Internet crime: 2001 to 2007

Since 2001, the Internet Crime Complaint Center (IC3), a partnership between the FBI, the National White Collar Crime Center, and the Bureau of Justice Assistance, has been publishing annual reports on internet crime. I found some interesting tidbits inside.

Most of the complaints submitted to the IC3 are from the United States, but they apparently get a few from Canada, the UK, India, Mexico, and Australia, too. As the graph below shows, the number of complaints rose steadily from the IC3’s inception to 2004, but has since levelled off.

Graph of number of complaints to IC3 between 2001 and 2007

Keep in mind that the numbers above are not necessarily representative of the number of internet crimes that occur in the United States; the IC3 reckons that enforcement agencies learn of just one in seven incidents of fraud.

The trend from year to year may be a more useful measure of how prevalent internet crimes are, but the first year or two (when the IC3 was relatively unknown and complainants would not know to call them) probably makes the rise in crime in the early 2000s look more dramatic than it was.

Typical Losses

Suppose you find yourself calling the IC3 hotline some day — what amount would you likely be calling to report stolen? To get an idea of what is typical, we need to know what the median loss is.

The median is particularly useful for discussing how most people are affected by internet fraud because the measure isn’t skewed by a small number of extreme cases. The IC3 says that the median loss across all types of internet crime in 2007 was $680*, although the amount varied widely depending on the caper.

Graph of median loss across categories of internet crime

The upshot is that check fraud, Nigerian letter fraud (which I’ve written about before), and confidence fraud tend to sting their victims for big sums, but they are also rare. They account for about 14% of the reported total, while lower value crimes like auction fraud, non-delivery of merchandise, and credit/debit card fraud make up nearly 70%.

Inegalitarianism of fraud

Since the IC3 began tracking both statistics in 2004, men have made more complaints and reported larger losses than women. That’s interesting, but I wonder why.

Graph of male complaints and losses as a percentage of female complaints and losses

Are men more gullible than women when it comes to internet fraud? That could very well be true. There are other possibilities, too. Perhaps men don’t bother reporting small frauds or women are too embarrassed to report large frauds. Or perhaps men regularly engage in larger internet transactions, inevitably losing larger amounts when deals goes bad.

Each of these scenarios could provide data like what we see in the graph above, but there’s nothing in the IC3 reports that would help us distinguish between them. Feel free to contribute your preferred narrative in the comments!

*All amounts in USD.

Read more about fraud

Handling firewall alerts

A good firewall does two things: it stops other computers from accessing your computer and it notifies you when programs on your computer want to access other computers (the internet). Firewalls usually block attacks on your computer without much fuss, but they often ask for your opinion before blocking a program on your computer from phoning home. So, suppose you get an alert from your firewall like the one below:

ZoneAlarm alert balloon

What is msfeedssync.exe? Should you let the program access the internet? If you aren’t familiar with the program name, I recommend searching Google. Just type in “msfeedssyinc.exe” and hit search. Here is an image I pulled from the search results page:

information about msfeedssync.exe program

The decision

In my case, since I don’t use Internet Explorer’s feed features, I decided to deny internet access to msfeedssync.exe. It probably wouldn’t have done any harm to give the program access, but it also doesn’t hurt to err on the side of caution. If you later find out that internet access for a program that you previously denied is critical to something you want to do, just open up your firewall program and change the permission settings.

Over time, I’ve come to realize that there are a lot of programs on my computer that want to send data somewhere, but don’t really need to. And by paying attention to the alerts, I’ve caught a couple of spyware programs before they were able to send information about me back to their keepers.

Read more about firewalls