Risk
5/14/2012
01:27 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

ID Theft, Online Fraud Rose Slightly In 2011

Internet crime reports increased 3.4% in 2011 as compared to 2010, finds Internet Crime Complaint Center. Some old scams remain popular.

Defense Robots: Fast, Flexible, And Tough
Defense Robots: Fast, Flexible, And Tough
(click image for larger view and for slideshow)
For the third consecutive year, the public-private Internet Crime Complaint Center (IC3) logged more than 300,000 complaints of Internet crime such as identity theft and online fraud, totaling $485.3 million in losses, the IC3 announced Friday in its annual Internet crime report.

The report, which surveys Internet crime reported to IC3 in 2011, indicates that complaints were up 3.4% as compared to 2010, though they remain down from 2009's peak. The 12-year-old IC3 is a partnership among the FBI's Cyber Division, the Department of Justice's Bureau of Justice Assistance, and the National White Collar Crime Center that collects complaints of Internet crime from the public and shares information with law enforcement.

The report analyzes complaints from around the country, with some coming in from other countries as well. Unsurprisingly, the states with the largest number of complaints include some of the most heavily populated states. The top five states by number of complaints were California, Florida, Texas, New York, and Ohio, in that order.

The stats are a bit different when adjusted for rates of Internet crime per capita. Here, Alaska held the top spot, with a 30.1% higher per capita rate than the next worst victim, the District of Columbia. New Jersey, Nevada, and Colorado rounded out the top five for per capita complaints.

[ What are government pros most concerned about? See our exclusive InformationWeek Federal IT Survey: Hacktivists, Cybercriminals Are Top Threats. ]

In terms of demographics, people aged 40 to 59 registered the most complaints, with 43% of total complaints coming from that age group. The next biggest group of victims were those aged 20 to 30, followed by those 60 and older and, finally, those under 20 years old.

Although IC3 received 314,246 Internet crime complaints in 2011, only 36.9% of those complaints, or 115,903, resulted in actual financial loss. The average loss among those reporting financial losses was $4,187, and the median was $636, indicating that Internet criminals are not content just to skim pennies off the dollar.

The top five crime types were: FBI-related scams in which criminals posed as the FBI; identity theft; advance fee fraud, in which criminals attempted to convince victims to pay an advance fee for something of value that would never be delivered to the victim; non-delivery of purchased merchandise; and overpayment.

Some of the most commonly reported crimes included auto-auction fraud in which people sold vehicles that they never owned (4,066 complaints totaling $8.2 million in losses); romance scams in which scammers sought money, frequently from older and divorced or widowed individuals (5,663 complaints totaling $50.4 million); work-from-home scams in which criminals recruit "workers" for false jobs that are actually covers for theft (17,532 complaints totaling $20.1 million); and loan intimidation scams (9,968 complaints totaling $8.2 million).

Some of the complaints IC3 has received over the past few years have led to criminal convictions and other positive outcomes. For example, complaints received beginning in July 2007 led to the extradition of a Nigerian citizen to the United States for allegedly defrauding law firms of more than $29 million in a debt collection scam, and complaints in 2009 about a dietary aid company that sells supplements online led to $3 million in reimbursements and a $51,000 attorneys' fees agreement.

Hacktivist and cybercriminal threats concern IT teams most, our first Federal Government Cybersecurity Survey reveals. Here's how they're fighting back. Also in the new, all-digital Top Federal IT Threats issue of InformqtionWeek Government: Why federal efforts to cut IT costs don't go far enough, and how the State Department is enhancing security. (Free registration required.)

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Zaga
50%
50%
Zaga,
User Rank: Apprentice
5/18/2012 | 9:08:40 PM
re: ID Theft, Online Fraud Rose Slightly In 2011
Most online companies are afraid of implementing fraud prevention measures because they think about: 1) Customer friction 2) Increase costs of operation. Companies with this mindset are already behind: the largest websites are allowing users to telesign in. The technology is here already..
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-2413
Published: 2014-10-20
Cross-site scripting (XSS) vulnerability in the ja_purity template for Joomla! 1.5.26 and earlier allows remote attackers to inject arbitrary web script or HTML via the Mod* cookie parameter to html/modules.php.

CVE-2012-5244
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Banana Dance B.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) return, (2) display, (3) table, or (4) search parameter to functions/suggest.php; (5) the id parameter to functions/widgets.php, (6) the category parameter to...

CVE-2012-5694
Published: 2014-10-20
Multiple SQL injection vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allow remote attackers to execute arbitrary SQL commands via the (1) agentPhNo, (2) controlPhNo, (3) agentURLPath, (4) agentControlKey, or (5) platformDD1 parameter to frameworkgui/attach2Agents.p...

CVE-2012-5695
Published: 2014-10-20
Multiple cross-site request forgery (CSRF) vulnerabilities in Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allow remote attackers to hijack the authentication of administrators for requests that conduct (1) shell metacharacter or (2) SQL injection attacks or (3) send an SMS m...

CVE-2012-5696
Published: 2014-10-20
Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 does not properly restrict access to frameworkgui/config, which allows remote attackers to obtain the plaintext database password via a direct request.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.