The report points out that many experts speculate that not all cybercrime is reported or even discovered. Additionally, the standard for classifying it varies from state to state, which makes it hard to evaluate current statistical data. Given these factors, many believe the problem is understated.
In looking at the enforcement level by the states, the Center for American Progress and the Center for Democracy and Technology gathered information from annual and biennial reports, Web sites, news articles, and the bimonthly Cybercrime Newsletter released by the National Association of Attorneys General.
Data from the Cybercrime Newsletter revealed that 60 percent of the cases prosecuted were for the sexual enticement of minors or pornography. Crimes involving the theft of information or identities represented 8.9 percent of the total, and 15.5 percent involved online sales and services. The majority of the cases involving online sales and services were for false advertising or the quality of a product or service.
The conclusion given by the researchers is that not very many crimes involving phishing, spyware, spam, adware, and hacking were being effectively investigated or prosecuted. "Internet crime requires almost no expense to execute, carries potentially high financial rewards, and involves relatively little risk of being caught and punished," according to the report.
The monetary cost of all this activity isn't cheap, either. In 2007, an estimated $7.1 billion was lost due to phishing, viruses, and malware in the United States alone. Given that the estimated losses in 2006 was a mere $2 billion, this would lead a reasonable person to speculate that the problem is a growing one. Worldwide estimates put the losses at about $100 billion.
The report gives a possible reason for the increase in activity. With few overhead or start-up costs, a phishing group can net about $250,000 a month and operate anonymously from just about anywhere in the world.
Do it yourself (DIY) phishing kits for sale on the Internet have been cited as a primary cause of more and more activity, too. Some of these DIY kits even come with technical support. The bottom line is that it no longer takes much technical knowledge to become a phisherman.
Article comments