From July 25, 2024, changes to the law on the national payment system come into force in Russia, obliging banks to compensate customers for money stolen by cybercriminals. This was reported by the Department of the Ministry of Internal Affairs of Russia for combating cybercrime.
According to the new amendments, all Russian banks must now not only control the transactions of their clients, but also block access to remote banking services for persons involved in withdrawing and cashing out stolen funds — the so-called "droppers."
The number of bank cards that a person can have is not limited, which is what "droppers" use. They either sell their card details or participate in cashing out stolen funds themselves, receiving a percentage for this. Now banks will be able to disconnect such clients from remote services.
If a person transfers money to a "dropper" account and the bank allows this transaction to go through, then the financial institution will be obliged to compensate the client for the entire amount within 30 days.
Previously, tracking the chain of transfers took a long time due to the need to send requests to the Ministry of Internal Affairs. Now, banks will receive information that the recipient of funds is in the database of the Ministry of Internal Affairs, through FinCERT (Center for Interaction and Response of the Information Security Department of the Bank of Russia) immediately upon transfer. A suspicious transfer will be blocked immediately.
Bank clients will be notified of the blocking of funds separately. Within two days of freezing (the so-called cooling-off period), the client will have to confirm or cancel the transaction.
Read materials on the topic:
Scammers teach Russians how to withdraw money from Hamster Kombat
Deceive the scammer: T-Bank is testing a new service to combat telephone fraudsters
