Risk
2/25/2011
03:41 PM
Connect Directly
RSS
E-Mail
50%
50%

Identify Theft, Financial Scams Top Internet Crimes List

The FBI's Internet Crime Complaint Center received more than 300,000 reports of Internet crime in 2010, according to its annual report.

Failure to pay or deliver merchandise, scams in which someone impersonates the FBI, and identity theft were the top three Internet crime complaints last year, according to the FBI/National White Collar Crime Center's Internet Crime Complaint Center (IC3). Victims of these crimes reported losing hundreds of millions of dollars, the center said.

The IC3, which has logged Web-based crime complaints for 10 years, released its 2010 Internet Crime Report (PDF) this week. Last year, the center received 303,809 complaints -- or an average of about 25,000 per month -- mainly reported by men between the ages of 40 and 59 years old living in the U.S. states of California, Florida, Texas, or New York.

Computer crimes, and various forms of fraud -- including advance-fee, spam, auction, credit card, overpayment, and miscellaneous types -- rounded out the top 10 complaints lodged to the IC3 in 2010, according to the report.

The center has recorded more than 2 million complaints about attempts to defraud people via the Internet since its inception.

While men still predominantly report Internet crimes to the center, the previous ratio of men reporting crimes 2.5 to 1 over women has dramatically narrowed, according to IC3. Now women are reporting crimes nearly equally, according to the report.

Though middle-aged people file the biggest number of complaints, those in the 60-and-over age group account for the demographic with the biggest rise in complaints in the IC3's 10-year history, according to the report.

The FBI does not investigate all of the claims it receives, but 121,710 of the ones reported in 2010 did meet the criteria -- some of which is based on the financial nature of the crime. In those cases, the agency refers the crime to the appropriate law-enforcement agency at the federal, state, or local level.

The FBI has used technology to improve investigations based on IC3 complaints in recent years. The search process is now automated, so law-enforcement analysts investigating the crimes can more easily find patterns on which to build cases. Law enforcement agencies in different jurisdictions, but investigating the same or similar cases, also have better information-sharing tools, according to the FBI.

In addition to complaints from the U.S., the IC3 also fielded complaints from people overseas in 2010, mainly from residents in Canada, the United Kingdom, Australia, and India.

When the center had information about the people committing the crimes, it found that nearly 75% were men living in California, the District of Columbia, Florida, New York, Texas, and Washington. When perpetrators lived outside of the country, they were mainly from the United Kingdom, Nigeria, and Canada, according to the report.

The report also includes information about alerts the IC3 put on in 2010 around specific Internet scams people reported.

One concerned online apartment- and house-rental scams, while another used denial-of-service attacks on cell phones and landlines as a ruse to access victims' bank accounts. Yet another Internet scam involved people sending fake e-mails looking for donations to disaster-relief efforts after last year's massive earthquake in Haiti.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2227
Published: 2014-07-25
The default Flash cross-domain policy (crossdomain.xml) in Ubiquiti Networks UniFi Video (formerly AirVision aka AirVision Controller) before 3.0.1 does not restrict access to the application, which allows remote attackers to bypass the Same Origin Policy via a crafted SWF file.

CVE-2014-5027
Published: 2014-07-25
Cross-site scripting (XSS) vulnerability in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allows remote attackers to inject arbitrary web script or HTML via a query parameter to a diff fragment page.

CVE-2014-5100
Published: 2014-07-25
Multiple cross-site request forgery (CSRF) vulnerabilities in Omeka before 2.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) add a new super user account via a request to admin/users/add, (2) insert cross-site scripting (XSS) sequences via the api_key_...

CVE-2014-5101
Published: 2014-07-25
Multiple cross-site scripting (XSS) vulnerabilities in WeBid 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) TPL_name, (2) TPL_nick, (3) TPL_email, (4) TPL_year, (5) TPL_address, (6) TPL_city, (7) TPL_prov, (8) TPL_zip, (9) TPL_phone, (10) TPL_pp_email, (11) TPL_authn...

CVE-2014-5102
Published: 2014-07-25
SQL injection vulnerability in vBulletin 5.0.4 through 5.1.3 Alpha 5 allows remote attackers to execute arbitrary SQL commands via the criteria[startswith] parameter to ajax/render/memberlist_items.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Sara Peters hosts a conversation on Botnets and those who fight them.