Cyber crime on the Internet

Cyber crime consists of specific crimes dealing with computers and networks and the facilitation of traditional crime through the use of computer: hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.

Over the past several years, the Internet has become increasingly "dirty".  It isn't just about the thousands and millions of concurrent security incidents (automated, malicious code-based and other) happening every minute of every day.  While many spam operations use botnets and operate all around the world, a lot of the big players own their own network space and operate hosting farms, which are constant and "legitimate" for years now.  Criminals register thousands of domain names every day from which they are able to run activities including phishing, malware, DDoS attacks, and presentation of highly inappropriate or illegal Internet content.

As you may assume, cyber crime is a huge business that is often highly organized, incorporating operations departments, research and development, and even outsourcing practices. They collect statistics to make sure their revenue stream is maintained, and act to rectify the situation if it isn't.

They have contingencies in both design and operations to ensure they are never "down".  For example, they will often register domain names for use just for a few minutes and then discard them. Some sites employ botnets, which immediately jump to a new location if one "goes down" or is removed.  Indeed, such malicious sites have become expertly adept at disappearing and reappearing, fully functional, at another web address or domain. Cyber crime is also highly adaptable.  Just as we learn how to avoid one form of crime, a new and unknown form hits the web (e.g. fast flux technique).  

Such inappropriate and illegal activity creates an economic problem for all of us, consumers and businesses alike.  Unfortunately, current law enforcement efforts or preventative security technology are not sufficiently keeping up with the volume and level of crime being perpetrated.  

Consider the following conclusions by a recent UK on-line Fraud Report (source: Cybersource.co.uk) published in  lists in-depth information on Internet commerce fraud - report for the year 2007:

• 4% of adults have stopped Internet shopping all together. In the entire population, only half use the Internet for shopping.

• Almost 60% of users of Internet shopping sites have not changed their habits, though they have become more careful and are aware of the dangers.

• 84% of visitors are convinced that they are on a safe site, even if they are not.

• 82% of visitors only buy at large, well-known sites they feel they can trust.

• Despite innumerable instances of fraud, the on-line economy continued to grow by 20% in 2007. According to APACS, eCommerce yield an average 28 billion Euros per year.

For this reason, Internet endeavors must be protected and made safe, reliable and consistent for all users.

All manufacturers agree that the fight against on-line fraud should be more organized and researched.  In fact,  investments in preventing fraud in medium sized businesses rose to above 220.000 EUR last year.

Public opinion on who is responsible for safe on-line shopping, however, is divided, with only about 4% of users considering it solely a law enforcement matter.

• One fourth of all users are of the opinion that the owner of the website is responsible for stopping fraud.

• A fifth of all users think that Internet service providers should be responsible for the safety against fraud.

While it is clear that law enforcement efforts alone can not adequately address the safety of on-line commerce, very few effective fraud prevention alternatives are available to companies wishing to take matters into their own hands ... until now.

Company On Net is an independent, highly secure verification system which provides company authentication, website validation, and highly developed security measures to prevent on-line fraud.  With a Company On Net seal, users can get  instant, official, and factual information about the company in question within a few seconds.  We are delighted to offer our services as a means for merchants and web hosts to take the initiative in preventing cyber crimes and increasing overall consumer confidence in participating businesses. Company On Net gives Internet business endeavors a highly effective option for protecting their domains and on-line transactions.

Because of this, it is constantly increasing, and the most common form is identity fraud. Internet is a useful place to collect data in order to steal identity. Not only identity of the individuals, but also identity of organizations, companies, brands …
The report of The Antiphishing Organization states that in first three months of 2008 hijacking of brands increased (source: Antiphishing.org - pdf). In January 131 brands were hijacked, in February 139 and in March 141.

Internet-related identity theft has been discussed a lot. Gercke ( source: ITU.int - pdf) says, that there are missing identity verification procedures. Gercke was thinking about identity verification of the individuals, visitors on the Internet. But that is not the only option. The owners of webpages, companies should also be under identity verification procedures.

Let us look at the serial fraud events, which were happening this year due to Olympic games in Beijing. Many sites on Internet contain information on how many people bought tickets over the Internet.

Hundreds of sports fans from around the world appear to have been cheated, giving credit card and passport details, and possibly spending hundreds of thousands of dollars for what they believed were genuine Olympic tickets.
The fraud scheme has reportedly affected Americans, Australians, New Zealanders, Britons and others. Victims are said to include family members of the Australian football team competing at the Olympics (source: Expatica.com and Gocek.org and BeijingTicketScam.com).

Buying a ticket for a sports event can be risky. At www.official-tickets.com we can not find any reliable information about the owner of the website or service. We face the same kind of problem trying to buy a concert tickets, train tickets … It is hard to regulate the problem worldwide due to different legislations and regulations in the countries. The problem has to be solved on the Internet and by the owners of the websites or services on the Internet.

On the photo: List of some connected domains in the ticket fraud in June 2008.

Capture of site with fraudulent SSL (June, 2008)