Banks reimburse more than 870 million rubles stolen by cyber fraudsters

In 2019, seven out of ten embezzlements were carried out using social engineering techniques, that is, deceit or abuse of trust. Citizens provided data directly to cyber criminals and lost their funds as a result — this fact largely explains the sum of reimbursement. In accordance with laws, banks must reimburse stolen funds to their customers if they comply with contractual terms and conditions, in particular if they do not provide data the dissemination of which results in the loss of funds (phone number, password from a text message, CVV, etc.) to fraudsters. The provision of confidential information to fraudsters by customers is the most widespread violation of contractual terms and conditions. Approximately one year ago, the Bank of Russia introduced a new reporting form that helps track how conscientiously credit institutions comply with the law that provides for the reimbursement of stolen funds.

Most funds (approximately 3 billion rubles) were stolen when citizens made online payments for goods and services. As many as 2.2 billion rubles were stolen through remote banking systems. ATMs and payment terminals were used to steal 525 million rubles last year. Fraudsters carried out 572,000 transactions to withdraw approximately 5.7 billion rubles from individual accounts without customers’ approval. Legal entities lost 701 million rubles stolen by cyber fraudsters through more than 4,600 unauthorised transactions.