RhinoSec - Repository of the Faculty of Security Studies
University of Belgrade, Faculty of Security Studies
    • English
    • Српски
    • Српски (Serbia)
  • English 
    • English
    • Serbian (Cyrillic)
    • Serbian (Latin)
  • Login
View Item 
  •   RhinoSec
  • FB
  • Radovi istraživača
  • View Item
  •   RhinoSec
  • FB
  • Radovi istraživača
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

The specific features of perpetration of the criminal offence of fraud using information-communication technologies

Specifičnosti izvršenja krivičnog dela prevare uz korišćenje informaciono-komunikacionih tehnologija

Thumbnail
2019
420.pdf (528.7Kb)
Authors
Milošević, Mladen
Putnik, Nenad
Article (Published version)
Metadata
Show full item record
Abstract
Historically speaking, along with the development of ICT, the ways of their misuse developed as well. Whoever may have bad intentions will keep finding new methods to abuse these technologies. These methods are based on vulnerabilities of ICT systems, whether they are technical or related to human factor. This paper describes the phenomena of the so-called social engineering and phishing, as modes of performing the criminal offences of fraud and computer fraud, which are used for illegal collection and abuse of the data of ICT system users, in order to mislead them towards acting in a way that causes harm to their own or someone else's possession, with the intention of illegal gain for the perpetrator. Contemporary phishing attacks are very sophisticated, adapted to the potential victims and adjusted to their affinities. The collecting of information regarding a potential victim is most often done via social networks. Therefore, this paper describes the process of planning acts of frau...d and explains two most common techniques for data collecting - via social networks and via the victim's illegal router hijacking. A special emphasis is put on the criminal law treatment of these phenomena in the legislation of the Republic of Serbia, as well as on solving the dilemmas about technical terms in fraudulent acts in Serbian and English languages. The authors present different forms of social engineering and phishing in ICT systems, i.e. cyberspace, and discuss if and in which cases their acts have legal characteristics of the aforementioned criminal offences. The authors also present and analyze Serbian criminal legislation,with the emphasis on the crime of fraud and similar crimes, which are, in their essence, special forms of fraud. The stress is put on the crime of computer fraud and its characteristic features in comparison with the crime of fraud. The authors consider the changes in legislation that would lead to reformulating the crime of computer fraud so as to encompass various acts carried out with the use of the information-communication technologies.

Posmatrano iz istorijske perspektive, paralelno sa razvojem informaciono-komunikacionih tehnologija (IKT) razvijaju se i načini njihove zloupotrebe. Zlonamerni akteri kontinuirano pronalaze nove metode za zloupotrebu ovih tehnologija koje su zasnovane na ranjivostima IKT sistema, bilo da je reč o tehničkim ili ranjivostima vezanim za ljudski faktor. U radu su opisani fenomeni tzv. socijalnog inženjeringa i fišinga, kao načina izvršenja krivičnih dela prevare i računarske prevare, kojima se nezakonito prikupljaju i koriste podaci korisnika IKT sistema kako bi se oni doveli u zabludu ili održali u njoj i usled toga postupili na štetu sopstvene ili tuđe imovine, uz nameru sticanja protivpravne imovinske koristi od strane učinioca. Savremeni fišing napadi su veoma sofisticirani, prilagođeni potencijalnoj žrtvi i usklađeni sa njenim afinitetima. Prikupljanje informacija o potencijalnoj žrtvi najčešće se sprovodi putem društvenih mreža. Stoga je u radu opisan proces planiranja prevarnih radn...ji i objašnjene su dve najzastupljenije tehnike prikupljanja podataka - putem društvenih mreža i putem nelegalnog preuzimanja kontrole nad ruterom žrtve. Poseban akcenat je stavljen na krivičnopravni tretman ovih fenomena u zakonodavstvu Republike Srbije kao i na pojmovno razjašnjenje terminoloških nedoumica u vezi sa prevarnim radnjama u srpskom i anglosaksonskom jeziku. Autori predstavljaju heterogene oblike ispoljavanja socijalnog inženjeringa i fišinga u IKT sistemima, tj. sajber prostoru, i razmatraju da li se i u kojim slučajevima njihovim vršenjem ispunjavaju zakonska obeležja pomenutih krivičnih dela.

Keywords:
High-tech crime / criminal act of fraud / criminal act of computer fraud / social engineering / phishing / cyberspace / visokotehnološki kriminalitet / krivično delo prevare / krivično delo računarske prevare / socijalni inženjering / fišing / sajber prostor
Source:
Bezbednost, Beograd, 2019, 61, 2, 68-88
Publisher:
  • Ministarstvo unutrašnjih poslova Republike Srbije, Beograd

DOI: 10.5937/bezbednost1902068M

ISSN: 0409-2953

[ Google Scholar ]
URI
https://rhinosec.fb.bg.ac.rs/handle/123456789/423
Collections
  • Radovi istraživača
Institution/Community
FB
TY  - JOUR
AU  - Milošević, Mladen
AU  - Putnik, Nenad
PY  - 2019
UR  - https://rhinosec.fb.bg.ac.rs/handle/123456789/423
AB  - Historically speaking, along with the development of ICT, the ways of their misuse developed as well. Whoever may have bad intentions will keep finding new methods to abuse these technologies. These methods are based on vulnerabilities of ICT systems, whether they are technical or related to human factor. This paper describes the phenomena of the so-called social engineering and phishing, as modes of performing the criminal offences of fraud and computer fraud, which are used for illegal collection and abuse of the data of ICT system users, in order to mislead them towards acting in a way that causes harm to their own or someone else's possession, with the intention of illegal gain for the perpetrator. Contemporary phishing attacks are very sophisticated, adapted to the potential victims and adjusted to their affinities. The collecting of information regarding a potential victim is most often done via social networks. Therefore, this paper describes the process of planning acts of fraud and explains two most common techniques for data collecting - via social networks and via the victim's illegal router hijacking. A special emphasis is put on the criminal law treatment of these phenomena in the legislation of the Republic of Serbia, as well as on solving the dilemmas about technical terms in fraudulent acts in Serbian and English languages. The authors present different forms of social engineering and phishing in ICT systems, i.e. cyberspace, and discuss if and in which cases their acts have legal characteristics of the aforementioned criminal offences. The authors also present and analyze Serbian criminal legislation,with the emphasis on the crime of fraud and similar crimes, which are, in their essence, special forms of fraud. The stress is put on the crime of computer fraud and its characteristic features in comparison with the crime of fraud. The authors consider the changes in legislation that would lead to reformulating the crime of computer fraud so as to encompass various acts carried out with the use of the information-communication technologies.
AB  - Posmatrano iz istorijske perspektive, paralelno sa razvojem informaciono-komunikacionih tehnologija (IKT) razvijaju se i načini njihove zloupotrebe. Zlonamerni akteri kontinuirano pronalaze nove metode za zloupotrebu ovih tehnologija koje su zasnovane na ranjivostima IKT sistema, bilo da je reč o tehničkim ili ranjivostima vezanim za ljudski faktor. U radu su opisani fenomeni tzv. socijalnog inženjeringa i fišinga, kao načina izvršenja krivičnih dela prevare i računarske prevare, kojima se nezakonito prikupljaju i koriste podaci korisnika IKT sistema kako bi se oni doveli u zabludu ili održali u njoj i usled toga postupili na štetu sopstvene ili tuđe imovine, uz nameru sticanja protivpravne imovinske koristi od strane učinioca. Savremeni fišing napadi su veoma sofisticirani, prilagođeni potencijalnoj žrtvi i usklađeni sa njenim afinitetima. Prikupljanje informacija o potencijalnoj žrtvi najčešće se sprovodi putem društvenih mreža. Stoga je u radu opisan proces planiranja prevarnih radnji i objašnjene su dve najzastupljenije tehnike prikupljanja podataka - putem društvenih mreža i putem nelegalnog preuzimanja kontrole nad ruterom žrtve. Poseban akcenat je stavljen na krivičnopravni tretman ovih fenomena u zakonodavstvu Republike Srbije kao i na pojmovno razjašnjenje terminoloških nedoumica u vezi sa prevarnim radnjama u srpskom i anglosaksonskom jeziku. Autori predstavljaju heterogene oblike ispoljavanja socijalnog inženjeringa i fišinga u IKT sistemima, tj. sajber prostoru, i razmatraju da li se i u kojim slučajevima njihovim vršenjem ispunjavaju zakonska obeležja pomenutih krivičnih dela.
PB  - Ministarstvo unutrašnjih poslova Republike Srbije, Beograd
T2  - Bezbednost, Beograd
T1  - The specific features of perpetration of the criminal offence of fraud using information-communication technologies
T1  - Specifičnosti izvršenja krivičnog dela prevare uz korišćenje informaciono-komunikacionih tehnologija
VL  - 61
IS  - 2
SP  - 68
EP  - 88
DO  - 10.5937/bezbednost1902068M
UR  - conv_274
ER  - 
@article{
author = "Milošević, Mladen and Putnik, Nenad",
year = "2019",
abstract = "Historically speaking, along with the development of ICT, the ways of their misuse developed as well. Whoever may have bad intentions will keep finding new methods to abuse these technologies. These methods are based on vulnerabilities of ICT systems, whether they are technical or related to human factor. This paper describes the phenomena of the so-called social engineering and phishing, as modes of performing the criminal offences of fraud and computer fraud, which are used for illegal collection and abuse of the data of ICT system users, in order to mislead them towards acting in a way that causes harm to their own or someone else's possession, with the intention of illegal gain for the perpetrator. Contemporary phishing attacks are very sophisticated, adapted to the potential victims and adjusted to their affinities. The collecting of information regarding a potential victim is most often done via social networks. Therefore, this paper describes the process of planning acts of fraud and explains two most common techniques for data collecting - via social networks and via the victim's illegal router hijacking. A special emphasis is put on the criminal law treatment of these phenomena in the legislation of the Republic of Serbia, as well as on solving the dilemmas about technical terms in fraudulent acts in Serbian and English languages. The authors present different forms of social engineering and phishing in ICT systems, i.e. cyberspace, and discuss if and in which cases their acts have legal characteristics of the aforementioned criminal offences. The authors also present and analyze Serbian criminal legislation,with the emphasis on the crime of fraud and similar crimes, which are, in their essence, special forms of fraud. The stress is put on the crime of computer fraud and its characteristic features in comparison with the crime of fraud. The authors consider the changes in legislation that would lead to reformulating the crime of computer fraud so as to encompass various acts carried out with the use of the information-communication technologies., Posmatrano iz istorijske perspektive, paralelno sa razvojem informaciono-komunikacionih tehnologija (IKT) razvijaju se i načini njihove zloupotrebe. Zlonamerni akteri kontinuirano pronalaze nove metode za zloupotrebu ovih tehnologija koje su zasnovane na ranjivostima IKT sistema, bilo da je reč o tehničkim ili ranjivostima vezanim za ljudski faktor. U radu su opisani fenomeni tzv. socijalnog inženjeringa i fišinga, kao načina izvršenja krivičnih dela prevare i računarske prevare, kojima se nezakonito prikupljaju i koriste podaci korisnika IKT sistema kako bi se oni doveli u zabludu ili održali u njoj i usled toga postupili na štetu sopstvene ili tuđe imovine, uz nameru sticanja protivpravne imovinske koristi od strane učinioca. Savremeni fišing napadi su veoma sofisticirani, prilagođeni potencijalnoj žrtvi i usklađeni sa njenim afinitetima. Prikupljanje informacija o potencijalnoj žrtvi najčešće se sprovodi putem društvenih mreža. Stoga je u radu opisan proces planiranja prevarnih radnji i objašnjene su dve najzastupljenije tehnike prikupljanja podataka - putem društvenih mreža i putem nelegalnog preuzimanja kontrole nad ruterom žrtve. Poseban akcenat je stavljen na krivičnopravni tretman ovih fenomena u zakonodavstvu Republike Srbije kao i na pojmovno razjašnjenje terminoloških nedoumica u vezi sa prevarnim radnjama u srpskom i anglosaksonskom jeziku. Autori predstavljaju heterogene oblike ispoljavanja socijalnog inženjeringa i fišinga u IKT sistemima, tj. sajber prostoru, i razmatraju da li se i u kojim slučajevima njihovim vršenjem ispunjavaju zakonska obeležja pomenutih krivičnih dela.",
publisher = "Ministarstvo unutrašnjih poslova Republike Srbije, Beograd",
journal = "Bezbednost, Beograd",
title = "The specific features of perpetration of the criminal offence of fraud using information-communication technologies, Specifičnosti izvršenja krivičnog dela prevare uz korišćenje informaciono-komunikacionih tehnologija",
volume = "61",
number = "2",
pages = "68-88",
doi = "10.5937/bezbednost1902068M",
url = "conv_274"
}
Milošević, M.,& Putnik, N.. (2019). The specific features of perpetration of the criminal offence of fraud using information-communication technologies. in Bezbednost, Beograd
Ministarstvo unutrašnjih poslova Republike Srbije, Beograd., 61(2), 68-88.
https://doi.org/10.5937/bezbednost1902068M
conv_274
Milošević M, Putnik N. The specific features of perpetration of the criminal offence of fraud using information-communication technologies. in Bezbednost, Beograd. 2019;61(2):68-88.
doi:10.5937/bezbednost1902068M
conv_274 .
Milošević, Mladen, Putnik, Nenad, "The specific features of perpetration of the criminal offence of fraud using information-communication technologies" in Bezbednost, Beograd, 61, no. 2 (2019):68-88,
https://doi.org/10.5937/bezbednost1902068M .,
conv_274 .

DSpace software copyright © 2002-2015  DuraSpace
About the RhinoSec Repository | Send Feedback

OpenAIRERCUB
 

 

All of DSpaceCommunitiesAuthorsTitlesSubjectsThis institutionAuthorsTitlesSubjects

Statistics

View Usage Statistics

DSpace software copyright © 2002-2015  DuraSpace
About the RhinoSec Repository | Send Feedback

OpenAIRERCUB