Cybercrime is big, troubling business

I was surfing through some security news this weekend and ran into an interesting article on SecurityFocus. The article references a report that states that the reported damages from cybercrime and fraud rose by more then 20% from 2006 to 2007.

One interesting piece of information turned up by the report is that while identity theft is the most commonly cited example of cybercrime, other criminal activities like auction fraud are causing greater monetary damage.

This is alarming to me both as a consumer and as a developer of security software. As a consumer if I want to buy something on eBay is it safe to do so? If a seller has a very good reputation does that make him more likely to be the target of a hacker who wants to hijack his account in order to create fraudulent auctions? I'm not sure how often, if ever, this happens but it is still a troubling thought.

Alternately, as a developer what can be done to protect the consumer in this case? Of course protecting the integrity of both the buyer's and seller's accounts is critical. If the accounts aren't compromised then reputation systems will eventually weed out the bad apples and keep the incidence of fraud fairly low. Could you detect a fraudulent auction though? Are they setup similar to cookie-cutter spam messages? Do they contain lots of spelling errors? I'm sure eBay does a lot of work in trying to weed out auctions that are suspect.

Additionally, beyond the actual monetary damages report, what damage is done when we live and work in a world where we aren't sure we can trust the party on the other end of our transactions? Alan Greenspan has stated that "the vast majority of trades must rest on mutual trust and only indirectly on the law." If Cybercrime continues to expand and become more entrenched in the fabric of the internet shopping experience and consumers become more skeptical about doing business online what effect does that have on the global economy as a whole?

If you purchase from reputable vendors shopping on the internet is a very safe and simple thing to do, but the increase of reported cybercrime damages is a troubling trend not only in the number of dollars that are stolen but also in the effect it has on consumer trust and confidence in internet commerce.

Message Edited by jgonzales on 02-11-2009 07:05 PM


Re: Cybercrime is big, troubling business

Thanks for commenting. Norton 360 and Norton Internet security have several pieces of technology that might interest you. There is built in phishing protection in the latest versions of the product that will protect you if you are somehow tricked into going to a malicious webpage masquerading as a legitimate one.

This being said, it is still important to make sure that you're doing business with vendors that you trust because in some regards you are at the mercy of the merchant. However, this is no different than shopping at a traditional brick and mortar store. In fact, My wife's credit card was actually one of the cards identified as potentially compromised in the recent data theft as the Hannaford's chain of grocery stores.

So if you protect yourself against phishing, and try to make your online purchases through vendors that you trust, then you are as safe shopping online as you are shopping at the grocery store or mall.

However, if you want to add an additional level of protection against data theft there is an option. Some banks and credit card companies are starting to provide services where you can obtain a unique credit card number that is usable only once and is linked to your account. This would allow you to shop safely anywhere knowing that the number you used would not be valid if an attacker were to get a hold of it. You may find this link interesting: http://www.auctionbytes.com/cab/abu/y205/m02/abu0137/s02Message Edited by adam_schepis on 05-02-2008 09:17 PMMessage Edited by adam_schepis on 05-12-2008 08:13 AM

Re: Cybercrime is big, troubling business




I have had my IP address hacked, then they signed into my eBay account using my AI Roboform saved sign-in info, and added two fake auctions, one of these auctions was bidded on, and even though I reported into eBay several times before the auction ended, but after the first bid, eBay refuses to admit that this is possible and has charged me $243.00 for auction fees that they will not refund.  Why does eBay take this tact when it is obvious that they were fraudulent auctions?

Is there anything I can do to protect myself in the future? I am using Norton 360.

Re: Cybercrime is big, troubling business

We just watched ABC Evening news (5/1/08, 6:30pm EDT) and they did a story on ID Theft. They pointed out that much of the cyber theif groups are based in Eastern Europe and attack merchants to steal credit card info.

This concerns me as an on-line shopper. Does the Norton 360 I use offer any protection for this or are we at the mercy of the merchants being responsible to protect our info?

Any comments to explain this will be appreciated.