Our daily lives have been immensely transformed by digital technologies and the cyberspace. However, the greater interconnection and dependency attributed to internet pose much greater peril. It has created new and unimaginable opportunities for both financially and ill motivated cyber criminals and those who intend to harm vulnerable members of our community. Well-structured criminal gangs are increasingly using this avenue to commit both conventional crimes such as theft and fraud and also new crimes enabled by progressing innovations.
In a nutshell, cybercrime entails the utilization of computer know-how to abet commission of offences. Generally, cybercrimes are categorized into three classes depending on the role played by the computer. There are instances where a computer facilitates, is the object of, or its use is incidental to, commission of offences. This paper burdens itself with discussing the trends in scams associated with cybercrime. Cybercrime scams that have gained popularity among cyber criminals include ‘phishing’, ‘pharming’ and ‘key logging’.
Phishing is a form if internet scam that mainly target internet banking systems, online auction sites or other online payment facilities. It denotes the use of a high-tech spam to deceptively obtain the right to use other people's internet banking details. It entails the sending out of spam e-mails alleging to be from a bank by criminals to numerous random email addresses. The criminals then gather legitimate bank customer's account access information by luring unsuspecting customers into disclosing their sensitive personal banking details. It conventionally take s the form of a tempting email that invites an unsuspecting user to pursue a link to a web page disguised as the bank’s and submit their details.
‘Pharming’ is another type of cybercrime scams. As opposed to phishing, scammers do not entice their targets with emails. Instead, they employ a skill called ‘pharming’ which involves installation of malicious software that re-directs an innocent user to a sham website notwithstanding having accurately keyed in the web address.
In addition, ‘key logging’ is a more recent scam taking root in cyberspace. In this type of cyber scam, user’s personal and sensitive details are captured by a malicious program. It does so by recording the keys punched on the user’s computer and subsequently sending them to the offender. The software by and large finds its way into the target’s computer by attaching itself to an e-mail or other downloads.
Furthermore, there has emerged a type of scam known as ‘Nigerian letter’ or ‘lottery’ as well as ‘Spanish lottery’. This scam endeavors to ensnare victims into a form of fraud referred to as an ‘illegal advance fee’. They are normally facilitated by emails. In spite of the various theories associated with these scams, the cybercriminal generally asks the victims to provide bank account or personal information in order to receive a fictitious financial bonus usually after an initial exchange of emails with the victim. The pledged extra money may take the form of a hefty bank transfer, gamble jackpots, or a huge bequest. Eventually, the criminal does not keep their end of the bargain the victims having parted with large sums of money to cover various sham costs and charges notwithstanding.
Profiling cyber criminals has proved to be no easy task owing to their faceless nature. However, attempts have been made to profile them based on their scope of expertise. Profiles that have been identified include; cyber punks, toolkit newbies, coders, hacktivists, internals, professional criminals and cyber-terrorists. The most suitable profiles for criminals committing scam-related cybercrimes are cyber-punks and coders.
Cyber-Punks, for instance, are generally skilled in writing short programs, which they use essentially for disguising web pages, spamming, credit card or personal details theft, and telecommunications fraud. These cyber-criminals tend to show off their proficiencies and accomplishments. Therefore, they would mostly engage in ‘phishing’ form of cyber scam.
On the other hand, coders are synonymous with ‘pharming’ and ‘key-logging’ cyber scams. This class of cybercriminals is skilled in writing codes designed exclusively to damage other systems. Moreover, they have hidden intentions and spread spywares and Trojans to achieve these ends. Recognizing the gravity of the threat posed by cybercrime, various law enforcement initiatives have been put in place in a bid to curb the crime. The mandate of investigating federal cybercrime has been vested on federal law enforcement agencies such as the Secret Service, the Federal Bureau of Investigation, the Immigration and Customs Enforcement (ICE), the Postal Inspection Service, and the Bureau of Alcohol, Tobacco and Firearms (ATF).
Cybercrimes have no respect for jurisdictional boundaries. For this reason, operational partnership within the larger law enforcement fraternity has been resorted into. Such partnerships have lead to the establishment of the Internet Crime Complaint Center (IC3) which is a joint venture between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). It has been mandated with receiving, developing, and referral of criminal complaints regarding the hastily escalating sphere of cybercrime. The IC3 gives the victims of cybercrime a convenient and user-friendly reporting mechanism that notifies the authorities of any alleged cyberspace infringements. It further serves as a central referral mechanism for cyberspace complaints to law enforcement and regulatory agencies. Additionally, it has played a pivotal role in evading duplication of efforts that are synonymous with enforcement partnership efforts across national and local levels.
Moreover, the FBI, it has instituted collaboration with the private sector, which is more often outfitted than the Bureau to identify cybercrimes and their persistently dynamic uniqueness. In addition, it has listed cybercrime as their third priority. Hence, it has made it possible to leverage against attraction of more resources aimed at enhancing the bureau’s investigative capacity and capability to address cybercrime.
Prevention of cybercrime from happening as opposed to responding to it after its occurrence is among the initiatives that have been adopted by the law enforcement agencies. In many cases, effective preventative mechanisms have proved to be relatively less costly and easy to implement. Thus, the agencies have adopted a proactive approach in anticipating where new threats might emerge and neutralizing them. Active measures have been taken to educate users of cyberspace on the need to take steps to avoid falling victim to cybercrime. Most of them have been made aware on how to identify elements of cybercrime and reporting mechanisms.
There is no express law that explicitly stipulates the penalty for scamming. However, convicts of scam-related cybercrimes could be punished under various cybercrime statutes depending on the specific circumstances of each case. These offences carry penalties varying from a class B misdemeanor to a class B felony. The Information Technology Act-2000 criminalizes computer source document tampering and stipulates a punishment of up to 3 years of imprisonment, and or a fine, of any person convicted of changing the source code on a website or any computer program.
Identity theft involves any identification device, from an online banking password to a credit card number. The penalties for this crime range from a fine, forfeiture of property to a maximum prison term of 15 years. The penalties for identity thefts used to commit terrorist offences are more severe. It is through hacking that most of cybercrime scams are committed. Penalties for hacking vary from paying a large fine to an imprisonment of up to 20 years, depending on the seriousness of the crime and the extent of damage caused by the crime. Spamming is enshrined in the 2003 CAN-SPAM Act which illegalizes sending out numerous unsolicited mails. The penalties can range from a fine to imprisonment for up to 5 years or both. Probation sentences for computer crimes are also available either as exclusive penalties or in addition to imprisonment or fines.
In conclusion, cybercrime is here with us to stay. Although our domestic law enforcement agencies have made tremendous strides in combating it, a globally harmonized framework of effective legislations and enforcement is paramount. Moreover, laws anti-cybercrime should focus on penalizing the criminalized act rather than regulating the technology itself, coupled with severe penalties. It is critical for a multi-sectorial approach to be embraced at the international level. The same should seek to bring on board all the players in order to effectively reign on the different phases of cybercrime with the overall intention of making the world a safer place.
References
Doyle, C. (2010). Cybeercrime: An Overview of the Federal Computer Fraud and Abuse Statute and Related Federal Criminal Laws. CRS Report for Congress.
Jaishankar, K. (2011). Cyber Criminology . Boca Raton: CRC Press.
Vonderembse, M. A., & White, G. P. (2013). Operations Management. San Diego: Bridgepoint Education, Inc.