Thursday, April 26, 2007
Internet Fraud Still Rising
The Internet Crime Complaint Center (IC3) recently released their 2006 Internet Crime Report. The IC3 receives complaints online and by telephone. They refer them to the appropriate law enforcement agency. Here are highlights of the report:
1. Complaints received on the IC3 website - 207,492 (While this is a 10% decline from 2005, dollars involved in the claims rose.)
2. Complaints by category:
Auction Fraud - 44.9%
Non-delivery - 19.0%
Check fraud - 4.9%
Credit/Debit card fraud - 4.8%
Computer fraud - 2.8%
Confidence fraud - 2.2%
Financial institution fraud - 1.6%
Identity theft - 1.6%
Investment fraud - 1.3%
Child pornography - 1.0%
3. Total dollars lost in fraud cases for 2006, $198.44 million. This is an increase over 2005 by 8.37%.
4. The mean dollar loss was $2,529.90 and the median was $724.00.
5. Referrals by Amount of Dollars Lost:
$.01 to $99.99 - 15.6%
$100 -$999.99 - 39.4%
$1,000 - $4,999.99 - 31.6%
$5,000 - $9,999.99 - 7.6%
$10,000 - $99,999.99 - 4.7%
$100,000+ - 1.0%
6. Amount lost by category:
Complaint Type
Median $ Loss per Complaint
% of Reported Total Dollar Loss
Nigerian letter fraud
$5,100
1.7%
Check fraud
$3,744
11.1%
Investment fraud
$$2,694.99
4.0%
Confidence fraud
$2,400
4.5%
Auction fraud
$602
33.0%
Non-delivery
$585
28.1%
Credit/Debit card fraud
$427
3.6%
7. Over half of the perpetrators resided in one of these states, ranked from the highest to lowest:
a. California - 15.2%
b. New York - 9.5%
c. Florida - 9.3%
d. Texas - 6.5%
e. Illinois - 4.5%
f. Pennsylvania - 3.3%
g. Tennessee - 3.2%
h. North Carolina - 3.1%
i. Ohio - 3.1%
j. New Jersey - 3.0%
and the United States contained 60% of the perpetrators, as you can see by the country of origin ranking:
k. United States - 60.9%
l. United Kingdom - 15.9%
m. Nigeria - 5.9%
n. Canada - 5.6%
o. Romania - 1.6%
p. Italy - 1.2%
q. Netherlands - 1.2%
r. Russia - 1.1%
s. Germany - 0.7%
t. South Africa - 0.6%
8. Losses by Age of Complainant Demographics (Average (median) $ Loss per Typical Complaint_
Male - $920
Female - $545
Age - Median Loss
<20 - $500
20-29 - $702
30-39 - $786
40-49 - $827
50-59 - $860
60+ - $866
9. Top 10 states where complaints originated from:
a. California - 13.5%
b. Texas - 7.2%
c. Florida - 7.1%
4. New York - 5.5%
d. Pennsylvania - 4.0%
e. New Jersey - 3.6%
f. Illinois - 3.5%
g. Ohio - 3.3%
h. Virginia - 3.0%
i. Michigan - 2.9%
10. While email was the most common method scammers used to contact their victims, there are others to watch for:
Email - 73.9%
Webpage - 36.0%
Telephone - 17.7%
IM - 12.0%
Snail mail - 10.3%
Wire - 6.3%
Fax - 4.0%
Bulletin board - 3.7%
Chatrooms - 2.4%
In person - 1.5%
Newsgroups - 0.6%
The complete report is available here.
The Internet Crime Complaint Center (IC3) recently released their 2006 Internet Crime Report. The IC3 receives complaints online and by telephone. They refer them to the appropriate law enforcement agency. Here are highlights of the report:
1. Complaints received on the IC3 website - 207,492 (While this is a 10% decline from 2005, dollars involved in the claims rose.)
2. Complaints by category:
Auction Fraud - 44.9%
Non-delivery - 19.0%
Check fraud - 4.9%
Credit/Debit card fraud - 4.8%
Computer fraud - 2.8%
Confidence fraud - 2.2%
Financial institution fraud - 1.6%
Identity theft - 1.6%
Investment fraud - 1.3%
Child pornography - 1.0%
3. Total dollars lost in fraud cases for 2006, $198.44 million. This is an increase over 2005 by 8.37%.
4. The mean dollar loss was $2,529.90 and the median was $724.00.
5. Referrals by Amount of Dollars Lost:
$.01 to $99.99 - 15.6%
$100 -$999.99 - 39.4%
$1,000 - $4,999.99 - 31.6%
$5,000 - $9,999.99 - 7.6%
$10,000 - $99,999.99 - 4.7%
$100,000+ - 1.0%
6. Amount lost by category:
Complaint Type
Median $ Loss per Complaint
% of Reported Total Dollar Loss
Nigerian letter fraud
$5,100
1.7%
Check fraud
$3,744
11.1%
Investment fraud
$$2,694.99
4.0%
Confidence fraud
$2,400
4.5%
Auction fraud
$602
33.0%
Non-delivery
$585
28.1%
Credit/Debit card fraud
$427
3.6%
7. Over half of the perpetrators resided in one of these states, ranked from the highest to lowest:
a. California - 15.2%
b. New York - 9.5%
c. Florida - 9.3%
d. Texas - 6.5%
e. Illinois - 4.5%
f. Pennsylvania - 3.3%
g. Tennessee - 3.2%
h. North Carolina - 3.1%
i. Ohio - 3.1%
j. New Jersey - 3.0%
and the United States contained 60% of the perpetrators, as you can see by the country of origin ranking:
k. United States - 60.9%
l. United Kingdom - 15.9%
m. Nigeria - 5.9%
n. Canada - 5.6%
o. Romania - 1.6%
p. Italy - 1.2%
q. Netherlands - 1.2%
r. Russia - 1.1%
s. Germany - 0.7%
t. South Africa - 0.6%
8. Losses by Age of Complainant Demographics (Average (median) $ Loss per Typical Complaint_
Male - $920
Female - $545
Age - Median Loss
<20 - $500
20-29 - $702
30-39 - $786
40-49 - $827
50-59 - $860
60+ - $866
9. Top 10 states where complaints originated from:
a. California - 13.5%
b. Texas - 7.2%
c. Florida - 7.1%
4. New York - 5.5%
d. Pennsylvania - 4.0%
e. New Jersey - 3.6%
f. Illinois - 3.5%
g. Ohio - 3.3%
h. Virginia - 3.0%
i. Michigan - 2.9%
10. While email was the most common method scammers used to contact their victims, there are others to watch for:
Email - 73.9%
Webpage - 36.0%
Telephone - 17.7%
IM - 12.0%
Snail mail - 10.3%
Wire - 6.3%
Fax - 4.0%
Bulletin board - 3.7%
Chatrooms - 2.4%
In person - 1.5%
Newsgroups - 0.6%
The complete report is available here.
Monday, April 23, 2007
The Chicken was Almost in the Hen House
Curtis Hamilton, 26, was a recruit with the Atlanta police department. He passed all the background checks and was hired on March 20th. While awaiting the start of the police academy, Hamilton was on administrative duty which is common. He was asked to enter personal information in the computer system. These records are verified against a national criminal database which now showed a warrant for his arrest.
Hamilton was arrested based a warrant issued by the Delaware State Police. In January a Wachovia Bank in Delaware was robbed and Hamilton was identified as the robber.
It would seem Hamilton was hired quick enough to fly under the radar screen but got caught in a net afterward. His warrant was entered into the system two weeks after he was hired.
Curtis Hamilton, 26, was a recruit with the Atlanta police department. He passed all the background checks and was hired on March 20th. While awaiting the start of the police academy, Hamilton was on administrative duty which is common. He was asked to enter personal information in the computer system. These records are verified against a national criminal database which now showed a warrant for his arrest.
Hamilton was arrested based a warrant issued by the Delaware State Police. In January a Wachovia Bank in Delaware was robbed and Hamilton was identified as the robber.
It would seem Hamilton was hired quick enough to fly under the radar screen but got caught in a net afterward. His warrant was entered into the system two weeks after he was hired.
Friday, April 20, 2007
What to do when doing time?
Morocco Curry, 34, is currently in prison serving a three-year sentence for identity theft at Centinela prison in California. Having a lot of time on his hands, he used the prison phone to make collect calls to his friends, Vanieca D. Samuels, 39; Brenda K. Butler, 47; and Tracy Chambers, 34.
Curry and his friends are now facing felony identity theft charges as they used the stolen account information of among others, Gabor Csupo to order replacement credit cards. Csupo is an Emmy award winner and helped create the children's cartoon "The Rugrats" and he has also worked on "The Simpsons."
The group began their identity theft scams last December with Curry already behind bars. The group has stolen tens of thousands of dollars from major credit card companies. If convicted, these charges could have the four spending the next two years together. Hopefully they'll spend more time making license plates than on the telephone.
Morocco Curry, 34, is currently in prison serving a three-year sentence for identity theft at Centinela prison in California. Having a lot of time on his hands, he used the prison phone to make collect calls to his friends, Vanieca D. Samuels, 39; Brenda K. Butler, 47; and Tracy Chambers, 34.
Curry and his friends are now facing felony identity theft charges as they used the stolen account information of among others, Gabor Csupo to order replacement credit cards. Csupo is an Emmy award winner and helped create the children's cartoon "The Rugrats" and he has also worked on "The Simpsons."
The group began their identity theft scams last December with Curry already behind bars. The group has stolen tens of thousands of dollars from major credit card companies. If convicted, these charges could have the four spending the next two years together. Hopefully they'll spend more time making license plates than on the telephone.
Thursday, April 12, 2007
If you remember the old TV commercials for oil changes or something to your car, the guy said "you can pay me now, or pay me later." Even if you don't remember the commercial, the saying is true today about data breaches.
Forrester Research examined 28 companies that had data breaches and attempted to put a cost to the work involved in dealing with these information security issues. "After calculating the expenses of legal fees, call centers, lost employee productivity, regulatory fines, stock plummets, and customer losses, it can be dizzying, if not impossible, to come up with a true number," wrote senior analyst Khalid Kark. "Although studies may not be able to determine the exact cost of a security breach in your organization, the loss of sensitive data can have a crippling impact on an organization's bottom line, especially if it is ill-equipped, and it's important to be able to make an educated estimate of its cost."
What Forrester came up with was a cost per record of between $90 and $305. As you review your procedures, training and budget, ask yourself if you'd rather control the cost up front with a lower amount for solid protection, or $90 - $305 after your reputation is damaged? Pay it now, or pay it later. As you go into the second quarter, review your multi factor authentication to see how it is doing, and review data security measures while you're there.
Forrester Research examined 28 companies that had data breaches and attempted to put a cost to the work involved in dealing with these information security issues. "After calculating the expenses of legal fees, call centers, lost employee productivity, regulatory fines, stock plummets, and customer losses, it can be dizzying, if not impossible, to come up with a true number," wrote senior analyst Khalid Kark. "Although studies may not be able to determine the exact cost of a security breach in your organization, the loss of sensitive data can have a crippling impact on an organization's bottom line, especially if it is ill-equipped, and it's important to be able to make an educated estimate of its cost."
What Forrester came up with was a cost per record of between $90 and $305. As you review your procedures, training and budget, ask yourself if you'd rather control the cost up front with a lower amount for solid protection, or $90 - $305 after your reputation is damaged? Pay it now, or pay it later. As you go into the second quarter, review your multi factor authentication to see how it is doing, and review data security measures while you're there.
