11

Cybercrime: Scams, Fraud and Identity Theft

Nicholaos D. Petropoulos

Daytona State College

CCJ 1020: Introduction to Criminal Justice

Instructor Todd Tiehen

October 6th , 2020

 12

Since the start of civilization, people have broken the laws that their community put into

place. As we have advanced as a race so has the types of crimes and the ways people go about

committing them. For instance, fraud would take place through property cons where people

would sell nonexistent land to investors who thought they would be building homes to people

counterfeiting art and attempting to sell the forgeries to others who thought it was the real thing.

These types of crimes while still going on today have advanced into the cyber world and have

led to millions if not billions of dollars that consumers have lost. The Consumer Sentinel

Network led by the Federal Trade Commission tracks consumer fraud and identity theft

complaints that were filed showing that in 2019, the amount of reports reached 3.2 million with

1.7 million of them being fraud-related with 23 percent of these reporting money was lost. The

reported money lost from just this 23 percent was a staggering $1.9 billion (Statistics of

cybercrime). Since the creation of the internet people have figured out all sorts of ways to

commit crimes through it leaving many people to fall into these new traps. Many of these crimes

use peoples lack of knowledge of computers or online systems to be pulled off and thanks to the

internet can now be done on a global scale. Some of the more popular crimes people commit

online would be fraud, scams, and identity theft.

One of the oldest types of crimes that have transferred to the online world are scams.

Scams play off people's naivety or lack of knowledge of something and take advantage of these

to get money or whatever the perpetrator wants. One of the most notorious scams is the Nigerian

Prince or “419” advanced-fee scam. While having many different variations mainly involved an

email that spoke of a Nigerian prince needing a large amount of money to hire a lawyer to win

back their right to thrown and as a reward the prince would send you money as thanks after he

got his throne back. In actuality, the scammer is impersonating the position of someone in a

government or royal position and is lying about the reimbursement or payoff that the
 13

unsuspecting victims think they will be receiving. This type of scam still goes on today and are

sent in mass to people emails around the world. In a study done by Gibson, Jeremiah Onaolapo,

Gianluca Stringhini, and Lorenzo Cavallaro who researched these 419 advanced-fee scams

through data harvested from an online discussion forum used by criminals who perpetrate these

types of crimes found that they use “socio-political and economic problems prevalent in the

country to craft various fraud schemes to defraud vulnerable groups such as secondary school

students and unemployed graduates.”(Holloway et al., 2017) Other types of scams are lottery

scams and fake surveys. These typically pop up on unsecured websites and tell you how you won

a new phone, $1,000 Walmart gift card, or that you would get a free brand-new computer just for

completing a survey. They normally ask for your private information like your billing address or

email and debit card and look to take advantage of those who believe that they are real.

Another type of scam people fall victim to is online fraud. This is a much broader type of

cybercrime involving where the perpetrator tries to steal your personal and financial information

and then use this information for their own benefit. The USA.gov setup an online safety guide

for those who may be susceptible to these internet frauds can learn how to protect themselves.

Within this guide is a list of the more popular types of internet fraud which are data breaches,

malware, phishing and spoofing, fake internet auction frauds, and credit card frauds. (USA gov,

Online Safety) The first type of internet fraud is known as a data breach. This happens when

sensitive data like financial information gets leaked from a secure location which can then be

used for criminal activities. This could be seen back in 2013 when intruders used refrigeration

and HVAC systems to download their malware onto cash registers and were able to collect

millions of credit and debit card accounts which were then sold to malicious individuals or used

without the card holders' consent. The next type of internet fraud is malware which individuals

could accidentally install onto their computers which leads to the malware being able to access
 14

personal and financial information and sending it elsewhere without the individual's knowledge.

Another type of fraud can occur through phishing emails and websites which try to get your

private information like bank numbers, passwords, and pins. These types of internet fraud try to

exploit the vulnerabilities in people or businesses to their own advantage and get information to

use for nefarious purposes.

Identity theft goes hand in hand with fraud and happens when someone steals your

personal information and uses your “identity” to purchase goods or services. Some of the ways

that cyber criminals go about stealing your identity are through pharming scams, malware, fake

or unsecure websites, and having weak safety precautions on accounts. Pharming happens when

malicious software redirects you to a seemingly “legitimate” site and would then put in their

account information which is then sent to whoever the creator is. For instance, if a fraudster

made a fake version of a bank site that you use and redirects you there, then you may try to input

your credentials to log in thinking it's your actual bank website and unknowingly send the

criminals your login info for them to exploit. As mentioned above you could accidentally get

your private information stolen by accidentally downloading malware which takes your data and

sends it to the fraudster. Another way people go about stealing your identity is by brute forcing

potentially weak passwords. This can be done easily if the perpetrator has some of your

information that is on any number of social media sites like your birthday or even name. Some

instances of simple passwords that many people use are their birthdays or their first name and

some numbers which makes it easy for many people to just guess the password until they get it

right. This type of method has led to many sites and services now offering a multi-factor

authentication which lets the account owner have codes that are sent to their phones that then

need to be put in to log in making it harder for people to get access to your account with just

your email and password.

 15

As criminals learn different techniques to commit cybercrime, the government and other

organizations have worked towards deterring and stopping this type of crime. Many of these

types of crimes attack at people's lack of knowledge of the internet so services and government

agencies have released guides to help improve the general knowledge of those who use the

internet so that they can better protect themselves against these kinds of cybercrimes. These

guides go over the various types of scams that these perpetrators use and how to report them and

avoid them. Programs have also been released like malware protection and virus protection so

that people can check their systems for the viruses and malware that’s already been detected and

are in the system of whatever program they use to help better protect their private information.

As people learn more and more about vulnerabilities in systems, people have also learned how to

seal these vulnerabilities to protect businesses and companies online. This has led to cyber

security which works towards protecting computer systems and networks from cyber criminals.

Similar to how malls have a security guard to protect from any physical threats the mall

may face, businesses and corporations have cyber security to help make their systems less

vulnerable and to protect from external attacks. Cyber security encompasses many different

types of practices that work towards protecting various parts of a system or systems. When

criminals attack a business, they will look for any technical or physical vulnerability that they

can exploit to gain access to the system. The National Cyber Security Centre responds to cyber

security incidents in the United Kingdom as well as working towards educating people about

how cyber-attacks work to reduce harm of cyber security attacks. On their site they have section

that describes the steps of a cyber security attack. In this they explain that when the attacker has

access to the system, they can retrieve information that “they would otherwise not be able to

access, such as intellectual property or commercially sensitive information”, send money to bank
 16

accounts that they possibly control, and disrupt a business by overloading their servers (How

cyber-attacks work).

As we advance in technology and knowledge, so do those who wish to harm others for

financial or personal gain. Everyday these groups and individuals work towards new methods

and exploits to commit cybercrime. Whether it is through scams like the Nigerian Prince scam

that promises its victims false rewards in return for their money, fraud like the target credit card

breach which led to millions of consumers getting their financial information taken from them as

a result of a vulnerability within the Target systems, or identity theft where people get their

online identity stolen and used to pay for goods and services. There are also organizations or

individuals who attempt to harm or exploit companies through cyber security attacks for personal

gain. While this happens, people are trying to defend against these cybercrimes and cyber

security attacks. Government agencies and companies creating safety guides and implementing

antivirus antimalware programs for the public to keep their home systems safe as well as

working towards defending systems and infrastructure as well as looking for vulnerabilities

against those who seek to exploit any weakness for their goals. Both sides are in a race to

accomplish their goals and will continue to evolve as new technology is invented and new

techniques and exploits are found and either exploited for personal gains or sealed for security.

References
Facts + Statistics: Identity theft and cybercrime. (n.d.). Retrieved October 06, 2020, from
https://www.iii.org/fact-statistic/facts-statistics-identity-theft-and-cybercrime
Holloway, G., Mba, G., Holloway, R., London, J., Onaolapo, J., London, U., . . . Authors:
Gibson Mba Royal Holloway. (2017, April 01). Flipping 419 Cybercrime Scams:
 17

Targeting the Weak and the Vulnerable. Retrieved October 06, 2020, from
https://dl.acm.org/doi/abs/10.1145/3041021.3053892
How cyber attacks work. (n.d.). Retrieved October 06, 2020, from
https://www.ncsc.gov.uk/information/how-cyber-attacks-work
Online Safety. (n.d.). Retrieved October 06, 2020, from https://www.usa.gov/online-safety