Electronic Signature: How to Protect Yourself From Fraudsters

Introduction: In the ever-evolving landscape of modern work, ensuring a safe and healthy work environment is paramount. HRMS (Human Resource Management System) software plays a pivotal role in cultivating and maintaining workplace safety and well-being. This comprehensive guide explores the multifaceted ways in which HRMS software contributes to a safer and healthier work environment, offering insights into how it empowers organizations to prioritize employee well-being and compliance with safety regulations. I. The Significance of Workplace Safety and Health 1.1 The Impact on Employee Well-being A safe and healthy work environment fosters a culture of well-being, reducing accidents, injuries, and stress levels among employees. 1.2 Legal Compliance and Regulatory Adherence HR software ensures that organizations meet legal obligations and regulatory requirements related to workplace safety, mitigating risks and liabilities. II. Incident Reporting and Response 2.1 Streamlined Inci...

Electronic Signature: How to Protect Yourself From Fraudsters | Total Security Software

Why do you need an electronic signature?

An electronic signature is a digital-analog of a handwritten signature. It gives legal significance to electronic documents, thereby denoting their authenticity.

Besides, an electronic signature is used:

for reporting transmission;

registration of labor relations;

submitting applications for municipal and state services;

participation in public procurement;

conducting external and internal document flow.

According to Art. 5 63-FZ, the law establishes three types of electronic signatures:

A simple electronic signature is made using codes, passwords, or other means. It provides a minimum level of protection.

Strengthened unqualified electronic signature (NEP) - is compiled by the cryptographic transformation of information using an electronic signature key. It allows you to identify the person who signed the electronic document and to detect the fact of making changes to the electronic document after signing it.

Enhanced Qualified Electronic Signature (CEP) - similar to NEP, but more secure. The verification key is listed on the qualified certificate. Electronic cryptography is used to create and verify an electronic signature.

CEP has the largest number of features and the best level of protection, which is why it is the most popular in business.

Electronic signature fraud

The electronic signature cannot be forged by simple copying, as it is protected by cryptography and is associated with the document and the author.

According to paragraphs. 1 p. 1 of Art. 10 63-FZ, the owner is obliged to ensure the confidentiality of electronic signature keys. It is the transfer of keys to third parties that is the most common cause of electronic signature fraud.

Sometimes former employees become scammers, whose manager forgot to revoke their electronic signature. With its help, they can purchase goods or submit non-existent reports, and then hide. The debt will be paid by the head of the organization.

To use someone else's electronic signature, attackers often just need to get a token - the carrier of the electronic signature key - and write the person's passport data on it.

The property

The scheme of fraud with the property of individuals includes the theft of the electronic signature of the owner of the apartment or its receipt using forged or stolen documents.

On August 12, 2019, Law No. 286-FZ came into force, the purpose of which is to reduce the risk of apartment theft by illegal use of an electronic signature. The law ruled that if the owner wants to allow the registration of transactions with an apartment using a digital signature, he will have to contact the Federal Register. He must personally approve the transfer of rights to real estate in electronic form.

However, to be sure to protect yourself from intruders, you can apply to ban real estate transactions in electronic format through the MFC or Rosreestr.

Legal entities

You can register a business online on the FTS website by filling out a package of scanned documents and using the CEP. Fraudsters can also illegally register a business for any person.

The interested party has the right to send a written objection to the registering authority regarding the upcoming state registration of changes to the charter of a legal entity or the upcoming entry of information into the unified state register of legal entities in the form N R38001. The application can be sent to the MFC, by mail or online.

General safety rules

To protect yourself from the theft of an electronic signature, you must adhere to the following rules:

Do not transfer electronic signature. Employees should not have access to the signature private key to avoid their independent actions that can lead to financial losses.

Revoke the electronic signature. When an employee leaves, his signature certificate must be revoked. Otherwise, he can steal the organization's money or even shut it down.

Do not transfer scans and passport details. If this data falls into the hands of attackers, they can issue an electronic signature on it. Although the probability of issuing an electronic signature in this way is small, do not underestimate the scammers.

Protect your computer. The computer must be protected by a password and antivirus. When the user leaves the workplace, the computer must be locked.

New service "Gosuslug"

On October 5, Dmitry Oguryaev, Deputy Head of the Ministry of Digital Development of Russia, spoke about the new capabilities of the State Services portal. Now users of the service can find out about the availability of electronic signatures issued in their name.

"Gosuslugi" receives information about the issued electronic signatures by paragraph 5 of Art. 18 N 63-FZ.

To get the information you need:

Click on the full name of the account.

Name of account

Click on "Settings and Security".

"Settings and Security"

Select "Electronic Signature".