Risk
5/14/2012
01:27 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

ID Theft, Online Fraud Rose Slightly In 2011

Internet crime reports increased 3.4% in 2011 as compared to 2010, finds Internet Crime Complaint Center. Some old scams remain popular.

Defense Robots: Fast, Flexible, And Tough
Defense Robots: Fast, Flexible, And Tough
(click image for larger view and for slideshow)
For the third consecutive year, the public-private Internet Crime Complaint Center (IC3) logged more than 300,000 complaints of Internet crime such as identity theft and online fraud, totaling $485.3 million in losses, the IC3 announced Friday in its annual Internet crime report.

The report, which surveys Internet crime reported to IC3 in 2011, indicates that complaints were up 3.4% as compared to 2010, though they remain down from 2009's peak. The 12-year-old IC3 is a partnership among the FBI's Cyber Division, the Department of Justice's Bureau of Justice Assistance, and the National White Collar Crime Center that collects complaints of Internet crime from the public and shares information with law enforcement.

The report analyzes complaints from around the country, with some coming in from other countries as well. Unsurprisingly, the states with the largest number of complaints include some of the most heavily populated states. The top five states by number of complaints were California, Florida, Texas, New York, and Ohio, in that order.

The stats are a bit different when adjusted for rates of Internet crime per capita. Here, Alaska held the top spot, with a 30.1% higher per capita rate than the next worst victim, the District of Columbia. New Jersey, Nevada, and Colorado rounded out the top five for per capita complaints.

[ What are government pros most concerned about? See our exclusive InformationWeek Federal IT Survey: Hacktivists, Cybercriminals Are Top Threats. ]

In terms of demographics, people aged 40 to 59 registered the most complaints, with 43% of total complaints coming from that age group. The next biggest group of victims were those aged 20 to 30, followed by those 60 and older and, finally, those under 20 years old.

Although IC3 received 314,246 Internet crime complaints in 2011, only 36.9% of those complaints, or 115,903, resulted in actual financial loss. The average loss among those reporting financial losses was $4,187, and the median was $636, indicating that Internet criminals are not content just to skim pennies off the dollar.

The top five crime types were: FBI-related scams in which criminals posed as the FBI; identity theft; advance fee fraud, in which criminals attempted to convince victims to pay an advance fee for something of value that would never be delivered to the victim; non-delivery of purchased merchandise; and overpayment.

Some of the most commonly reported crimes included auto-auction fraud in which people sold vehicles that they never owned (4,066 complaints totaling $8.2 million in losses); romance scams in which scammers sought money, frequently from older and divorced or widowed individuals (5,663 complaints totaling $50.4 million); work-from-home scams in which criminals recruit "workers" for false jobs that are actually covers for theft (17,532 complaints totaling $20.1 million); and loan intimidation scams (9,968 complaints totaling $8.2 million).

Some of the complaints IC3 has received over the past few years have led to criminal convictions and other positive outcomes. For example, complaints received beginning in July 2007 led to the extradition of a Nigerian citizen to the United States for allegedly defrauding law firms of more than $29 million in a debt collection scam, and complaints in 2009 about a dietary aid company that sells supplements online led to $3 million in reimbursements and a $51,000 attorneys' fees agreement.

Hacktivist and cybercriminal threats concern IT teams most, our first Federal Government Cybersecurity Survey reveals. Here's how they're fighting back. Also in the new, all-digital Top Federal IT Threats issue of InformqtionWeek Government: Why federal efforts to cut IT costs don't go far enough, and how the State Department is enhancing security. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Zaga
50%
50%
Zaga,
User Rank: Apprentice
5/18/2012 | 9:08:40 PM
re: ID Theft, Online Fraud Rose Slightly In 2011
Most online companies are afraid of implementing fraud prevention measures because they think about: 1) Customer friction 2) Increase costs of operation. Companies with this mindset are already behind: the largest websites are allowing users to telesign in. The technology is here already..
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0972
Published: 2014-08-01
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write ...

CVE-2014-2627
Published: 2014-08-01
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.

CVE-2014-3009
Published: 2014-08-01
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct ph...

CVE-2014-3302
Published: 2014-08-01
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CVE-2014-3534
Published: 2014-08-01
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a c...

Best of the Web
Dark Reading Radio