Expert Osipov: Financial Fraudsters Are Now Targeting Teenagers
A draft law on the prevention of cybercrime among children has been submitted to the State Duma. The proposed amendments aim to enhance measures for preventing online violations among teenagers. This article explores whether these changes will help protect children from criminals who are actively preying on them, or more precisely, on their families` money, through the internet.
Threats and Blackmail
A high school senior in Moscow recently sent 200 million rubles to fraudsters in February. An unknown caller contacted the 17-year-old, pretending to be a delivery service employee. They asked for a «code from an SMS» to prevent the «order from being disposed of and return it to the pickup point.» The student complied. Afterward, another call came, this time allegedly from Roskomnadzor. The teenager was convinced his Gosuslugi (State Services) profile had been hacked, and fraudsters had already created powers of attorney for his family`s bank accounts and seized their money. He was told the entire sum had fallen into the hands of someone who could send it to terrorists. The frightened teenager was at a loss, until some time later, an alleged «special services officer» contacted him. He claimed the student`s apartment needed to be searched. However, it would be better if the eleventh-grader conducted the «search» himself and simply handed over the remaining money «for safety» to a courier. The boy did as instructed. His parents` money was kept in safes in several apartments, but this did not deter the youth. He used an angle grinder to open one of the safes, took out $400,000 and 80 million rubles, packed the money into a bag, and handed it to the courier. To open another safe, he called specialists in complex locks. They helped him retrieve another 50 million rubles, which were also given to a courier. A housekeeper discovered the missing money. She contacted the teenager`s mother, who spoke with her son and, realizing what had happened, went with him to the police.
Such incidents have been appearing in the press and Telegram channels with alarming frequency for several years now. The fact that children who merely exchanged messages with someone are then blackmailed with accusations of «assisting the Armed Forces of Ukraine» no longer surprises anyone. What is frightening is something else: fraudsters know a great deal about these children.
For example, criminals called a tenth-grader from Tambov pretending to be the «advisor to the director for educational work.» The caller introduced herself using the correct name and initials of the actual teacher holding that position at the school. The fake school employee asked if the girl used «Dnevnik.ru» (an online school diary). The high schooler`s mother said she regularly discussed scam tactics with her daughter and explained why she shouldn`t talk to strangers, but the fact that the pseudoteacher used the real name didn`t arouse suspicion in the girl. Then, a call came allegedly from the MFC (Multifunctional Center for State Services). The girl was told someone had logged into her account from another region. This meant fraudsters had gained access to her Gosuslugi page, to which her parents` data was linked. And now everyone would be checked for «sending money to the AFU from their accounts.» The girl was warned about a call from a » следoватель» (investigator). And indeed, one called. He promised to help, but his assistance somehow turned into threats. «Because of your stupidity, your parents might go to prison, and only you are to blame!,» the fake investigator stated in a message to the child. «I am trying to help you right now, but you are not informing me about classes, you are closing calls, and generally, as I understand it, you are not very interested in solving this problem. With such an attitude, I will simply give up on you, let the FSB handle the case, let them take your parents into custody, and send you to an orphanage until you come of age!!! Either you answer calls and report every step, as I am responsible for you with my head, or deal with the FSB yourself. The choice is yours.» (Spelling and punctuation of the criminals preserved.)
At this point, the girl doubted she was talking to a real employee and asked for identification. And he sent it! As it turned out later, it was a photo of a participant from a reality show about psychics on a TV channel. The girl was told the conversation was strictly confidential and that if adults found out about the call, they would become accomplices. To prove the student wasn`t «helping the enemy army,» she was asked to photograph all the money in the house. If her mother, concerned by her child`s upset appearance, hadn`t intervened, they would have then asked for photographs of bank cards and account access details.
Forewarned is Forearmed?
To protect children from such criminal actions, authorities are seeking to expand legal norms. «We propose to enshrine in federal law a direction of prevention related to violations using internet capabilities — cybercrimes — so that in schools and everywhere covered by the prevention system, we can tell children about dangers, challenges, how to react, and about responsibility as well,» emphasized Deputy Metelev. The parliamentarian added that the wording of the provisions is currently being refined with the Prosecutor General`s Office. The new norms may be adopted within the current session of the State Duma. According to the deputy, 40% of all crimes today occur using the internet. This includes not only extorting money from parents through children but also recruitment and drop-shipping (providing personal data to criminals for use in withdrawing stolen funds).
The parliamentarian believes that minors do not know their rights and do not fully understand the extent of responsibility. Many teenagers are lured into criminal activity through online games and other forms of online communication. Everyone needs to be warned about this, Metelev believes. And teenagers themselves should not have legal nihilism, where they claim during interrogations after committing crimes that they did not know they were doing something illegal, the deputy is convinced.
Grigory Osipov, a former FSB employee and now Director of Investigations at the digital asset security platform SHARD, spoke to «MK» about whether the proposed measures will help combat fraudsters and what the scope of the problem of involving teenagers in criminal orbits is in Russia today.
— How many children have been involved in fraudulent activities recently?
— Modern children and teenagers are generations of millennials and zoomers who have been involved in digital reality since birth. They also make up the majority of internet users, making them both potential criminals and victims of cyber fraudsters. Their involvement is confirmed by statistics on the time teenagers spend online — from 4-6 hours daily «sitting» on the phone or computer.
According to the official report of the Ministry of Internal Affairs of Russia for last year, the number of crimes using the internet reached 40% of the total number of crimes. Also, according to the same statistics, in 2024, 21,000 minors violated the law. Data from the Investigative Committee of the Russian Federation indicates that in 2024, a total of 9,500 teenagers aged 14-17 were brought to criminal responsibility for committing crimes. More than half of all crimes committed by minors are mercenary crimes, meaning theft and fraud, most of which are committed online.
— And what can be said about the process of involving teenagers in criminal schemes?
— In addition to their direct involvement in committing crimes, in 2024, the trend of involving children in criminal activity, primarily in fraudulent schemes and hacking attacks, increased by almost 35%. Children were previously involved in illegal online activity, including in the drug trade, cash withdrawal, performing one-off tasks, courier and intermediary functions.
It should be noted that within the framework of the information war with Ukraine, the involvement of children in hacking attacks and breaches under various pretexts has become a separate focus for the adversary, as teenagers are often more naive and susceptible to influence and manipulation. Within this area, children are involved in acts of intimidation, arson, and bombings.
The problem of «drops,» which now carries criminal liability, can also be attributed to a way for teenagers to earn money online, as those aged 14 and older can sell their passport data for use in unlawful activities.
— But children often become victims in such schemes themselves. Are they deceived using the same methods as adults?
— Indeed, there are frequent cases where fraudsters, posing as law enforcement officers through video calls, contacted teenagers. Under their influence, the minors provided data about their parents` bank cards, valuables stored in the house, as part of a so-called «virtual search,» and even transferred or handed over large sums of money to the perpetrators multiple times.
Furthermore, children are vulnerable to cyberattacks, including phishing, blackmail, and extortion online – in most cases through computer games and social networks. Here, criminals offer to buy extra points to «improve game speed,» propose selling virtual items profitably, or a «pumped-up gaming account.»
Cases of infecting Android devices are also recorded, with an increase in fraudulent programs disguised as children`s computer games. This confirms the growth of phishing and Trojan threats targeting children. These data show a systematic problem: children are becoming both objects and tools of internet fraudsters.
Special Approach and Attention
— Should protecting children from fraudsters be addressed in a separate bill?
— Children are a unique and extremely vulnerable group of internet users who need specific legal and informational protection mechanisms different from those provided for the adult population.
Firstly, children`s level of digital literacy is significantly lower than that of adults. According to a report, over 46% of posts on the Russian internet in 2023 contained phishing links. And most Russian children (79%) receive friend requests from strangers on social networks.
Secondly, the psychological characteristics of the child audience require a separate approach. Children are more susceptible to manipulation. Fraudsters actively use social engineering schemes, appealing to fear, trust in adults, gaming interests, or the desire to be «in the team.» Phone fraudsters often pose as school teachers, social workers, or tech support employees for popular games and social networks. As a result, children themselves give fraudsters confirmation codes, logins, passwords, or parents` bank card details.
The third reason is the involvement of children in criminal schemes as unwitting accomplices. In recent years, there has been an increase in cases where teenagers are used as «droppers» or «cashers.» A child agrees, for a small fee, to conduct a transaction through their bank card without realizing they are becoming a link in a money laundering chain. Without proper legal regulation, schools and guardianship authorities are effectively deprived of tools for early detection of such risks and prevention of minors` involvement in criminal schemes.
Fourthly, the current legislation system in the Russian Federation in the field of cybersecurity is rather general. Laws aimed at combating fraud, bank card fraud, countering the spread of malicious software, and protecting personal data apply to all citizens without specific emphasis on the children`s category. At the same time, school curricula, as a rule, do not have mandatory courses on digital security, which leaves a huge gap in prevention.
Thus, measures for educating and preventing crime among minors are an important area of activity that should be systematic and widespread. Unfortunately, such an approach is not yet observed in this area. The initiative with the law may help activate this direction.
— What are the specific aspects of protecting children from the actions of fraudsters?
— You cannot just give a child a tablet, phone, or computer simply so they occupy themselves and don`t demand parental attention. And if you do that, then parents shouldn`t be surprised later why the child was involved in unlawful activity online.
Children are more trusting, prone to impulsive decisions, and poorly informed about online risks, so the basis of protection should be systematic digital security education. Introducing mandatory cybersecurity courses into the school curriculum will allow children to learn about common fraudulent schemes, social engineering methods, and safe online behavior rules.
An additional measure should be the widespread implementation of parental controls and technical filters. Parents should have tools to restrict access to dangerous sites, track suspicious activity, and receive notifications about their child`s risky actions online. IT companies, communication operators, and banks can also contribute by implementing systems for early detection of fraudulent transactions involving minors.
It is equally important to conduct explanatory work with children about the legal consequences of participating in criminal schemes, and also to train parents and teachers to recognize warning signs. Creating a state online platform for child cybersecurity will help combine educational materials, hotlines, and tools for quick response.
— Will the bill proposed by the deputies help protect children from the actions of fraudsters?
— The problem of preventing teenage and child crime is relevant, and the measures in the bill are quite understandable. The main problem is that the law itself, focused only on prevention, cannot replace technical protective measures, hindering the actions of fraudsters, and rapid response systems from banks and internet companies. Without a comprehensive approach, which should include strict measures against fraudsters and active participation of IT companies, the effectiveness of these lectures may remain low.
Furthermore, the success of the law will depend on its implementation in schools and universities, so that it doesn`t become a mere formality. Therefore, it is important to develop recommendations for teachers, involve cybersecurity specialists, and use modern teaching methods.
