Consumers Report $239 Million Lost To Cyber Fraud In '07
U.S. consumers reported losing more than $239 million from online fraud last year, up from $198 million in 2006, according to data released today by the FBI.
Internet auction fraud (35.7 percent) and merchandise non-delivery (24.9 percent) were the most frequently reported types of cyber fraud. The median loss amount per fraud incident last year was approximately $680, the report said. The most costly scams involved investment fraud, which cost consumers about $3,500 per incident -- and check fraud ($3,000). In nearly 74 percent of the cases, the perpetrators contacted the victim via e-mail.
The full report is available here (PDF).
The FBI cautions, however, that some fraud reports may have been misclassified by victims. For example, it works closely with auction giant eBay, which routinely refers fraud victims to the FBI's Internet Crime Complaint Center (IC3), the organization that published these figures. The report notes that many consumers referred to the IC3 by eBay may actually have been victimized by phishing attacks, which use e-mail to lure people into entering their personal and financial data at fake bank and e-commerce sites. eBay and its online payment service Paypal.com were the top two brands impersonated by phishers in February, according to Phishtank.com, a Web site that tracks phishing statistics. Of the 13,208 phishing sites tracked by Phishtank in February, 9,552 -- or 72 percent -- were fake eBay or PayPal sites.
The numbers in the FBI's report come from nearly 220,000 fraud complaints reported last year to the IC3, a partnership between the FBI and the National White Collar Crime Center. As such, they should not be viewed as representative of the total cost of cyber crime, because most cyber fraud is not reported, said Tom Kellerman, vice president of security awareness at Core Security Technologies, a Boston based security firm.
"Most [cyber] fraud is related to identity theft, such as setting up fraudulent lines of credit for individuals, and intellectual property theft for corporations which is very difficult to ascertain and measure," Kellerman said. "The real statistic to note is what percentage of cybercrime cases are actually noticed let alone investigated and those of us in the know fully understand that this number is marginal."
Security Fix recently published an analysis on the true costs of cyber crime that offered evidence to suggest the problem may cost businesses and consumers more than $100 billion a year. But that number will remain purely speculative until financial institutions are forced to more accurately classify and report cyber-fraud in all its forms and until regulators start publishing more data about it.
Consumers who believe they have been victimized by cyber crime can file a report with the FBI at this link here.
By Brian Krebs |
April 4, 2008; 12:49 PM ET
Fraud
, From the Bunker
, Misc.
, Safety Tips
, U.S. Government
Previous: Reach Out And Hack Someone |
Next: Beware Targeted Data-Stealing Tax Scam
Posted by: brucerealtor | April 4, 2008 2:10 PM
>is this inquiry legitimate ?????
Of course not! As usual, PayPal would never send out such a request. Cases where PayPal actually limit accounts result in a notification Email. However the correct action is to ignore all links in the Email and just log into the real PayPal site. You'll see a message regarding any limitations at that time if the Email was real.
It's good to know that "the International Police" are on the case! (ROFL)
Posted by: Moike | April 4, 2008 3:45 PM
Post a Comment
We encourage users to analyze, comment on and even challenge washingtonpost.com's articles, blogs, reviews and multimedia features.
User reviews and comments that include profanity or personal attacks or other inappropriate comments or material will be removed from the site. Additionally, entries that are unsigned or contain "signatures" by someone other than the actual author will be removed. Finally, we will take steps to block users who violate any of our posting standards, terms of use or privacy policies or any other policies governing this site. Please review the full rules governing commentaries and discussions.
Speaking of PayPal -- is this inquiry legitimate ?????
\PayPal
Security Center Advisory!
We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization. If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you.
If you are the rightful holder of the account you must verify your PayPal account!
If you receive this email and you are not the rightful holder of the account please be informed that PayPal works with the International Police and any illegal acts will be punished according with the law!
Verify your Account
Email address:
PayPal password:
Verify your Email password
Same with the PayPal password
Other
Verify your personal information
Street:
City:
Zip Code:
State (if applicable):
Country:
Social Security Number:
Date of Birth:
--(Ex: 01-01-1900)
Verify your credit card information
Full Name:
Credit/Debit Card Number:
Expiration Date:
/ (Ex:01/2008)
Card Verification Number (CVV2):
By clicking the button "Submit Your Verification" you confirm your identity with us. The verification process is instant.
Your session will be closed after you verify your information.
If you choose to ignore our request, your account will remain limited until you verify your information at your bank.
Thank you for using PayPal! The PayPal Team
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.
To receive email notifications in plain text instead of HTML, update your preferences here.
PayPal Email ID PP697