Start of main content

Companies have a responsibility to inform the authorities about cybercrimes that threaten their reputation in order to combat Internet fraud

| News | Corporate Law and M&A

61.5% of the total number of judicial or prosecutorial investigations initiated during 2018 for crimes committed through ICTs correspond to fraud and/or embezzlement

Phishing, ransomware attacks, advertising fraud, computer fraud or investment scams are some of the types of computer crime to which e-commerce, services provided in the digital marketplace and citizens themselves are exposed every day due to the misuse of new technologies and misinformation. 

During 2018, the State Attorney's Office Specialized Unit against Computer-related Crime  recorded 9,058 judicial or prosecutorial investigations initiated for cyber-crimes, 61.5% of which corresponded to fraud committed through ICTs, 50% more than in 2017.

This was emphasised at a conference organized by Andersen Tax & Legal on Internet Fraud: keys to fighting it, with the participation of Elvira Tejada de la Fuente, Prosecutor of the National Coordinating Office against Computer Crimes, together with Vicente Moret, Of Counsel of the Andersen Tax & Legal cyber-security area and Attorney at Law.

During the event, Elvira Tejada presented the main threats and how both institutions and companies are combating these crimes related to online fraud. Tejada warned that the profile of the criminals is changing, they have become "professionalized" and are experts in technologies, making the network an ideal space to profit illicitly through deception.

As for the victims, the prosecutor explained that it is necessary to carry out information campaigns on the dangers to which citizens are exposed on the network, as well as awareness campaigns to report to police agencies any fraud that has been victimized citizens, businesses or even institutions.

In this sense, Elvira Tejada explained that, in a significant number of occasions, companies do not report computer attacks due to "reputational fear". The prosecutor also stressed the convenience of jointly analysing the data contained in the various complaints filed with the Security Forces and Corps for acts related to the same criminal activity, in order to obtain appropriate avenues of investigation. This, she said, is particularly useful in those cases in which the isolated examination of each one of them could lead to the erroneous consideration that it is not feasible to determine the author either for technical reasons or because their small amount does not allow the use of investigative measures that affect fundamental rights or, where appropriate, international cooperation mechanisms. On this point, he highlighted the efforts being made by the Network of Specialist Prosecutors against Computer-related Crime, with the support of the State Security Forces and Corps.

The prosecutor also referred to the Council of Europe Budapest Convention, which is open to third parties and signed by 64 countries, including, in addition to European countries, the United States, Japan, Australia and Canada. She explained that since criminal activities are committed through the network, they transcend the borders of the States and it is therefore essential to articulate transnational tools that allow access to this information while respecting the sovereignty of the States and the rights and freedoms of all citizens.

For this to be effective, Tejada stressed the need to sharpen legal solutions based on three parameters: through a legislative evolution that gives answers to the new situations linked to the use of cyberspace, an evolution that is harmonized with the one of other States and according to the criteria established by international organisms, and a legislation that respects the rights and freedoms of the citizens and the informing principles of the rule of law.

End of main content