It is hard to conceive of a more liberating communication medium than the internet; and holding the promise, as it does, of fully engaged citizens--of a populace enjoying the give and take with both state and local government which makes for true participation--few things are as dismaying, and as threatening to that promise and vision, as the very real possibility of cyber crime ambush.
And he is very real indeed, the cyber criminal--the individual who for reasons best known to his darker side have chosen to use today's open information technology to commit serious crimes and harm others.
You've heard of his schemes: lottery scams, internet auction frauds, Nigerian advance fee fraud, phishing, identity theft, the list goes on and seems to grow almost daily as innovation is bent toward the quick and dishonest digital buck rather than creative contribution to others around him.
And to make matters worse, cyber crime seems to be "everywhere" now. But just how everywhere is it?
The IC3
The IC3 report for 2007 has recently been released and does shed some light on just that question.
IC3 Background
The Internet Crime Complaint Center (IC3--http://www.ic3.gov), launched in May 2000 as the Internet Fraud Complaint Center (IFCC). In December 2003, the IFCC was renamed the Internet Crime Complaint Center (IC3) to better reflect the range of internet crime encountered.
Shortly thereafter IC3 established a partnership with the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation (FBI) to serve as the main federal vehicle to receive, develop, and refer to state and local authorities complaints regarding the rapidly expanding underbelly of the internet: cyber crime.
IC3 was intended to and continues to serve the broader law enforcement community, including federal, state and local agencies, which employ key participants in the growing number of Cyber Crime Task Forces.
Since its inception, IC3 has received complaints across a wide variety of cyber crime matters, including online fraud (in its many forms), intellectual property rights (IPR) matters, computer intrusions (hacking), economic espionage (theft of trade secrets), child pornography, international money laundering, identity theft, and a growing list of additional criminal matters.
IC3 provides victims of cyber crime a convenient and easy-to-use reporting mechanism that immediately alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, and local level, IC3 provides a central referral mechanism for complaints involving Internet related crimes.
Cyber Crime Statistics
Caveat: The following statistics give a good overview of reported instances of cyber crime. It would, however, serve you very well to keep in mind that researchers (for once) agree that only one instance in seven is actually reported to the authorities, or to sites such as IC3. The true figures, then, are roughly seven times higher.
2007 Complaints
From January 1, 2007 to December 31, 2007, 206,884 complaints were filed online with IC3. This is actually a 0.3% decrease compared to 2006 when 207,492 complaints were received.
Dollar Loss
The total dollar loss of $239.09 million to reported cyber crime was at an all-time high in 2007.
Referrals The number of complaints referred to state and local authorities increased slightly from 86,279 in 2006 to 90,008 in 2007.
Categories Although they decreased 20.5% from 2006, internet auction fraud was still by far the most reported offense in 2007, comprising at it did 35.7% of all complaints. In addition, during 2007, the non-delivery of merchandise and/or payment represented 24.9% of complaints (up 31.1% from 2006); while confidence fraud made up an additional 6.7% of complaints. Credit and debit card fraud, check fraud, and computer fraud represented 17.6% of all referred complaints. Other complaint categories such as identity theft, financial institutions fraud, threats, and Nigerian letter fraud complaints together represented less than 8.3%. Contact Method
Leading the field by a very wide margin as the cyber criminal's favorite mode of contact is email (73.6%), followed at a distant second by the webpage (32.7%). It stands to reason that the anonymous nature of email and websites would be favored since they allow perpetrators to solicit a large number of victims with just a few keystrokes.
Other contact methods included telephone (18.0%), snail mail (10.1%), chat rooms (2.3%) and in-person (1.7%).
Cyber Crime Categories
IC3 breaks down cyber crime into the following categories:Financial Institution Fraud - Knowing misrepresentation of the truth or concealment of a material fact by a person to induce a business, organization, or other entity that manages money, credit, or capital to perform a fraudulent activity. This would include credit/debit card fraud, as well as identity theft.
Gaming Fraud - Inducing the victim to risk something of value, especially money, for a chance to win a prize when there is a misrepresentation of the odds or events.
Communications Fraud - A fraudulent act or process in which information is exchanged using different forms of media. Thefts of wireless, satellite, or landline services are examples of communications fraud.
Utility Fraud - When an individual or company misrepresents or knowingly intends to harm by defrauding a government regulated entity that performs an essential public service, such as the supply of water or electrical services.
Insurance Fraud - A misrepresentation by the provider or the insured in the indemnity against loss, including "padding" or inflating of actual claims, misrepresenting facts on an insurance application, submitting claims for injuries or damage that never occurred, and "staging" accidents.
Government Fraud - A knowing misrepresentation of the truth or concealment of a material fact to induce the government to act to its own detriment, including tax evasion, welfare fraud, and counterfeit currency.
Investment Fraud - Deceptive practices involving the use of capital to create more money, either through income-producing vehicles or through more risk-oriented ventures designed to result in capital gains. Pyramid schemes and market manipulation are two types of investment fraud.
Nigerian Letter Fraud - Any scam that involves an unsolicited email message, purportedly from Nigeria or another African nation, in which the sender promises a large sum of money to the recipient. In return the recipient is asked to pay an advance fee or provide identity, credit card or bank account information.
Identity Theft Defensive Steps
Today, one of the most troubling cyber crimes is identity theft. Should you suspect that your identity has been phished or otherwise stolen, take the following steps immediately:
- Contact your bank and ask them to monitor for unusual activity and advice whether you should close the account and open a new checking or savings account.
- Contact the fraud departments of each of the three major credit bureaus to place a fraud alert on your credit file.
- File a police report and obtain a copy of the report to submit to your creditors and others that may require proof of the crime.
- Obtain new identity documents if you provided the spammer with your passport number of driver's license number; also call the Social Security Administration and all creditors with whom you have accounts to let them know you have been the victim of identity theft.
- If you have seen unauthorized charges: Close the accounts that you know or believe have been tampered with or opened fraudulently.
- File your complaint with the FTC.
- File a Financial Loss complaint form online with IC3.
- Contact your state attorney general to alert them to the scam or fraud activity.
From Hacking to Cash Cow
Hacking has been around for decades. Initially the object was not financial gain but prestige--how many systems could be affected and how much damage could be inflicted? This, from the average citizen's standpoint, was a comparatively harmless pursuit, primarily targeting business, government, or other institutional computers.
There has, unfortunately, lately been an alarming shift in the nature of cyber crime. What was once the passion of ego-challenged computer geeks has now become a major cash cow for professional criminals; and the days of the highly visible, chaos-causing cyber incidents have now been replaced by stealth attacks designed to be invisible to the victim, while financially profitable to the perpetrator.
The best defense against this modern day highway robber is to stay alert and informed. A good site to keep up-to-date on the latest (and often ingenious) scams is the IC3 sister site LooksTooGoodToBeTrue, at: http://www.lookstoogoodtobetrue.com.
Another excellent site is http://www.consumerfraudreporting.org.
State and Local Involvement
Due to the widespread and growing nature of cyber crime, many state and local law enforcement agencies have now established, or are in the process of establishing, Cyber Crime Divisions, such as the Los Angeles County District Attorney's Office High Technology Crime Division.
Please see http://www.e-evidence.info/ccunits.html for a list of current state and local cyber crime units.
Here to Stay
The cyber criminal, unfortunately, has now arrived and has now worked his way into our vocabulary. The way to guard against him is to stay alert and informed.
Subscribe to this blog's feed
Leave a comment