Risk
2/25/2011
03:41 PM
50%
50%

Identify Theft, Financial Scams Top Internet Crimes List

The FBI's Internet Crime Complaint Center received more than 300,000 reports of Internet crime in 2010, according to its annual report.

Failure to pay or deliver merchandise, scams in which someone impersonates the FBI, and identity theft were the top three Internet crime complaints last year, according to the FBI/National White Collar Crime Center's Internet Crime Complaint Center (IC3). Victims of these crimes reported losing hundreds of millions of dollars, the center said.

The IC3, which has logged Web-based crime complaints for 10 years, released its 2010 Internet Crime Report (PDF) this week. Last year, the center received 303,809 complaints -- or an average of about 25,000 per month -- mainly reported by men between the ages of 40 and 59 years old living in the U.S. states of California, Florida, Texas, or New York.

Computer crimes, and various forms of fraud -- including advance-fee, spam, auction, credit card, overpayment, and miscellaneous types -- rounded out the top 10 complaints lodged to the IC3 in 2010, according to the report.

The center has recorded more than 2 million complaints about attempts to defraud people via the Internet since its inception.

While men still predominantly report Internet crimes to the center, the previous ratio of men reporting crimes 2.5 to 1 over women has dramatically narrowed, according to IC3. Now women are reporting crimes nearly equally, according to the report.

Though middle-aged people file the biggest number of complaints, those in the 60-and-over age group account for the demographic with the biggest rise in complaints in the IC3's 10-year history, according to the report.

The FBI does not investigate all of the claims it receives, but 121,710 of the ones reported in 2010 did meet the criteria -- some of which is based on the financial nature of the crime. In those cases, the agency refers the crime to the appropriate law-enforcement agency at the federal, state, or local level.

The FBI has used technology to improve investigations based on IC3 complaints in recent years. The search process is now automated, so law-enforcement analysts investigating the crimes can more easily find patterns on which to build cases. Law enforcement agencies in different jurisdictions, but investigating the same or similar cases, also have better information-sharing tools, according to the FBI.

In addition to complaints from the U.S., the IC3 also fielded complaints from people overseas in 2010, mainly from residents in Canada, the United Kingdom, Australia, and India.

When the center had information about the people committing the crimes, it found that nearly 75% were men living in California, the District of Columbia, Florida, New York, Texas, and Washington. When perpetrators lived outside of the country, they were mainly from the United Kingdom, Nigeria, and Canada, according to the report.

The report also includes information about alerts the IC3 put on in 2010 around specific Internet scams people reported.

One concerned online apartment- and house-rental scams, while another used denial-of-service attacks on cell phones and landlines as a ruse to access victims' bank accounts. Yet another Internet scam involved people sending fake e-mails looking for donations to disaster-relief efforts after last year's massive earthquake in Haiti.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-0714
Published: 2015-05-02
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Finesse Server 10.0(1), 10.5(1), 10.6(1), and 11.0(1) allow remote attackers to inject arbitrary web script or HTML via unspecified parameters, aka Bug ID CSCut53595.

CVE-2014-3598
Published: 2015-05-01
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.

CVE-2014-8361
Published: 2015-05-01
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request.

CVE-2015-0237
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 ignores the permission to deny snapshot creation during live storage migration between domains, which allows remote authenticated users to cause a denial of service (prevent host start) by creating a long snapshot chain.

CVE-2015-0257
Published: 2015-05-01
Red Hat Enterprise Virtualization (RHEV) Manager before 3.5.1 uses weak permissions on the directories shared by the ovirt-engine-dwhd service and a plugin during service startup, which allows local users to obtain sensitive information by reading files in the directory.

Dark Reading Radio
Archived Dark Reading Radio
Join security and risk expert John Pironti and Dark Reading Editor-in-Chief Tim Wilson for a live online discussion of the sea-changing shift in security strategy and the many ways it is affecting IT and business.