Risk
5/14/2012
01:27 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

ID Theft, Online Fraud Rose Slightly In 2011

Internet crime reports increased 3.4% in 2011 as compared to 2010, finds Internet Crime Complaint Center. Some old scams remain popular.

Defense Robots: Fast, Flexible, And Tough
Defense Robots: Fast, Flexible, And Tough
(click image for larger view and for slideshow)
For the third consecutive year, the public-private Internet Crime Complaint Center (IC3) logged more than 300,000 complaints of Internet crime such as identity theft and online fraud, totaling $485.3 million in losses, the IC3 announced Friday in its annual Internet crime report.

The report, which surveys Internet crime reported to IC3 in 2011, indicates that complaints were up 3.4% as compared to 2010, though they remain down from 2009's peak. The 12-year-old IC3 is a partnership among the FBI's Cyber Division, the Department of Justice's Bureau of Justice Assistance, and the National White Collar Crime Center that collects complaints of Internet crime from the public and shares information with law enforcement.

The report analyzes complaints from around the country, with some coming in from other countries as well. Unsurprisingly, the states with the largest number of complaints include some of the most heavily populated states. The top five states by number of complaints were California, Florida, Texas, New York, and Ohio, in that order.

The stats are a bit different when adjusted for rates of Internet crime per capita. Here, Alaska held the top spot, with a 30.1% higher per capita rate than the next worst victim, the District of Columbia. New Jersey, Nevada, and Colorado rounded out the top five for per capita complaints.

[ What are government pros most concerned about? See our exclusive InformationWeek Federal IT Survey: Hacktivists, Cybercriminals Are Top Threats. ]

In terms of demographics, people aged 40 to 59 registered the most complaints, with 43% of total complaints coming from that age group. The next biggest group of victims were those aged 20 to 30, followed by those 60 and older and, finally, those under 20 years old.

Although IC3 received 314,246 Internet crime complaints in 2011, only 36.9% of those complaints, or 115,903, resulted in actual financial loss. The average loss among those reporting financial losses was $4,187, and the median was $636, indicating that Internet criminals are not content just to skim pennies off the dollar.

The top five crime types were: FBI-related scams in which criminals posed as the FBI; identity theft; advance fee fraud, in which criminals attempted to convince victims to pay an advance fee for something of value that would never be delivered to the victim; non-delivery of purchased merchandise; and overpayment.

Some of the most commonly reported crimes included auto-auction fraud in which people sold vehicles that they never owned (4,066 complaints totaling $8.2 million in losses); romance scams in which scammers sought money, frequently from older and divorced or widowed individuals (5,663 complaints totaling $50.4 million); work-from-home scams in which criminals recruit "workers" for false jobs that are actually covers for theft (17,532 complaints totaling $20.1 million); and loan intimidation scams (9,968 complaints totaling $8.2 million).

Some of the complaints IC3 has received over the past few years have led to criminal convictions and other positive outcomes. For example, complaints received beginning in July 2007 led to the extradition of a Nigerian citizen to the United States for allegedly defrauding law firms of more than $29 million in a debt collection scam, and complaints in 2009 about a dietary aid company that sells supplements online led to $3 million in reimbursements and a $51,000 attorneys' fees agreement.

Hacktivist and cybercriminal threats concern IT teams most, our first Federal Government Cybersecurity Survey reveals. Here's how they're fighting back. Also in the new, all-digital Top Federal IT Threats issue of InformqtionWeek Government: Why federal efforts to cut IT costs don't go far enough, and how the State Department is enhancing security. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Zaga
50%
50%
Zaga,
User Rank: Apprentice
5/18/2012 | 9:08:40 PM
re: ID Theft, Online Fraud Rose Slightly In 2011
Most online companies are afraid of implementing fraud prevention measures because they think about: 1) Customer friction 2) Increase costs of operation. Companies with this mindset are already behind: the largest websites are allowing users to telesign in. The technology is here already..
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-6651
Published: 2014-07-31
Multiple directory traversal vulnerabilities in the Vitamin plugin before 1.1.0 for WordPress allow remote attackers to access arbitrary files via a .. (dot dot) in the path parameter to (1) add_headers.php or (2) minify.php.

CVE-2014-2970
Published: 2014-07-31
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5139. Reason: This candidate is a duplicate of CVE-2014-5139, and has also been used to refer to an unrelated topic that is currently outside the scope of CVE. This unrelated topic is a LibreSSL code change adding functionality ...

CVE-2014-3488
Published: 2014-07-31
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

CVE-2014-3554
Published: 2014-07-31
Buffer overflow in the ndp_msg_opt_dnssl_domain function in libndp allows remote routers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS Search List (DNSSL) in an IPv6 router advertisement.

CVE-2014-5171
Published: 2014-07-31
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and other sensitive information by sniffing the network.

Best of the Web
Dark Reading Radio