Russia Rolls Out New Cybercrime Crackdown

The Kremlin just passed its second sweeping package of anti-cybercrime measures, arming telecoms, banks, and government platforms with new tools to fight fraud — and making them legally liable when they fail.

Russia has approved a second legislative package aimed at fighting cybercrime and online fraud, a move that includes nearly 20 new measures. The updates are designed both to shield citizens through advanced digital tools and to increase penalties for cybercriminals, according to the state-run outlet RIA Novosti.

For the first time, telecom operators and banks are now required to reimburse customers if fraud happens due to their inaction. Mobile carriers must block numbers used for scam calls and feed the data into a national “Anti-Fraud” registry.

Russia’s official government portal, Gosuslugi, will soon let users track and revoke permissions for personal data processing, as well as flag violations. If an account is hacked, access can be restored via biometric authentication, banking apps, the national messenger, or local service centers.

The package also introduces an extrajudicial mechanism to block phishing websites. Mobile subscribers will be able to block foreign numbers entirely, while international calls will come with a new warning label.

Some measures are already in place. Since June 1, employees of state agencies and banks have been barred from using messengers for work communication, and citizens can opt out of spam mailings. Starting in September, Gosuslugi will offer a self-ban option to prevent unauthorized SIM card registrations.

Cybersecurity experts predict the new rules — combined with harsher penalties — could sharply reduce the number of fraud attacks in Russia.