Answer the question
In order to leave comments, you need to log in
Is a programmer liable for the illegal use of his code?
I wrote an email handler for a site for a person, but when submitting the work, I forgot to delete my mail for testing. A few days later, card data began to come to my mail through this script. I don’t know if this person is a scammer, if he receives this data for illegal actions, the site itself indicates that these are money transfers with a minimum commission between banks, and I was not initiated into the purpose of this script - they just say sending letters. But after the letters arrived, I began to assume that something was wrong. The site was ready before me, I only wrote a script for sending and did not look at what was going on around, because. work was 15 minutes.
And the question is, if this person turns out to be a fraudster who uses the result of my work, without my knowledge, for illegal purposes, do I bear responsibility as an accomplice in the crime? Is it legal to continue cooperation with this person if I am not aware of the legality of his actions (neither in the correspondence, nor on the site it is said about fraud, i.e. xs are they scammers, but intuition tells me that something is wrong here , because card data is not encrypted and arrives as is)? Am I required to report this to the police?
Answer the question
In order to leave comments, you need to log in
You were given access to the site, you had the opportunity to see what was "around" there. Fraudsters rarely act like this, somehow it would be stupid.
Write to the customer, let him delete your e-mail. And deal with the end. You formally cease to have anything to do with it.
In general, the store receives card data in an unencrypted form. This is fine. How and where he stores it is his business, as long as it doesn't leak. If you think that this is a leak, and not an internal kitchen, then inform as many interested people as possible about this. This then, if anything, will go as a plus during the defense.
And so in our country such nonsense that no one will give guarantees. Planted for likes. Well, today they don’t put people in jail anymore, but tomorrow they will come up with a new nonsense. In short, even if there is a case against you, I think you have every chance of winning. But it won't work, IMHO.
Looking at what card data. If the card number is complete and the CVV2 / CVC2 code with the card validity date and owner, and the customer does not have a banking license - and it is most likely not, since they would hardly have left your email, since there are strict software requirements, then this is a reason file a police report immediately. Otherwise, if the owner of the card is found to be missing, they will also contact you. And then try to prove it - maybe you left your email there on purpose ...
If the card data is incomplete - the card number is blinded and the CVV2 / CVC2 code is missing - then just unsubscribe to the customer to remove your email from the code out of harm's way ...
The site was ready before me, I just wrote a script to send...
In general, I agree that suspicion is not a reason for sudden movements. It is necessary, first of all, to collect more information, on the basis of which it would be possible to draw some unambiguous conclusions.
This security hole needs to be closed. To do this, you need to notify the customer in writing about the need to remove the debug sending of letters. And at the same time ask for what purposes credit card data is being sent.
It is impossible to answer this question unambiguously.
If this person is a scammer, if he is caught, he may very well turn you in as an accomplice, even if you did not know anything at all. The police are much more interested in "exposing a criminal group", so they are pushing for this, usually. So the fact that formally, you did not participate in a criminal conspiracy does not mean that this will not be "sewn" to you.
If he's a fraud, it's not easy to find out without exposing yourself. Just asking directly is not an option.
So think.
If he's not a swindler, then it's still not done that way, of course. And to understand whether this is fraud, or just terrible stupidity, is also simply impossible.
Last week, somewhere in Kirov, the head physician of a polyclinic was locked up in a pre-trial detention center because some crazy woman starved her child to death in her area. Try to logically connect these two events ...
As things turn out, you will have problems of this size.
The most accurate answer for Russia.
Simply, do not make unnecessary movements and find a lawyer in advance, talk to him first and leave his phone number with your family (well, save the money).
You will be sent for storage. The drummer of your mail takes you away from responsibility.
Was there a written contract, that he was the customer, and you are the executor of some part of it? If there was no written agreement and everything was in words, then you are an accomplice. Go to the customer's website, see what's there, and then draw conclusions where to run. Whoever betrays everyone first is clear before the law :-)
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question