at the goods price. Attentively read all notes and footnotes.

> Take an interest, as you will pay off for the got goods. If to you suggest to send checks or remittances for "mail box", it calls into question reliability of the seller.

> Avoid to buy the goods on the sites which are based in other countries.

> Specify at the seller - as, when and how it is possible to return not liked or rejected goods. Who pays its transfer?

> Always specify, whether cost of packing and transfer of the goods to its final price enters.

> do not give to the seller the nameplate data - it does not require at all the similar information.

> Specify, who will deliver the goods. It should be the known company.

> For transfer it is better to specify the home address, instead of a mail box or the office address. Necessarily call back to the seller and check up - whether precisely he has written down your address.

> If telephone number of the seller is specified - call on it at an inopportune time. If the same person lifts the receiver is a good sign.

> Is better to communicate with the help of e-mail. Be cautious, if the seller does not use a personal e-mail address, and uses free mail boxes which give Hotmail, Yahoo!, Etc.

> do not judge reputation of the person or the company on quality of a site. Try to learn about them something else.

> Be especially cautious, if to you suggest to pay off by means of a credit card. Use it only in the event that carry out the transaction through a known site with good reputation.

> Sometimes sellers of the goods at Internet auctions suggest to agree directly. It can help to save money, and it can appear on a hand to the swindler as Internet auctions often provide insurance of transactions concluded on them.

> Never trust electronic letters from Nigeria or any other country in which suggest to help to translate for solid compensation money for the foreign account.

More detailed rules of the organisation and participation in Internet auctions are resulted on a site of the Federal trading commission (Federal Trade Commission): www.ftc.gov/bcp/conline/pubs/online/auctions.htm.

Konstantin Ushakov
the Source: www.cio-world.ru