Currently, the problems associated with the growth of crime in the field of information and telecommunication technologies are becoming increasingly important. Criminals who commit theft in the field of information and telecommunication technologies regularly improve their criminal skills, using in their activities not only modern software tools, but also social engineering methods — certain techniques, as a result of which the victim either independently transfers his money to the account of criminals, or transfers confidential information (for example, personal data, payment card data, control information, passwords) necessary to gain access to the account. The article identifies and analyzes the methods of social engineering used in criminal activity as a kind of deception and psychological manipulation of people in order to obtain unauthorized access to confidential information or theft of funds. The paper substantiates the approach, according to which the study of social engineering methods is conditioned by the need to study them in relation to those characteristics that can make it possible to determine the features of the methods of preparing, committing and concealing a crime, to identify the localization of typical traces of criminal activity, to give a forensic characterization of the identity of the offender and the victim, to determine the context of the crime. The solution of this problem will allow not only to effectively reveal and investigate crimes in the field of information and telecommunication technologies, but also to take measures to prevent them.
criminalistics, crime investigation, social engineering, cybercrime, social engineering methods, information and telecommunication technologies
1. Official website of the Ministry of Internal Affairs. Brief description of the state of crime in the Russian Federation for January-December 2019, 2020, 2021. URL: https://mvd.rf/reports (accessed 19.01.2022). (In Russ.)
2. Explanatory note to the draft federal law “On Amending the Criminal Code of the Russian Federation (in terms of strengthening criminal liability for embezzlement of funds from a bank account or electronic money)ˮ. URL: https://sozd.duma.gov.ru/bill /186266-7 (accessed 10.11.2021). (In Russ.)
3. Official website of the Central Bank of Russia. Overview of transactions made without the consent of clients of financial institutions in 2021. URL: http://www.cbr.ru/analytics/ib/operations_survey_2021/#highlight=social%7Cengineering (accessed 10.07.2022). (In Russ.)
4. Statistical data of the Federal State Statistics Service of the Russian Federation (form of federal statistical observation no. 280 ITT “Information on crimes committed using information and telecommunication technologiesˮ) On the methods of committing crimes using or using information and telecommunication technologies for 2020, 2021 and 9 months 2022. (In Russ.)
5. Bakhteev D. V. On some modern methods of committing fraud in relation to the property of individuals. Russian law: education, practice, science, 2016, no. 3 (93), pp. 24-26. (In Russ.)
6. Yangaeva M. O. Social engineering as a way of committing cybercrime. Bulletin of the Siberian Law Institute of the Ministry of Internal Affairs of Russia, 2021. no. 1 (42), pp. 133-138. (In Russ.)
7. Osipenko A. L. Fighting crime in global computer networks: international experience. Moscow: “Normaˮ Publ., 2004. 432 p. (In Russ.)
8. Golovin A. Yu., Golovina E.V. Social engineering in the mechanism of criminal activity in the field of information and telecommunication technologies. Izvestiya TulGU. Economic and legal sciences, 2021, no. 2, pp. 3-13. (In Russ.)
9. Hadnagi K. Art of deception: social engineering in fraudulent schemes. Alpina Publ., 2020. 430 p. (In Russ.)
10. Judgment of the Kurgan City Court of the Kurgan Region no. 1-27/2019 1-885/2018 of February 25, 2019 in case no. 1-27/2019. (In Russ.)
11. Zheludkov M. A. Justification of the need to adapt the activities of law enforcement agencies to the conditions of digital transformation of the criminal environment. Lex russica (Russian law), 2021, vol. 74, no. 4 (173), pp. 63-70. (In Russ.)
12. Judgment of the Zheleznodorozhny District Court of Barnaul, Altai Territory in case no. 1-93/2020 of July 28, 2020. (In Russ.)
13. Maksimenko R. O., Zvyagintseva P. A. Typical impact algorithm in social engineering. Interexpo Geo-Siberia, 2019, no. 2, pp. 33-38. (In Russ.)
14. Uvarov V. A. Three pillars of financial security policy. Police of Russia, 2022, no. 5, pp. 20-23. (In Russ.)
15. Official website of the Central Bank of Russia. Countering fraudulent practices. URL: http://www.cbr.ru/information_security/pmp/#highlight=social%7Cengineering (accessed: 13.06.2022). (In Russ.)
16. Materials of the criminal case no. 12001410033000493, initiated on 09/24/2020 by the SO MIA of Russia in the Slantsevsky district of the Leningrad region on the grounds provided for in part 4 of art. 159 of the Criminal Code of the Russian Federation. (In Russ.)
17. Materials of the criminal case no. 12016000960002095, initiated on 09.09.2021 by the Investigative Department for the RP on the maintenance of the police department No. 8 of the Investigative Directorate of the Department of the Ministry of Internal Affairs of Russia for the city of Rostov-on-Don on the grounds of part 2 of art. 159 of the Criminal Code of the Russian Federation. (In Russ.)
