Abstract
Cyberspace is an environment in which cyber-attacks can be committed. Fraudulent attacks are one of the oldest cyber-attacks of all. The aim of this article is to familiarize the reader with the evolution of phishing and Business Email Compromise (BEC) attacks that occurred to a large extent in the cyberspace of the Czech Republic from 2014 to 2018. The article describes scam, phishing and BEC definitions, as well as individual ways of implementing specific attacks. Special attention is also paid to the possible criminal liability of the attacker for the described cyber-attacks, both according to the international legal regulations (enshrined in the Convention on Cybercrime) and according to the legislation of the Czech Republic.
Highlights
IntroductionCybercrime is considered a new kind of crime but the major part of this criminal offence uses or transfers notorious kinds of illegal conduct (e.g. fraud, copyright breach, theft, bullying, etc.) in the digital environment where such crimes can be committed in a more “effective” way compared to the real world
Cybercrime2 is considered a new kind of crime but the major part of this criminal offence uses or transfers notorious kinds of illegal conduct in the digital environment where such crimes can be committed in a more “effective” way compared to the real world.The approach which is very frequently adopted by attackers in a virtual environment can be compared to an “area bombing” while with such massive extent of the attack, one can assume that there will be someone who will fall for it.On the other hand, currently there are more and more cyber-attacks3 which are very targeted, prepared for a long time and which use elements of social engineering in a way that the attackers can achieve their goal.J
In order to understand the issue better, it provides definitions of the terms “scam”, “phishing” and “Business Email Compromise” first and presents some significant fraudulent attacks that occurred in the Czech Republic
Summary
Cybercrime is considered a new kind of crime but the major part of this criminal offence uses or transfers notorious kinds of illegal conduct (e.g. fraud, copyright breach, theft, bullying, etc.) in the digital environment where such crimes can be committed in a more “effective” way compared to the real world. In the broader sense of the term phishing may refer to any fraudulent act the purpose of which is to inspire confidence, make the user drop their guard, or in any other way make the user accept the scenario prepared by the attacker in advance In this concept, the user is not requested to fill in the login data but they receive a message (or the user is redirected to a website) which usually contains malware that is able to collect the data itself. In case of a BEC, the attacker prepares for the attack very thoroughly and tries to obtain maximum information about the victim before the attack takes place They use websites, annual reports, information about the organization’s employees from social networks, compromised email accounts, etc. Sending a spoofed email to an employee of the victim Sums required in this way usually range from several hundred Euros to € 4,000.). It is de facto the most significant digital footprint which allows identification of the attacker.)
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
