Specifičnosti izvršenja krivičnog dela prevare uz korišćenje informaciono-komunikacionih tehnologija

Abstract

Historically speaking, along with the development of ICT, the ways of their misuse developed as well. Whoever may have bad intentions will keep finding new methods to abuse these technologies. These methods are based on vulnerabilities of ICT systems, whether they are technical or related to human factor. This paper describes the phenomena of the so-called social engineering and phishing, as modes of performing the criminal offences of fraud and computer fraud, which are used for illegal collection and abuse of the data of ICT system users, in order to mislead them towards acting in a way that causes harm to their own or someone else's possession, with the intention of illegal gain for the perpetrator. Contemporary phishing attacks are very sophisticated, adapted to the potential victims and adjusted to their affinities. The collecting of information regarding a potential victim is most often done via social networks. Therefore, this paper describes the process of planning acts of fraud and explains two most common techniques for data collecting - via social networks and via the victim's illegal router hijacking. A special emphasis is put on the criminal law treatment of these phenomena in the legislation of the Republic of Serbia, as well as on solving the dilemmas about technical terms in fraudulent acts in Serbian and English languages. The authors present different forms of social engineering and phishing in ICT systems, i.e. cyberspace, and discuss if and in which cases their acts have legal characteristics of the aforementioned criminal offences. The authors also present and analyze Serbian criminal legislation,with the emphasis on the crime of fraud and similar crimes, which are, in their essence, special forms of fraud. The stress is put on the crime of computer fraud and its characteristic features in comparison with the crime of fraud. The authors consider the changes in legislation that would lead to reformulating the crime of computer fraud so as to encompass various acts carried out with the use of the information-communication technologies.