Fraud is the cause of harm deliberately to others or suspicious acts to achieve unlawful gains! This is the typical form of fraud we know, and more recently the development of the internet and the virtual world became a fertile environment for cyber crime, cyber fraud is no different!
What is Fraud? What is Cyber Fraud, how to spot it, how to report it and how to protect yourself from Cyber Fraud are all important points that we’ll discuss in this article.
What is Fraud?
We all heard and read about Fraud in different sources. But what does this malicious action mean?
Fraud is legally defined as the practice of intentional deception so as to secure unlawful gains or to deprive the victim from one of their legal rights. Fraud can violate Civil Law, then it becomes known as a “tort” where the victim can sue the perpetrator for compensation.
It can also violate Criminal Law, where it is known as a “criminal offense” and the perpetrator can be tracked and detained by authorities. Recently, the form of this deliberate harm doing leaked into the world’s ever growing alternate universe; the cyberspace.
What is Cyber Fraud?
Cyber fraud has become the most common form of fraud taking place around the world, largely due to the pace at which the cyber world moves. Cyber Fraud is a crime that takes place on the internet, where the perpetrator aims at corrupting the personal and financial information of the victim that are stored online.
After the execution of a cyber fraud crime, the perpetrators use the financial and personal information they illegally acquired, to fund themselves and perhaps use them in another frauds as well. Due to the speed of growth of the online world and the increasing dependency upon the usage of the internet and the virtual world, the danger of falling as a victim to cyber fraud increases as well.
Statistics about Cyber Fraud cite the increase in this form of criminal activity. The UK alone lost a total of £190 to fraud and cyber fraud in 2017 alone! Another report by the ONS (Office for National Statistics) declared that cyber fraud is the top form of fraudulent activities that costs governments huge amounts of money.
The key to considering a fraudulent crime as cyber fraud is that it is conducted using a computer or involves computer data. This type of fraud has gained massive seriousness in the past years, making it a crime that must be cracked down upon.
Specially with the increase of usage of internet banking and using the internet for storing personal data such as personal identity, account information and bank accounts. The perpetrator can assume this identity and use the financial and banking information to fund other illegal activities as well.
Examples of Computer Crimes and Frauds
There are many examples of Computer Crimes, otherwise known as Cyber Crimes. Such as:
- Stealing financial or card payment data.
- Identity fraud as in the theft of someone’s personal identity and using it for other purposes.
- Stealing and selling corporate data.
- Email and internet fraud.
- Cyberextortion, as in asking for money otherwise the perpetrator will attack and steal your information. Of this crime comes Ransomware as well.
- Cyberespionage, where the perpetrator steals government or company data, but mainly government data.
- Cryptojacking, this is where the perpetrator uses other people’s resources to cultivate cryptocurrency.
What is Online Fraud in Cyber Security? Or Online Fraud Crimes!
Online fraud is one of the types of cybercrime fraud, which uses the World Wide Web either to hide information or give false information in order to trick the victims of money, property or even inheritance. Online fraud is different from regular theft, because in this type of online crime, the victim willingly gives out their information.
In 2017, in a report released by the FBI called the Internet Crime Report, the number of complains received by the Internet Crime Complaint Center was around 300,000 complaint in that year. In the same year, it was reported that the amount of money lost to online fraud reached $1.4 billion dollars!
The internet security and antivirus giant McAfee conducted a joint study with the Center for Strategic and International Studies regarding online fraud. The study resulted in the discovery that online fraud cost the global economy about $600 billion dollars, which equals around 0.8% of the total global GDP.
There are many ways that the perpetrator can lure in the victim, disguising in several masks that might appeal to the victim. The fraud can take place even if the service the victim is using, only partly uses the internet.
Here are some of the most common Internet Fraud Cases:
1. Charity Fraud:
This type of online fraud has been the most common form of cybercrime. The scammer uses charity work as a front to defraud people of their money. Recent humanitarian charities are often used such as a recent hurricane crisis or a war. However, the usage of global illnesses is more common, such as to fight cancer or Ebola or even working in an orphanage.
Despite the fact that in the beginning such frauds were run by people not actually involved in the charity work they claim to work for, in recent years, many scams were run by people running actual charities or have started the charity itself.
What the scammer does here is they build up the story of the charity using online articles and news pieces so as to draw in good-hearted people who believe they will be contributing in a good cause with the expectation of nothing in return. Then the perpetrator asks for money to help the said charity.
After the money is transferred from the victim, the perpetrator either disappears along with the money or ask for more donations to keep the influx of money. Many times, the victim doesn’t realize they were scammed until the deduction of the alleged donation from their income tax. A trick the fraudster uses to further validate their scam is to tell the donator that their donation is deductible and provide fake paperwork to prove it.
According to the Tax Law in the United States, charitable donations are deductible only when made to qualified non-profitable organizations. When the victim provides the paperwork given to them by the fraudster, they find out the papers and the charity are all a hoax since the information is incorrect.
One thing that’s reassuring is that even though charity fraud is one of the most common types of fraud committed around the world, the percent of a victim losing their money to the fraud is not likely. People don’t tend to donate more than they can spare.
2. Social Media Fraud:
The increase in disclosure of personal information, such as birthday date, email or even address and place of living, has created the perfect environment for fraudsters to take advantage of such information. The problem is that people have been increasingly sharing more and more personal information about themselves on Social Media websites. The risk of Social Media fraud increases with the constant development of these websites.
One of the most notable examples is the case of online reviews regarding a service, a product or even a book. An example of which is the 2004 accidental reveal of Amazon’s Canadian website of the true identities of hundreds of US book reviewers on the website. The reveal, though accidental, revealed that many authors actually used fake names to post fake reviews about their books, hence gaining more coverage and promotion.
On the other hand, despite the fact that social media is a fertile environment for fraudsters for flourish, local authorities can use such websites to combat possible fraud attempts. Such as an injured worker who is a part of a compensation claim and was supposedly unable to move, when checking their social media and online logs, it appeared the worker was more than fine and participated in interactive activities during said time.
3. Internet Ticket Fraud:
Looking for a ticket for a concert, sports game or an event that you’ve been anxiously waiting for? Well, it’s better to watch where you get the tickets from and make sure it is a validated place. Selling tickets to those looking for them is another form of cyber fraud.
Internet ticket fraud is when the perpetrator sells imaginary tickets to those seeking them and whether the tickets are fake or they are never delivered. Unfortunately this form of fraud is performed by many professionals and some even are based in the UK, otherwise known as British ticket touts but they usually base their frauds in other countries.
One famous case was the selling of tickets to the 2008 Beijing Olympic Games. A total worth of $50 million dollars of fake tickets were sold through a professional looking website. Later that year, it was reported that the person behind the scam was, in fact, based in the UK.
4. Online Gift Card Fraud:
Who would’ve thought that a gift card can be a means of fraud? Well, retailers have been working tirelessly to prevent the usage of gift cards bought with stolen credit card numbers. On the other hand, fraudsters found this the perfect opportunity to get their hands on gift card information that were issued but not yet used.
The perpetrator will steal the gift card data and check on the retailer’s online service then try and use the cards to either buy things or resell them on a third party website. If there are any cards left in the case of reselling them on another, the perpetrator will usually takes the value of the remaining cards in cash which is a form of money laundering.
Gift Card Fraud causes serious financial damage to different retailers and their brands, not to mention ruining the gift card experience of many users.
5. Purchase Fraud:
I think this type of cyber fraud is the most common one, since it’s easy for perpetrators to trick the victim. The scammer will put online products at very low prices and the payment for the products usually takes place via electronic fund transfers and not through credible services such as PayPal or credit cards.
A feature of this type is that the perpetrator would ask for the money to be transferred right away. On the other hand, no good ever arrive or delivered. Another thing to look out for is to check contact information, privacy, details about delivery and terms or conditions, if these are not presented, then it’s probably a scam.
Purchase Fraud has been increasingly thriving on social media websites, due to the growing number of people using these websites every day. The “fake stores” will not be around for a long time, they will stay for a couple of sales where they’ve made some money, then they pack it all up and close the store. Be sure to look for any reviews about such store before making your decision.
6. Counterfeit Postal Money Orders:
A Postal Money Order is a monetary order intended for sending money by mail. The order can be purchased at post office and is payable at another post office, that of the recipient. It’s important to know that postal orders are similar to cheques and they are not legal tenders.
A scam using postal orders can begin in an email or even a chat room, where a person is trying to sell something of their own. The scammers will have that person believe they wok for auction sites such as eBay. The most targeted people in such scams are often small retailers who buy or sell items online.
So far, it’s not clear the amount of money stolen through postal money order fraud scams. The United States Postal Service believes it amounts to millions of dollars. There aren’t much ways to identify a counterfeiter and unfortunately, more and more people fall victim to this fraudulent action!
Internet Fraud and abuse is also known as Computer Fraud and Abuse or shortly, CFAA . This is a bill issued in the United States of America in 1986 regarding cybersecurity. This bill was actually an amendment to the already existing Computer Fraud Law as part of the previously issued Comprehensive Crime Control Act issued in 1984. The amendment was made to cover up for the lack of regulation regarding cybercrime, specially that it was treated as part of mail and wire fraud before.
Important points regarding CFAA:
The Computer Fraud and Abuse act provides protection for what is called a “protected computer”. The act defines such a device as being solely used by a financial institution or the United States government or a computer that is used to affect the state or foreign commerce or communication even if the perpetrator’s computer is located outside of the US.
Generally speaking, the act applies to any regular computer and even mobile phones.
CFAA criminalizes the following actions:
- Using a computer without authorization or exceeding authorized use to obtain information placed under protection by the government of the United States. Whether it was to use such information to harm the country or even fail to deliver it to the person responsible for protecting them.
- Accessing a computer without permission or exceeding authorized use to obtain financial information of a person or information of a financial institution, any information held by any of the US government department or information from any protected computer.
- Intentionally and without authorization accessing a nonpublic computer that is solely for the use of the US government, and if such nonpublic computer isn’t exclusively used by the government but the actions of the perpetrator affects the government’s use of the computer.
- Accompanied with the intention to defraud, the perpetrator accesses a computer without authorization or exceeds the authorized access and obtains anything that is of value.
- Causing the transmission of a program, information, code or command with the intention of causing damage to a protected computer. Accessing a protected computer without authorization and causing damage to the computer or loss of any information on it.
- Interrupts the transmission of any password or any similar information through which a computer can be accessed without authorization and as a result such interruption affects interstate or foreign commerce, or if the accessed computer is used by the government or any state department.
- Transmitting an interstate or foreign commerce communication with the prior intention of extorting from any person, money or anything of value, if the communication contained threat to damage a protected computer.
- Or the threat of obtaining information from a protected computer or exceeding the authorization and threatening the confidentiality of such information. The last one is to demand money in relation to causing damage to a protected computer to pave the way for the extortion.
The Computer Fraud and Abuse (CFAA) was amended several times in 1989, 1994, 1996, 2001, 2022 and 2008. Each time the act was amended, the extent of its application and the types of conduct falling under it were expanded as well.
Cyber Fraud Reporting (How to report Cyber Fraud)
Due to the increase in cyber fraud crimes, governments around the world have been trying to cope up with this active field. There are different means through which you can report a Cyber Fraud, depending on which country you’re in. Some governments have set up hotlines and others have teamed this way with online reporting of the crime.
Here are different means to report Cyber Fraud, between one country and another:
1. Internet Fraud Complaint Center Australia:
The Australian Cyber Security Center is the online website you can use if you are an Australian person, institution or even the government to report a cyber crime. The reporting tool available on their website explains a few points to understand before placing your report and makes it easier to do so.
2. Cyber Fraud Police, is there such a thing?
The Action Fraud Police is the official website through which you can report a Cyber Crime in the UK. On the website, you are guided through the definition of cyber crime, how to recognize it and how to report it.
3. Action Fraud:
Is the National Fraud and Cyber Crime Reporting Center in the United Kingdom. Their online website has all the information you will need to know when reporting a possible or an actual cyber fraud crime. Their Action Fraud Reporting Tool takes you through the steps of reporting a cyber fraud crime.
What are Action Fraud Contact Details?
The Action Fraud website not only helps you report a cyber crime online and follow-up on your report, but also offers you the opportunity of speaking to experts who are available and ready to help. Here are their contact details:
-Action Fraud Crime Number:
One great feature of Action Fraud is that whether you’re inside the UK or abroad, you can actually call the service line and seek their guidance. Something that is very commendable! These are the phone numbers to call when you need help:
From inside the UK: 0300 123 2040
From abroad: +44 300 123 2040
-Action Fraud Opening Times:
The Action Fraud team receives calls from Monday to Friday from 8:00 am to 8:00 pm.
On the other hand, if you are a company that is currently suffering from a live cyber attack, you can call their lines any time during the week, their services are available 24/7.
Action Fraud Reporting Tool
Through the Action Fraud online reporting tool, experts are available around the hour to provide any assistance you might need and help you if you feel you’re becoming a fraud victim. Through the tool you’re asked several questions to identify what’s happened with you and so the experts will be able to advice you on what to do.
When choosing the reporting tool, you will be asked to register a new account, log in into an existing one or to continue as a guest. It’s more advisable to register on the website so as to be able to follow-up on your report, track it, call the service line to follow-up on the report or even receive an update about your report via email.
Action Fraud Phishing
One of the services offered through Action Fraud is the ability to help you recognize and report a suspicious email, call, text message or even a website you’ve encountered, otherwise known as “Phishing” attempt. They ask you some questions, which are on their website and offer you the means through which you can report what you suspect.
Action Fraud Phishing Reporting Tool
The Phishing reporting tool available on the Action Fraud website takes you through several steps to determine what happened with you and how to help you. All in addition to several service lines and numbers that you can use in the event you were certain you’ve been subject to a phishing attempt. These services lines and numbers are as follows:
- Malicious email:
If you’ve received an email that you suspect is a scam or don’t feel too sure about it. You can forward that email to the email address of the Suspicious Email Reporting Service (SERS) at: [email protected]
What might raise your suspicions is that the email you’ve gotten might be from a company that you’ve never had communications with before, or maybe you just don’t feel comfortable with the email you received.
When you forward the email to SERS, they will have the National Cyber Security Centre (NCSC) analyze the email and any links pertaining to it. Upon the confirmation of malicious activity they might block the address from which the email was sent, cooperate with partner companies to remove malicious links and raise more awareness of suspicious emails and the methods used in the scam.
- Suspicious text message:
Since most phone service provider companies have designated means to help their customers report malicious text messages they might receive. You can forward the text you’ve received to 7726 for free, after which the service provider will further investigate the message. If the text turned out to be malicious, the provider will block the number from which it was sent.
- Malicious phone call:
This is another common version scammers use, they might call you and pretend they’re from an organization you care about such as a bank, a charitable organization or maybe even pretend to be the police. They will ask for personal information such as your bank details or ask you to transfer money to them.
If you’ve gotten such a call and suspect they were scammers, please do call these numbers:
-England, Wales and Northern Ireland: call 0300 123 2040 or report them via the Action Fraud Reporting Tool.
-Scotland: Report to the Police Scotland by calling 101.
- Malicious Website:
Some scammers may run fake websites which will download viruses onto your computer or operate to steal your personal information and passwords for examples.
Through the NCSC website, you are guided through several steps to report a website you’ve encountered that you feel is suspicious. After you report a website, the NCSC has the power of removing the website if investigation proved the website to be a scam.
- Scam Adverts:
Whether on websites, search engines or even through social media, scammers can use adverts to trick people.
They way these adverts will scam you might be through using fake celebrity endorsements, fake reviews even through offering discounted goods. Their aim is generally the same, that is tricking you to transfer money to them.
You can report scam adverts through the reporting tool offered by the NCSC website!
How to report Facebook for frauds?
As we’ve seen above, Facebook and social media in general, can be a fertile environment for cyber fraud crimes. The social giant has set up different processes for reporting types of suspicious activity that you might encounter.
However, if you believe you’ve encountered a scammer, you can first block their account and report it directly to [email protected]
How to Protect Yourself from Cyber Fraud?
Because prevention is definitely better than cure, it’s important to know how to keep yourself and safeguard your personal information from cyber fraud! Here are some tips:
1. Obtaining a full-service online protection program:
Such as the renowned protection suite Norton Security for example. The program will help protect your personal information as you spend time on the internet, warns from and protects against malware, viruses and ransomware.
2. Keep Your Software Updated:
Whichever online security program you choose, please do make sure to keep it updated, set the update option to automatically download the latest updates so you won’t forget to update it if you choose a manual setting.
3. Using Strong Passwords:
While using strong passwords is a must, do not try to repeat such passwords between websites that contain sensitive information about you. Make sure to use a password of at least 10 characters, including uppercase and lowercase letters, numbers and symbols.
4. Watch What You Share on Social Media:
As much as you can, try to lessen the amount of personal information you share on social media, especially Facebook, as it advocates sharing more of your life experiences with others. Rule of thumb: the less you share, the more protected you are! And be careful the settings you choose for sharing, don’t set your information on the “Public” privacy setting.
5. Secure Your Wi-Fi:
From a strong Wi-Fi password to using a VPN or a Virtual Private Network, you can protect information leaving your computer. Using a VPN specially when you’re using Wi-Fi in public places, will encrypt all the data leaving your computer until they reach their destination. So, if a scammer tries to hack into your device, they will only find encrypted data.
6. Protect Yourself Against Theft of Personal Information:
Be aware what personal information, specially financial and payment card information you share on the internet. This is why using a VPN in public places is very important.
7. Keep Up to Date on Major Security Breaches:
Somehow when we hear about cyber breaches in other countries, the first thing we think about is thankfully it’s not in ours. This couldn’t have been further from the truth; the world is intricately interconnected through the cyber world. An attack in one place, can quickly reach another. If you’ve come to know about a security breach on a certain website you use, change your information and password right away.
8. Have a Chat with Your Kids:
Always keep communication open with your children and let them know what is acceptable online. Do emphasize when speaking with them that they can come to you if they feel they’re afraid or might have encountered unacceptable behavior online.
It’s tough to say no one has encountered cyber fraud, whether you actually fell for the scam or you were one of the lucky ones who got away. Every invention has two sides, so does the cyber world. Make sure to take the necessary steps to protect yourself and report any suspicious behavior right away!