July 27, 2006 9:34 AM PDT
Report: U.K. failing to fight Net fraudsters
- Related Stories
Keeping kids safe on social sitesJuly 17, 2006
Office hit by another security problemJune 22, 2006
New Excel zero-day flaw used in attacksJune 16, 2006
Kevin Mitnick, the great pretenderJune 14, 2006
Bill puts cops first in data leak notificationMay 11, 2006
Trojan horse: Your money or your filesApril 28, 2006
While 8 percent of all fraud in the U.K. is now carried out online, victims often do not know whom to report the crime to, according to the Fraud Review, a report issued earlier this week by the Attorney General, Lord Goldsmith.
"It is often confusing for victims to know who to report the fraud to, particularly if it crosses geographical or sectoral boundaries," according to the report.
One key factor is that someone who loses money through an e-mail scam or a fake Web site may find that their local police aren't able to follow up the case because those responsible are based overseas.
"Fraudsters benefit from this lack of continuity of response. Internet fraud is a particularly good example of how a fraud can become difficult to report," the authors of the report stated.
"It is clear that fraud suffers under the current crime-reporting arrangements and that this is unhelpful, both to police efforts to develop an intelligence led response to fraud, and to victims, who are frustrated when reporting a crime," the authors continued.
Crimes that involve low-value goods and occur within a different authority may not be investigated by the police and trading standards authorities, the report concluded.
Net fraud illustrated
To illustrate this point, the report outlined an example of a successful Internet auction fraud:
A computer is advertised for 2,000 pounds on an auction site by Mr. Bogus. Mr. Green successfully bids for it, and transfers his money to the seller. The goods never arrive. Mr. Green makes a complaint to the Internet auction company, to the police, and possibly also to trading standards authorities in the area where he lives.
Because Mr. Bogus lives in a different area, with a different police force, police in the victim's area are reluctant to accept the report. Mr. Green encounters a similar situation at his local trading standards office.
Furthermore, if the goods are not worth a large sum of money, it does not appear to be a significant crime, and the police will often not investigate the case, even if they do take a report.
Mr. Bogus remains free to readvertise the computer and performs the same fraud on an increasing number of victims.
The police and trading standards do not identify Mr. Bogus as a repeat offender because the reports of fraud are either not accepted or appear in different jurisdictions.
Even if complaints from victims manage to get the goods removed from the auction company Web site, Mr. Bogus may advertise again on another site.
The "victimless" crime
The report criticized the attitudes of some police officers toward fraud perpetrated against businesses, saying that "there is often, though by no means always, a perception that fraud against business (is) somehow 'victimless.'"
The police were also criticized for being unsympathetic towards businesses fooled by tricksters.
"There is often...an attitude that victims of fraud should have done more to protect themselves," according to the report. There was also "a pragmatic realisation that fraud is not a policing priority and so is unlikely to get investigated," it said.
Many fraudsters and cybercriminals operate abroad, which makes it very difficult for the police to pursue them, according to security experts, who agree that jurisdiction issues and lack of resources are major problems for law enforcement.
"There's a danger with tech crime that the authorities don't think it's worth pursuing," said Graham Cluley, senior technology for Sophos. "There's not a great willingness to investigate these things. Criminals using the Internet have already done their getaway--they're in Brazil."
"You can bounce the crime around the world, and it's harder to follow the paper trail," said Cluley.
Legal experts agreed there is an enforcement problem with Internet fraud.
"The Internet has provided new opportunities for fraud to be committed and it is now a significant problem for both businesses and individuals," said David Woods, an associate and litigation expert with Pinsent Masons solicitors.
"The current system has made it difficult to coordinate efforts among the various law enforcement agencies to effectively tackle fraud," Woods told Out-Law.com.
Lord Goldsmith's report claimed that many of the proceeds of fraud go to organized criminals, and that the harm caused is second only to trafficking in hard drugs. To overcome the problem of reporting these crimes, the Fraud Review proposed establishing a National Fraud Reporting Centre for businesses and individuals.
This center would receive reports, analyze them, identify patterns and trends, and provide police and other investigative agencies with information to target investigations.
U.K. consumer confidence has been battered by online fraud. The 2002-03 British Crime Survey results showed that 75 percent of respondents were worried about the security of using a credit card online.
The U.K. telecommunications industry has also been severely affected by fraud, with 866 million pounds, or 2.4 percent, of annual retail revenue being lost to fraudsters in 2004.
Tom Espiner of ZDNet UK reported from London.
3 commentsJoin the conversation! Add your comment