Naked Security points to a report the Home Affairs Committee of the U.K. Parliament issued yesterday about the state of cyber crime in Britain. The summary has a gloomy title: UK failing to win the war on e-crime and contains this tantalizing tidbit:
There appears to be a ‘black hole’ where e-crime is committed with impunity. Online criminal activity which defrauds victims of money is often not reported to or investigated by law enforcement. Banks simply reimburse the victims with no pursuit of the perpetrators. Criminals who commit a high volume of low level fraud can still make huge profits. Banks must be required to report all e-crime fraud to law enforcement.
In other words, crimes against banks that net the fraudsters a sum below a certain amount don't get reported, and the banks merely reimburse the victim for the loss to protect the bank's reputation. It doesn't say what that amount is, however the report does say that in 2011 the "Cost of cyber crime to the UK estimated to be £27bn." The number of crimes are growing as the use of social networks grows.
Chapter 4 titled Can web service providers protect our data? is worth a look because it details some of the types of crimes aided by social networks, including identity theft, phishing, theft of personal information, click jacking, advance fee and romance scams, and Twitter direct messages luring victims to an infected website. They throw in cyber bullying and twitter trolling which apparently are crimes in the U.K.
The lesson we should take away from this is that anyone using the net should maintain caution when clicking. At some point banks in the U.K. and the U.S. could try to blame losses on the victims and decline to reimburse them.
In the U.S. the main cyber threat currently, according to an FBI warning, is one whereby the victims somehow allow the Citadel malware platform to load the Reveton ransomware onto their computers which locks the victims' computers and delivers a blackmail message disguised to be from the FBI, DHS or IC3 accusing them of committing a crime and seeking payment for a fine in order to get their computers unlocked.
The FBI's advice: get the computer repaired, report it to IC3, and keep antivirus software updated.
It's a jungle out there.