Computer Fraud
What does computer fraud mean?
The offence of computer fraud under § 263a StGB covers manipulations of data-processing operations carried out with the intent to gain a pecuniary advantage and causing financial loss. Typical scenarios include unauthorised use of PIN/TAN data, false or incomplete inputs, manipulated programs, or other technical interventions. The key difference from classic fraud is that, in computer fraud, no person is deceived—rather, a data-processing operation is manipulated.
Our law firm Buchert Jacob Peter in Frankfurt represents clients nationwide in all matters of criminal defence and the German criminal procedure.
If you are under investigation in Germany for white-collar or corporate crime – for example in connection with the conduct described on this page – you should involve our English-speaking criminal defence solicitors in Frankfurt at an early stage, with particular experience in white-collar and corporate crime defence and, where relevant, also in tax evasion and criminal tax law.
For a confidential initial assessment of your situation and the development of a tailored defence strategy, you can reach us on +49 69 710 33 330 or by email at kanzlei@dr-buchert.de.
Penalties for computer fraud
The basic offence under § 263a StGB is punishable by imprisonment of up to five years or a fine. Attempt is also punishable. Particularly serious cases—such as gang activity or substantial financial damage—can lead to higher sentences under the rules applied to § 263 StGB. Preparatory acts—such as producing or distributing hacking tools, passwords, or security codes—are punishable under § 263a(3) StGB and may carry imprisonment of up to three years.
If you are under investigation, contact our English-speaking criminal lawyers in Frankfurt as early as possible.
Elements of the offence and typical conduct
For computer fraud to be criminally relevant, the result of a data-processing operation must be directly relevant to assets—i.e., the intervention leads straight to a payout, credit, or creation of a claim.
Objective element
- Incorrect program design (e.g., backdoors, manipulated processes)
- Use of incorrect or incomplete data (e.g., false inputs or uploads)
- Unauthorised use of another person’s data (e.g., bank card and PIN)
- Other manipulations of the process (e.g., tampering with vending or POS systems)
Subjective element
Intent is required, together with the purpose of obtaining an unlawful financial advantage for oneself or a third party. This advantage must correspond to the damage (“material equivalence” / Stoffgleichheit).
Typical examples of computer fraud
- ATMs & bank cards: Using third-party cards with PINs to withdraw cash
- Online banking & phishing: Using stolen access data to make transfers
- Online shops & ticketing: Orders with stolen card data or compromised accounts
- Point-of-sale systems: Payments with another’s card and PIN
- Machines & gambling systems: Software manipulations to trigger unauthorised payouts
These examples show the breadth of § 263a StGB—particularly in business-related criminal law and modern financial transactions. See our practice areas for comprehensive defence services, including white-collar crime and tax offences.
Distinguishing computer fraud from other offences
- Fraud (§ 263 StGB): Deception of a person—replaced by manipulation of a data process in computer fraud.
- Evasion of services (§ 265a StGB): Often relates to mechanical machines without a relevant data-processing operation.
- Falsification of probative data: Concerns the evidentiary function of digital data.
- Theft or embezzlement: Removal of a physical object—§ 263a StGB frequently takes precedence in electronic contexts.
- Tax criminal law: Relevant where electronic tax data is false or manipulated.
A precise classification is crucial for an effective defence strategy and for assessing potential penalties.
Common defence approaches in computer fraud cases
A successful defence hinges on a meticulous analysis of the statutory elements and the investigation file. Potential angles include:
- No immediate asset impact: The data-processing result did not yet cause an actual financial loss.
- Lack of intent: Misunderstandings regarding authorisation to use certain data or systems.
- No qualifying manipulation: Use of available system functions without “unauthorised” interference.
- No material equivalence: Advantage and loss are not directly congruent.
Early, targeted defence can lead to termination of proceedings or sentencing mitigation. Our team combines criminal law expertise with IT and finance know-how.
What to do when an investigation starts
At the first summons for questioning or during a search, seek immediate legal assistance. We obtain file access, evaluate the allegations and develop a tailored defence strategy—discreetly and efficiently. We represent individuals and companies, including cases involving alleged gang activity, corporate crime or insolvency-related offences. Learn more about our attorneys.
Why instruct our specialised criminal defence team
- Over 25 years of experience in criminal law
- Specialist lawyers for criminal law with strong white-collar and tax offence expertise
- Discreet, strategic representation throughout Germany
- Individual strategies for entrepreneurs, private individuals and companies
- Close cooperation with IT and financial experts
Call to action: Act in time!
An allegation under § 263a StGB can have far-reaching professional and personal consequences. Do not wait until the situation escalates. Obtain early advice to avoid mistakes and use every opportunity in your case. Contact us for a confidential consultation via our contact page.
FAQ – Computer Fraud (§ 263a StGB)
What counts as a data-processing operation?
An automated, technical process that handles inputs or programs and produces an outcome directly relevant to assets (e.g., cash payout or credit).
Is the attempt punishable?
Yes. Attempt is expressly punishable; rules on particularly serious cases under § 263 StGB may also apply.
Is a wrong barcode at a self-checkout enough for § 263a?
Generally no. Without a relevant data-processing operation, this is usually classified as theft.
When is the use of someone else’s PIN/TAN unauthorised?
Whenever system rules require authorisation and the user merely pretends to have it (e.g., through phishing).
What is the penalty for providing hacking tools?
Producing, providing, or storing passwords or programs can be punishable under § 263a(3) StGB with up to three years’ imprisonment.
Whose assets are harmed—the bank’s or the customer’s?
It depends on the circumstances. Often the bank suffers the loss due to chargebacks or reimbursements.
Does § 263a apply to very small amounts, e.g., contactless payments without PIN?
This is debated. Without an authentication query, § 263a may not apply; other offences might be relevant.
Contact our criminal defence lawyers in Frankfurt and across Germany
- Rechtsanwalt Frank M. Peter, Specialist Lawyer for Criminal Law
- Rechtsanwältin Dr. Caroline Jacob, Specialist Lawyer for Criminal Law
- Of Counsel: Prof. Dr. Frank Peter Schuster
- Cooperation Partner: Tax Consultant and former Tax Investigator Frank Wehrheim
Our law firm Buchert Jacob Peter has been based in Frankfurt am Main for over 25 years with experienced defence lawyers. We represent clients nationwide. Learn more about our attorneys.
📞 Phone: +49 69 710 33 330
✉️ Email: kanzlei@dr-buchert.de
Learn more:
Tax Offences, Criminal Defence, White-Collar Crime, Attorneys
Do you need legal advice?
We advise and represent private individuals and companies in investigative and criminal proceedings nationwide and before all courts. Benefit from our many years of experience and our expertise in criminal defense.