诈骗 | Scams CN

骗局是一种通过获取信任，随后利用该信任来骗取金钱或个人信息的欺诈行为。骗局的实施者使用越来越复杂的方法，通常包括社会工程学的手段。常见的操作方式包括大规模发送电子邮件、直接电话联系或使用各种类型的网站引诱受害者。使用社会工程学的骗局基本类型包括“爷爷奶奶骗局”、“警察骗局”或使用热门分类网站（如OLX或Vinted）的骗局。受害者通常会相信骗子是警察、办事员或银行员工，并按照他们的指示行事，结果导致骗子获取个人信息或密码。

骗局的种类还包括：

• 网络钓鱼（phishing）——通过欺诈手段获取数据和其他敏感信息。获取的数据通常用于转账、贷款申请或开设新银行账户；
• 定向钓鱼（spear phishing）——一种个性化的电子邮件攻击，针对预先选定的群体尽可能多地发送消息；
• 短信钓鱼（smishing）——基于骗子发送包含恶意链接的信息，例如假冒网站，或要求为快递或电费支付小额附加费；
• 语音钓鱼（vishing）——也称为电话网络钓鱼。这种骗局不需要高级IT知识，通常通过电话进行钓鱼。骗子可能冒充公共机构的代表或受害者认识的人，例如，员工接到冒充上司或公司总裁的电话，要求访问特定信息。骗子可以通过使用语音变声工具来操纵员工进行骗局。

全球范围内骗局的增长率非常高。大部分骗局通过移动设备实施，攻击通常试图获取银行或金融运营商应用的登录凭据。在新兴市场中，由于数字化转型的推进和电子银行业务的重要性增加，攻击数量的增长尤为明显。这些市场的客户数量不断上升，为骗局提供了更多机会。为了更好地说明该现象的规模，仅在2023年上半年，通过黑客攻击、网络钓鱼和其他类型骗局的犯罪行为所骗取的资金价值就已达数亿美元。

在波兰，银行提供的报告显示，主要对欺诈性卡片交易和信用转账交易的数量和价值进行了审查，其中卡片交易在欺诈数量方面占主导地位。然而，比较骗取的金额时，信用转账交易造成的损失更大。近年来，超过85%的涉及卡片交易的欺诈行为发生在国外。

我们律师事务所提供的服务范围包括：

• 在应对欺诈案件中提供法律援助，包括与金融机构联系以及协助通过网站——如波兰计算机事件响应小组（CERT Poland）——报告事件；
• 提供法律咨询，以追偿因犯罪造成的损害，包括起草刑事通知；
• 在刑事诉讼中的受害者代理，无论是在准备程序阶段还是在司法程序阶段；
• 在与执法机关和司法部门的日常联系中提供支持；
• 与信息技术领域的专家证人合作；
• 进行培训。

我们的服务面向以下对象：

• 受骗局伤害的个人；
• 金融机构；
• 寻求刑事合规专家的公司；
• 寻求刑事法律专业知识的专家。

Scam is a form of fraud that involves inducing trust in someone and then using that trust to extort money or personal information. The perpetrators of scams use increasingly sophisticated methods, often including the use of social engineering. Most often, the procedure involves mass-mailing in electronic form, direct telephone contact or various types of website solicitations. The basic types of scams using social engineering include grandparent and policeman scam, or scam using popular classifieds sites such as OLX or Vinted. The victim of a scammer is convinced that a policeman, clerk or bank employee is calling him and follows any instructions that are given to him, which ends up with the scammer obtaining personal information or passwords.

Among the varieties of scam can also be mentioned:

• phishing – extortion of data and other sensitive information. The acquired data is usually used to make a transfer, take out a loan or open a new bank account;
• spear phishing – a personalized email attack that involves sending messages to as many recipients as possible, targeting a pre-selected group;
• smishing – a scam based on a scammer sending messages containing links with malware, e.g. to fake websites or asking for a small surcharge on a courier or electricity bill;
• vishing – otherwise known as voice phishing. This type of scam does not require advanced IT knowledge and involves phishing during a phone call. The scammer may impersonate a representative of a public institution or a person known to the caller, e.g. an employee is called by a scammer pretending to be a superior or the president of a company and asking for access to specific information. An employee can be manipulated into a scam by using voice-altering tools.

There is a high rate of scam growth worldwide. A large part of it is carried out using mobile devices, and the attacks consist of attempts to seize login credentials for a bank or financial operator’s application. The largest increase in attacks has been registered in emerging markets, where digital transformation is progressing and e-banking is increasingly important and has more customers. To better illustrate the scale of the phenomenon in question, it should be noted that the value of extorted funds by criminals in hacking, phishing and other types of scam attacks amounted to hundreds of millions of dollars in the first half of 2023 alone.

In Poland, reports provided by banks show that the number and value of fraudulent card and credit transfer transactions are mainly examined, with card transactions dominating in terms of the number of frauds. If one compares the value of the money defrauded, transactions via credit transfer caused greater losses. In recent years, more than 85% of frauds involving card transactions have been carried out abroad.

The scope of services provided by our law firm:

• legal assistance in responding to fraud cases, including, among other things, contacting financial institutions, as well as assistance in reporting the incident via the website – CERT Poland’s computer incident response team;
• legal counseling to redress the damage caused by the crime, including the drafting of criminal notifications;
• representation of the victim in criminal proceedings both at the preparatory and judicial proceedings stage,
• support in ongoing contacts with law enforcement agencies and the judiciary;
• cooperation with expert witnesses in the field of information technology;
• conducting trainings.

Our offer is addressed to:

• persons victimized by scam;
• financial institutions;
• companies seeking criminal compliance specialists;
• experts seeking criminal legal expertise.