Juridical Analysis of Phishing Prevention in the Financial Institution Sector

Muhammad Fadhooil Bagus Perdana; Moch Zulfa Nur Vais; Muhammad Zidane Adjiasvino; Muhammad Tsalas Fahmi Al-Hakim; Muhammad Ranadhif Al-Fairuz; Muhammad Daffa Muhaimin

Authors

Muhammad Fadhooil Bagus Perdana Universitas Muhammadiyah Surakarta Author
Moch Zulfa Nur Vais Universitas Muhammadiyah Surakarta Author
Muhammad Zidane Adjiasvino Universitas Muhammadiyah Surakarta Author
Muhammad Tsalas Fahmi Al-Hakim Universitas Muhammadiyah Surakarta Author
Muhammad Ranadhif Al-Fairuz Universitas Muhammadiyah Surakarta Author
Muhammad Daffa Muhaimin Universitas Muhammadiyah Surakarta Author

Keywords:

Phising, Financial Institutions, Siber Crime, Online Financial Services, OJK

Abstract

Phishing crimes are becoming increasingly prevalent as more people use digital technology and online financial services, but the implementation of data protection regulations faces constraints in terms of monitoring and enforcement capacity in the field. This research was conducted using a normative juridical method with a descriptive research nature that relies on an analysis of laws and regulations, expert opinions, and sectoral regulations such as the ITE Law, the Personal Data Protection Law, the Criminal Code, and provisions from the Financial Services Authority (OJK) and Bank Indonesia. The research problem formulation covers two main points: (1) What are the legal regulations for phishing crimes, and (2) How effective is the implementation of legal provisions in efforts to combat phishing crimes in Indonesia. The results of the study indicate that normatively, regulations are quite comprehensive through a combination of criminal regulations, personal data protection provisions, and electronic system security standards in the financial services sector. However, in practice, law enforcement still faces several obstacles such as limited digital forensic capabilities, difficulties in obtaining cross-border electronic evidence, weak coordination between relevant institutions, and low levels of digital literacy in the community. In addition, financial institution security standards are not yet fully uniform, so there are still gaps that can be exploited by phishing perpetrators. This study concludes that the effectiveness of phishing countermeasures is suboptimal because the implementation of the legal formula has not been as robust as its normative concept. Therefore, a more comprehensive approach is needed through increased investigator capacity, updated digital forensic procedures, tightened security standards for electronic system providers, strengthened inter-agency coordination, and regular public education to ensure more effective phishing prevention and enforcement efforts and protect users of digital financial services.

Downloads

Download data is not yet available.

References

Anjheli, D. (2024). Privasi Digital dan Kejahatan Phishing di Indonesia : Evaluasi Kritis terhadap Efektivitas UU ITE dan UU PDP Berdasarkan laporan Asosiasi Penyelenggara Jasa Internet Indonesia ( APJII ) tahun 2023 , lebih dari 215 juta penduduk telah terhubung. 4(1).

Apriani, R. (2025). The Legal Protection Regarding Consumer Losses in Banking Transactions Caused by Phishing. PENA JUSTISIA: MEDIA KOMUNIKASI DAN KAJIAN HUKUM, 24(1), 733–748.

Aryono, & Barkhuizen, J. (2021). Criminal Law Enforcement of Phising Attacks on Online Banking Services. 2nd International Conference of Health, Science and Technology, 360–363.

Az-zahra, I., & Labib, Z. M. (2024). Perlindungan Hukum bagi Nasabah dalam Kasus Phising dan Siber Perbankan di Indonesia. Yurisprudentia: Jurnal Hukum Ekonom, 10(2), 405–425.

Aziz, L., Ardy, F., Istiqomah, I., Ezer, A. E., Neyman, S. N., & Linux, K. (2024). Phishing di Era Media Sosial : Identifikasi dan Pencegahan Ancaman di Platform Sosial. 4, 1–11.

Banjarnahor, A. C., Priyana, P., Karawang, U. S., Hukum, F., Karawang, U. S., & Hukum, F. (2022). KASUS PHISING KREDIVO. 6(1).

Cahyaningsih, R. D., Fauzan, A., Hasbi, S., & Winanti, A. (2025). Kebijakan Hukum Pidana Dalam Penanggulangan Tindak Pidana Phising Dengan Undang-Undang Perlindungan Data Pribadi : Studi Perbandingan Indonesia dan Malaysia Criminal Law Policy for Combating Phishing Crimes Through the Personal Data Protection Act : Compa. Abdurrauf Science and Society, 1(4), 800–811. https://doi.org/10.70742/asoc.v1i4.283

Ekawati, D., Haryanti, A., & Herdiana, D. (2025). Phishing in the Banking Sector: Between Cybercrime and Consumer Protection. SIGn Jurnal Hukum, 7(1), 133–151.

Fathonah, R., Cemerlang, A. M., Lampung, U., & History, A. (2025). Received: April 2025 Reviewed: April 2025 Published: April 2025. 11(9).

Irawati, H. P. (2024). Enforcement of Laws Against the Sale of Phishing Links for the Purpose of Personal Data Theft Based on the ITE Law. 3(4).

Lahagu, F., Erma, Z., & Nasution, R. (2025). Law Enforcement Against Cyber Crime in the Form of Phishing According to Law Number 1 of 2023 Concerning Criminal Code. 15(03), 869–878. https://doi.org/10.58471/justi.v15i03

Lokapala, Y. H., Nurfauzi, F. J., & Widowaty, Y. (2024). Aspek Yuridis Kejahatan Phishing dalam Ketentuan Hukum di Indonesia. 5(1), 19–24.

Maramis, A. V., Doodoh, M., & Lambonan, M. L. (2025). TINJAUAN YURIDIS TERHADAP PERLINDUNGAN DATA PRIBADI DALAM MENGATASI CYBERCRIME PADA KASUS PHISHING. Fakultas Hukum Unsrat, 14(5).

Mega, R., & Sari, P. (2025). Criminal Responsibility in Cybercrime : An Analysis of Phishing Crimes in Indonesia. 2(5), 49–55.

Muhammad, F. E., & Harefa, B. (2023). Pengaturan Tindak Pidana Bagi Pelaku Penipuan Phisning Berbasis Web tindakan dan perbuatan hukum yang nyata . Secara yuridis dalam hal ruang cyber. 6(1), 226–241.

Nur’aini, R. J., & Simanjuntak, M. (2025). PHISHING AWARENESS AND SECURITY CONCERNS : ANALYZING THE ROLE OF ANTI-PHISHING KNOWLEDGE AND INTERNET. Jur. Ilm. Kel. & Kons., 18(2), 121–133.

Nurmansyah, G., Natamiharja, R., & Setiawan, I. (2025). Legal Protection of Personal Data Against Phishing in Indonesia: A Pancasila-Based Approach. Pancasila and Law Review, 6(1), 15–44.

Pavlyukova, E. V. (2020). Phishing attacks: legal regulation in the USA.

Prayuti, Y., Lany, A., Marpaung, Y. E., & Lorentzon, E. (2024). Legal Protection of Consumers from Personal Data Security Risks , Threats of Fraud and Phishing ( Cybercrime ) in E-Wallet Payment Systems. Unram Law Review, 8(2).

Reyhan, E., & Gultom, P. (2025). PERLINDUNGAN HUKUM TERHADAP PENGGUNA SOSIAL MEDIA TERKAIT CYBER CRIME PHISING BERDASARKAN UNDANG- UNDANG REPUBLIK INDONESIA NOMOR 19 TAHUN 2016 TENTANG PERUBAHAN ATAS UNDANG-UNDANG NOMOR 11 TAHUN 2008 TENTANG INFORMASI DAN TRANSAKSI ELEKTRONIK. Lex Laguens: Jurnal Kajian Hukum Dan Keadilan, 3(3), 111–124.

Sahfitri, A., Hukum, I., & Sumatera, U. (2024). PENIPUAN DIGITAL MELALUI TAUTAN PHISHING. 6(2), 92–107.

Souhoka, B. A., Fadillah, R. A., Fathan, M., Meldiansah, R., Mutakin, M. I., & Fauziyah. (2025). Analisis Strategi Pencegahan Phising Studi Kasus Pada Media Sosial Facebook. JURNAL SISTEM INFORMASI GALUH, 3(1), 10–22.

Sulistyo, A. D., Wicaksono, B. D., Saputra, R. N., & Ramadhani, R. (2024). Strategi Penanggulangan Serangan Phishing di Media Sosial. 385–396.

Tanonggi, J. T., Pusparini, I., Limbon, C. P., Thiffani, G., & Siagan, S. N. (2024). Tinjauan Hukum Terhadap Pertanggungjawaban Bank Kepada Data Nasabah Dalam Serangan Phishing. Indonesian Journal of Law, 1(6), 186–194.

Wibisono, C. S., & Mahanani, A. E. E. (2023). Analisis Yuridis Terhadap Tindak Pidana Penipuan Dalam Transaksi Elektronik Melalui Media Sosial ( Twitter ). JURNAL HUKUM, POLITIK DAN ILMU SOSIAL (JHPIS), 2(2), 125–146.

Yustitiana, R. (2021). PELAKSANAAN PENGATURAN HUKUM TINDAK KEJAHATAN FRAUD PHISHING TRANSAKSI ELEKTRONIK SEBAGAI BAGIAN DARI UPAYA PENEGAKAN HUKUM DI INDONESIA DIKAITKAN DENGAN TEORI EFEKTIVITAS HUKUM. Jurnal Hukum Visio Justisia, 1, 98–126.