Norton’s Cybercrime Report: The Human Impact Reveals Global Cybercrime Epidemic and Our Hidden Hypocrisy

by ‎09-08-2010 12:01 AM - edited ‎09-07-2010 11:51 AM

A groundbreaking study from Norton just released today, called the Norton Cybercrime Report: The Human Impact, shows the widespread problem of global cybercrime (including viruses, identity theft, online hacking, online harassment, online scams, phishing and sexual predation) and some of the conflicting beliefs about our own illegal or unethical online activities. 7,000 adults in 14 countries around the world participated in the study. The first part of the study, demonstrates that being a cybercrime victim (65% have been a victim) is a truly global phenomenon, and how powerless most of us feel. The latter part of the study explores our own online activities that seem questionable, such as online lies, spying on others, and the illegal downloading of media files.

 

We feel both angry and guilty

 

The most victimized are in China (83%), Brazil and India (tie at 76%) and the US (73%).  Are we just passively accepting our fate? No, of course, we feel extreme and varied emotions ranging from anger (58%) to fear (29%), helplessness (26%) and guilt (78%).  Associate professor of psychology at Loyola Marymount University Joseph LaBrie, PhD, describes a “learned helplessness” for online victims. “It’s like getting ripped off at a garage – if you don’t know enough about cars, you don’t argue with the mechanic. People just accept a situation, even if it feels bad.”

 

Few of us report cybercrime

 

A frustration I often feel is when we need good statistics about cybercrime from law enforcement and the government. The numbers you can get often feel very low, especially when you compare them with data from the Norton Cybercrime Report: The Human Impact. Though we found nearly 7 out of 10 adults globally experience these forms of online crime, we don’t find similar data from official sources. The primary reason is not enough people report online crimes to law enforcement. Either we don’t know we can or we don’t see any reason to do so if the perpetrators are unlikely to be caught.

 

We learned in our study that 80% of us don’t expect cybercriminals to be brought to justice. I recently spoke with a lawyer in Los Angeles who’d had his online email hacked and scam emails sent to all his friends. He didn’t see any point in going to the police to report it since they wouldn’t have the time or resources to investigate it. Symantec’s Adam Palmer, Norton Lead Cyber Security Advisor, says, “Many criminals reside in a foreign country so it’s no surprise that people regard them as “faceless” – they physically are. And, because international cybercrime is hard to uncover and prosecute, people genuinely aren’t seeing justice being done.”

 

Instead of turning to law enforcement for assistance with cybercrime, people contact the organization or entity related to the specific crime. 48% will contact their bank, 34% will contact their email provider or the website involved. Forty-four percent  will contact the police. We found that people in the UK and US were most likely (63% and 59% respectively) to contact their bank or financial institution, likely related to government required reporting of data breaches and consumer protection laws supporting the victim’s rights in cases of bank and credit fraud.  Swedish and Japanese citizens were the most likely to turn to the police, (74% and 52%). We’d do well to see how those locations handle reports of cybercrime, both in terms of intake and using the information to find and prosecute criminals.

 

Our own online activities cross into hypocritical, unethical territory

 

The anonymous online world we live in enables many of us to engage in activities that would be clearly illegal if done in the physical world. Nearly half of respondents to the Norton Cybercrime Report: The Human Impact felt it “legal” to download a single music track, album or movie without paying (17%, 14%, and 15% respectively.) So while we’re besieged by online cybercrime, we often engage in forms of online theft, misrepresentation, defacement and simple lying without recognizing our own hypocrisy. We are complicated beasts, aren’t we? Anne Collier, of NetFamilyNews and co-chair of the Congressional committee, “Online Safety & Technology Working Group” said, “Sometimes people create alternate identities or screen names online if they want to say something anonymously. Research also shows that users will fictionalize their social network profiles to fend off people who aren’t their friends offline.”

 

We make these questionable choices all the time, often without recognizing them. Ever taken someone else’s picture and edited, emailed or posted it online without first getting permission? You’re not alone, globally 30% do this and think it’s ok. Ever secretly viewed someone else’s email or browser history? Your spouse’s, child’s, work colleague’s? Admit it! 1 in 4 of us does that! Even more shocking, plagiarism (using another’s research or work) is an accepted practice by 17% of us.

 

Are you in the online dating world? If you are, I’d bet you’re not surprised to find out that lying about one’s persona online is practically the norm for nearly half of online people globally. A third have used a fake online identity, 45% lie about personal details (age, sex, income, etc). Germans are adept at this: more than half (53%) have a fake online ID and 51% have lied about personal details. It’s even more common in places like China, Brazil and India. Contrast that with people in the UK, relatively squeaky clean with only 18% using a false online ID or 33% lying about personal details.

 

We’re adapting our online activities around cybercrime

 

Perhaps it’s only natural that just as you lock your doors at home to prevent break-ins, we’re still figuring out the online forms of security (both technical and behavioral) to best defend ourselves against cybercrime.  We’ve learned not to share passwords (75% globally), to safeguard our personal information (73%) and to avoid email attachments from strangers (71%). Of course, some countries are more cautious in others.  For example, in Australia, 80% of adults report don’t open emails from strangers to avoid malware. New Zealanders are protective of their passwords with a whopping 86% never sharing theirs.  And in the Northern Hemisphere, 81% of our Swedish friends are extremely careful with their private information as compared to 73% globally.

 

A global opportunity for change

 

We can influence change in our world of cybercrime. Each of us can recognize the choices we make online and seek to reduce our illegal or unethical actions. We can pay attention to cybercrime around us and report it diligently to appropriate authorities. Even when our local law enforcement tells us they lack resources or talent to investigate cybercrime, insist they take it on and file the report. This will help ensure that when your elected officials determine where to appropriate funds, they’ll begin to see the true size of the cybercrime world and address it more effectively.  We can promise to use internet security on every computer and device we connect to the internet. We can aspire tochange our behavior to reduce our online risks. And we’ll educate our family about cybercrime so they can learn to avoid it as well. To learn more about cybercrime please visit our website at www.everyclickmatters.com.

Comments
by shawns on ‎09-11-2010 10:29 AM

Fantastic article!

 

I have some questions though, what is Symantec doing to try and curb the explosion of small time internet criminals and "hacker" boards? 

 

For example, Ryan1918.com is a website that caters to criminals, they offer sales support distribution and installation of botnet executables, as well as selling compromised email accounts, online accounts porn accounts etc etc.

 

They even offer for sales and service of an Electronic ATM skimming device.

 

when contacting the owner of the site rlee1918@gmail.com in an effort to have this content removed,, I received this reply:

 


From: rlee1918@gmail.com

Oh yeah you sure about that? The Head network engineer of www.watchguard.com is very actively on my site, and I could mention another 100+ members that are very into the malware community, including the team leader of Norton Antivirus, along with many many more..

 

So my question is, does Symantec have a plan for dealing with sites like this and is the "team Leader" of Norton Antivirus find sites like this a "valuable tool" in the malware security/research industry?

 

 

Thanks for your time :)

 

Regards

by on ‎09-12-2010 03:36 PM

Hi Shawns,

 

If you see illegal activity on a website, I would report it to ic3.gov, the federal government's website for reporting cybercrime. You can also visit your local FBI office or call your district attorney's High Tech Crimes Unit. They may refer you to another agency but it would be worth investigating further.

 

With regard to the claim about one of our staff being a regular commenter on a site, I have no information to support this claim. I can pass it along to the senior managers for review.

 

We have many ongoing efforts to report cybercrime to law enforcement but I'm not able to comment on any particular website.

 

best wishes,

Marian