Security

Web Crime Spikes in 2007, Losses Near $240M

The financial losses tied to Internet crime reached record levels in 2007, the FBI said Thursday, citing data from its annual Internet Crime Report.

The Internet Crime Complaint Center, or IC3 — which the FBI operates along with the nonprofit National White Collar Crime Center — fielded 206,884 complaints of crimes perpetrated over the Internet during 2007, the bureau said. Of those, about 90,000 were referred to law enforcement agencies for follow-up, and the dollar value of those cases is estimated at around US$240 million in losses.

That’s an increase of $40 million, or 20 percent, over the year before in the total value of the referred cases. Though the dollar amount lost set a record, the IC3 has referred more cases in the past, as in 2004, when it sent some 104,000 cases to other agencies.

“The Internet presents a wealth of opportunity for would-be criminals to prey on unsuspecting victims, and this report shows how extensive these types of crime have become,” said FBI Cyber Division Assistant Director James E. Finch. “What this report does not show is how often this type of activity goes unreported.”

The FBI urges consumers to report Web crimes through the IC3 site because that information is widely shared with law enforcement agencies across the country and is used to analyze trends and help authorities know where to devote investigative resources, Finch added.

Auction Fraud on Top

As in many past years, fraud connected to Internet-based auctions remained the most common type of complaint. Often, those complaints involve a seller not delivering an item after an auction winner has made payment.

However, auction fraud complaints were down sharply, falling nearly 21 percent from the year before.

Still, auction fraud made up 36 percent of all complaints to the IC3 and non-delivery of items another 25 percent.

The FBI noted, however, that some of the fraud reported on eBay and its online payment site PayPal may actually be the result of phishing attacks that use those brand names to get people to turn over their personal information. The agency said it continues to work closely with eBay to help it contain fraud.

eBay, meanwhile, has moved to aggressively curtail fraud on its own. Earlier this year, it purchased Fraud Sciences through its PayPal unit, giving it access to a widely used buyer-verification software platform.

“eBay knows that fraud is a potential drag on its growth and has tried to address that since its earliest days as a person-to-person sales platform,” Forrester Research analyst Sucharita Mulpuru told the E-Commerce Times. “Even though it has an arm’s-length relationship to the actual sales taking place, it has a strong incentive in keeping the marketplace as safe as possible.”

The auction site also has its own complaint resolution process that helps identify problem sellers and keep them off the site, she added.

While auction fraud was the most common complaint, it was not the costliest. That distinction went to investment fraud, with consumers losing $3,500 per incident, and check fraud, which cost each victim $3,000. Overall, the median amount of financial loss per incident was just under $700.

Pets and Dates

Other categories of Web crime include credit and debit card fraud, computer intrusions through the installation of spyware or adware, spam and other types of unsolicited e-mail and child pornography.

New and growing scams highlighted by the report include the purchase or sale of exotic and often illegal pets, check scams and online dating fraud.

The report highlights two types of pet-related scams, including one in which a pet bought online is simply not delivered and other in which a person selling their pet online is sent a check for more than the amount of the sale and asked to wire the difference to a third party — ostensibly to fund care of the pet. When the original check bounces, the seller loses the difference as well as their pet.

Another scam the FBI hopes to raise awareness of involves secret shoppers. Asked to rate a dining or shopping experience in exchange for pay, shoppers are overpaid by check and told to forward the overpayment to a third party. The original check then proves worthless.

‘There Remains Work to Be Done’

The FBI also warned about fraud being perpetrated through online dating services, including instances in which a romantic interest requests money be sent to help them travel to meet the other person. Sometimes, those scams are escalated, with the person claiming to be injured or mugged en route to the meeting, requiring additional money be wired.

The data and recent headline-grabbing events are reminders that more secure solutions for credit cards and other sensitive information are still needed, said Gartner analyst Avivah Litan.

“Whether it’s in back-office databases or traveling over the Internet, there remains work to be done to secure credit card data,” Litan told the E-Commerce Times.

Even ironclad security won’t prevent the kind of social-engineering fraud behind many of the frauds the FBI reported, she acknowledged, but it could help limit the sheer volume of financial losses and the number of identity theft cases suffered each year.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Keith Regan
More in Security

E-Commerce Times Channels