The Internet Crime Complaint Center said that it received more than 275,000 complaints in 2008, up from about 207,000 in 2007. The total reported dollar loss from such scams was $265 mln, or about $25 mln more than in 2007. Among those who filed complaints, men reported losing $1.69 for every dollar that women lost.
Approximately 7.5% of US adults lost money as a result of some sort of financial fraud in 2008, in large part because of data breaches, according to Gartner. Payment card fraud (credit, debit and ATM card fraud) was the method most actively used by crooks to steal money, claiming 36% more victims in 2008 than other types of fraud. Gartner found that financial losses were highest in the case of new-account, credit card and brokerage fraud, with average losses per incident totaling $1,097, $929 and $900, respectively. However, victims of brokerage, credit card and debit/ATM card account fraud find it easiest to recover their losses, receiving an average of 100%, 86%, and 77% of the funds stolen, respectively.
UK cybercrime rose by more than 9% in 2007, according to Garlick. 3.5 mln online crimes were committed in the UK in 2007. There was an 8% drop in online identity theft and sexual offences fell 2%.
29% of Internet users have purchased goods from spam emails, according to Marshal. The most commonly purchased items include sexual enhancement pills, software, adult material and luxury items such as watches, jewellery and clothing. Botnets are networks comprised of thousands of infected personal computers, controlled remotely by criminals. They have enabled spammers to push down their costs through economies of scale and eliminated the need for spammers to host their own spam servers as they simply take control of other people’s computers instead. Recent FBI prosecutions of bot-herders and investigations of message-boards used by spammers, suggests the going rate for spammers to send a mln spam messages is as little as $5-10.
In Q2 2008, 74% of all mail received was spam. In Q2 2008, Turkey became the country with most zombie computers (11% of the global total), followed by Brazil (8.4%) and Russia (7.4%). The USA, which in the Q1 2008 accounted for 5% of all zombies, is now in ninth place with just 4.3% of the total. Google Adwords has been at the center of one of the most notable attacks over the last quarter, PandaLabs says. This Google service had been used previously to launch phishing attacks and the trend continues. This type of attack uses social engineering to trick users into revealing confidential details (bank account numbers, passwords, etc.).
US consumers lost almost $8.5 bln over the last two years to viruses, spyware, and phishing schemes. Consumer Reports estimates that American consumers have replaced about 2.1 mln computers over the past two years because of online threats. Consumers have 1 in 6 chance of becoming a cybervictim, down from 1 in 4 in 2007. Spyware and virus infections have also declined significantly over the past few years. Consumer Reports projects that problems they cause have resulted in damages of roughly $6.5 bln over the past two years. Consumer Reports also estimates that 3.5 mln U.S. households with broadband remain unprotected by a firewall.
32% of small and medium businesses in the United States and Canada have been attacked more than four times by cybercriminals in the last three years, MCAfee said. 26% of those attacked took at least a week to recover, a devastating length of time to be offline for small businesses who conduct business and sales via the Web. Recovery time in Canada was even greater, with a third (36%) taking a week or more to fully restore their systems. 44% think cybercrime is only an issue for larger organizations and believe it does not affect them. 52% of businesses believe that because they are not well-known so cybercriminals will not specifically target them. Almost half (45%) do not think they are a ‘valuable target’ for cybercriminals. 46% do not think they can be a source of profit for cybercriminals. SMBs may not be as safe from security attacks as they think. 88% of respondents believed they were ‘adequately protected,’ yet 43% of them admitted that they simply accept the default settings on their IT equipment, settings which are often not in line with their specific business needs.
88% of people interviewed in the US and the UK by Accenture said personal irresponsibility is the key cause of identity theft and fraud. 70% of respondents in the UK said they don’t write down their passwords, versus 49% in the US.
Anxiety about sharing personal data is the biggest barrier to consumer acceptance of mobile banking and commerce (66%), according to Harris Interactive. Additional barriers to adoption: more exposure to fraud and financial scams (63% expressed concern); worry about losing a device containing valuable information (61%); concern about costs (58%); usability (43%), reliability (37%), and speed of wireless network (23%)
FTC logged about 800,000 consumer complaints about identity theft during 2007, of which 32% involved identity theft and 68% covered other types of fraud. Of the identity theft cases, only 23% involved a credit card account, and cases of unauthorized new accounts outnumbered misuse of existing accounts by two to one. Other categories involved using someone else’s name for a utilities account (18%), for employment (14%), for government benefits fraud (11%), loan fraud (5%) and other forms of bank fraud (13%).