What is Cyber Fraud?

Fraud is the deliberate cause of harm to others or suspicious acts to achieve unlawful gains! This is the typical form of fraud we know, and more recently the development of the internet and the virtual world became a fertile environment for cyber crime, cyber fraud is no different!

What is Fraud? What is Cyber Fraud, how to spot it, how to report it and how to protect yourself from Cyber Fraud are all important points that we’ll discuss in this article.

What is Fraud?

We all heard and read about fraud from different sources. But what does this malicious action mean?

Fraud is legally defined as intentional deception to secure unlawful gains or deprive the victim of one of their legal rights. If fraud violates Civil Law, it becomes known as a “tort,” and the victim can sue the perpetrator for compensation.

Cyber frayd can also violate Criminal Law, where it is labelled a “criminal offence,” and the authorities can track and detain the perpetrator. Recently, the form of this deliberate harm has leaked into the world’s ever-growing alternate universe: cyberspace, where it became known as cyber fraud.

What is Cyber Fraud?

Cyber fraud has become the most common form of fraud worldwide, largely due to the pace at which the cyber world moves. Cyber Fraud is a crime on the Internet, where the perpetrator aims to corrupt the victim’s personal and financial information stored online.

After committing a cyber fraud crime, the perpetrators use the financial and personal information they illegally acquired to fund themselves and perhaps use it in other frauds. Due to the speed of growth of the online world and the increasing dependency upon the internet and the virtual world, the danger of falling victim to cyber fraud also increases.

Statistics about Cyber Fraud cite the increase in this form of criminal activity. The UK alone lost a total of £190 to fraud and cyber fraud in 2017 alone! Another report by the ONS (Office for National Statistics) declared that cyber fraud is the top form of fraudulent activity that costs governments huge amounts of money.

The key to considering a fraudulent crime as cyber fraud is that it is conducted using a computer or involves computer data. Cyber fraud has gained massive seriousness in recent years, making it a crime that must be cracked down upon.

With the increase in Internet banking usage and the use of the Internet for storing personal data such as personal identity, account information, and bank accounts, the perpetrator can assume this identity and use the financial and banking information to fund other illegal activities.

Examples of Computer Crimes and Cyber Fraud

There are many forms of cyber fraud, such as Computer Crimes, otherwise known as Cyber Crimes. Such as:

1. Stealing financial or card payment data.
2. Identity fraud is the theft of someone’s identity and using it for other purposes.
3. Stealing and selling corporate data.
4. Email and internet fraud.
5. Cyberextortion is asking for money; otherwise, the perpetrator will attack and steal your information. Ransomware is also part of this crime.
6. Cyberespionage is when the perpetrator steals government or company data, mainly government data.
7.  Cryptojacking is where the perpetrator uses other people’s resources to cultivate cryptocurrency.

What is Online Fraud in Cyber Security? Or Online Fraud Crimes?

Online fraud is one type of cybercrime, which uses the World Wide Web either to hide information or provide false information to trick the victims out of their money, property, or even inheritance. Online fraud is different from regular theft because, in cyber fraud, the victim willingly gives out their information.

In 2017, the FBI released the Internet Crime Report, stating that the Internet Crime Complaint Center received around 300,000 complaints that year. In the same year, it was reported that the amount of money lost to online fraud reached $1.4 billion!

Internet security and antivirus giant McAfee conducted a joint study regarding online fraud with the Center for Strategic and International Studies. The study discovered that online fraud costs the global economy about $600 billion, which equals around 0.8% of the total global GDP.

There are many ways that the perpetrator can lure in the victim, such as disguising in several masks that might appeal to the victim. Cyber fraud can occur even if the service the victim only partly uses the internet.

Here are some of the most common Internet Fraud Cases:

Charity Fraud

This type of online fraud has been the most common form of cybercrime. The scammer uses charity work as a front to defraud people of their money. Recent humanitarian charities, such as a recent hurricane crisis or war, are often used. However, the use of global illnesses, such as fighting cancer or Ebola or even working in an orphanage, is more common.

Although in the beginning, such cyber fraud was perpetrated by people not involved in the charity work they claimed to work for, in recent years, many scams have been perpetrated by people running actual charities or having started the charity itself.

The scammer builds up the story of the charity using online articles and news pieces to draw in good-hearted people who believe they will be contributing to a good cause with the expectation of nothing in return. Then, the perpetrator asks for money to help the said charity.

After the money is transferred from the victim, the perpetrator either disappears along with the money or asks for more donations to keep the influx of money. The victim often doesn’t realise they were scammed until the alleged donation is deducted from their income tax. A trick the fraudster uses to further validate their scam is to tell the donator that their donation is deductible and provide fake paperwork to prove it.

According to the United States tax law, charitable donations are deductible only when made to qualified non-profit organisations. When the victim provides the paperwork given to them by the fraudster, they find out the papers and the charity are all a hoax since the information is incorrect.

One thing that’s reassuring is that even though charity fraud is one of the most common types of cyber fraud committed worldwide, the percentage of victims losing their money to it is not likely. People don’t tend to donate more than they can spare.

Social Media Fraud

The increase in disclosure of personal information, such as birthday date, email or even address and place of living, has created the perfect environment for fraudsters to take advantage of such information. The problem is that people have been increasingly sharing more and more personal information about themselves on Social Media websites. The risk of Social Media fraud increases with the constant development of these websites.

One of the most notable examples is online reviews regarding a service, a product, or a book. An example is the 2004 accidental reveal of the true identities of hundreds of US book reviewers on Amazon’s Canadian website. The reveal, though accidental, revealed that many authors used fake names to post fake reviews about their books, hence gaining more coverage and promotion.

On the other hand, although social media is a fertile environment for fraudsters to flourish, local authorities can use such websites to combat possible cyber fraud attempts. For example, an injured worker who was supposedly unable to move was part of a compensation claim. When checking their social media and online logs, the worker appeared more than fine and participated in interactive activities during said time.

Internet Ticket Fraud

Looking for a ticket for a concert, sports game or an event that you’ve been anxiously waiting for? It’s better to watch where you get the tickets and ensure it is a validated place. Selling tickets to those looking for them is another form of cyber fraud.

Internet ticket fraud occurs when the perpetrator sells imaginary tickets to those seeking them, whether fake or never delivered. Unfortunately, this form of cyber fraud is performed by many professionals, and some are even based in the UK, otherwise known as British ticket touts, but they usually base their frauds in other countries.

One famous case involved selling tickets to the 2008 Beijing Olympic Games. A total of $50 million worth of fake tickets were sold through a professional-looking website. Later that year, it was reported that the person behind the scam was based in the UK.

Online Gift Card Fraud

Who would’ve thought that a gift card could be a means of fraud? Retailers have been working tirelessly to prevent the usage of gift cards bought with stolen credit card numbers. On the other hand, fraudsters found this the perfect opportunity to get their hands on gift card information that was issued but not yet used.

The perpetrator steals the gift card data, checks on the retailer’s online service, and then tries to use the cards to either buy things or resell them on a third-party website. If any cards are left in the case of reselling them on another website, the perpetrator usually takes the value of the remaining cards in cash, which is a form of money laundering. Gift Card Fraud causes serious financial damage to different retailers and their brands, not to mention ruining the gift card experience of many users.

Purchase Fraud

We think this type of cyber fraud is the most common one since it’s easy for perpetrators to trick the victim. The scammer will offer online products at very low prices, and payment for the products usually occurs via electronic fund transfers rather than credible services such as PayPal or credit cards.

A feature of this type is that the perpetrator would ask for the money to be transferred immediately. On the other hand, no goods ever arrive or delivered. Another thing to look out for is to check contact information, privacy, details about delivery and terms or conditions; if these are not presented, then it’s probably a scam.

Purchase Fraud has been increasingly thriving on social media websites due to the growing number of people using these websites daily. The “fake stores” will not be around for a long time; they will stay for a couple of sales where they’ve made some money, then pack it all up and close the store. Be sure to look for any reviews about such a store before deciding.

Counterfeit Postal Money Orders

A postal money order is a monetary order intended to send money by mail. The order can be purchased at the post office and is payable at another post office, that of the recipient. It’s important to know that postal orders are similar to cheques, and they are not legal tenders.

A scam using postal orders can begin in an email or even a chat room where a person is trying to sell something of their own. The scammers will have that person believe they are working for auction sites such as eBay. The most targeted people in such scams are often small retailers who buy or sell items online.

So far, how much money has been stolen through postal money order fraud scams is unclear. The United States Postal Service believes it amounts to millions of dollars. There are few ways to identify a counterfeiter; unfortunately, more and more people are falling victim to this fraudulent action!

Computer Fraud and Abuse Act (CFAA)

Internet Fraud and abuse is also known as Computer Fraud and Abuse or, shortly, CFAA. This bill regarding cybersecurity was issued in the United States of America in 1986. This bill was an amendment to the already existing Computer Fraud Law as part of the previously issued Comprehensive Crime Control Act issued in 1984. The amendment was made to cover the lack of regulation regarding cybercrime, including cyber fraud, especially since it was previously treated as part of mail and wire fraud.

Important Points Regarding CFAA

The Computer Fraud and Abuse Act protects a “protected computer.” The act defines such a device as being solely used by a financial institution, the United States government, or a computer used to affect state or foreign commerce or communication, even if the perpetrator’s computer is outside the US. Generally speaking, the act applies to any regular computer and even mobile phones.

CFAA criminalises the following actions:

1. Using a computer without authorisation or exceeding authorised use to obtain information is placed under protection by the government of the United States. Whether it was to use such information to harm the country or even fail to deliver it to the person responsible for protecting them.
2.  Accessing a computer without permission or exceeding authorised use to obtain financial information of a person or information of a financial institution, any information held by any of the US government department or information from any protected computer.
3. Intentionally and without authorisation, accessing a nonpublic computer that is solely for the use of the US government, even if the government doesn’t exclusively use such a nonpublic computer but the perpetrator’s actions affect the government’s use of the computer.
4. Accompanied by the intention to defraud, the perpetrator accesses a computer without authorisation, exceeds the authorised access, and obtains anything of value.
5. Causing the transmission of a program, information, code or command to cause damage to a protected computer. Accessing a protected computer without authorisation and causing damage to the computer or loss of any information on it.
6. Interrupts the transmission of any password or similar information through which a computer can be accessed without authorisation, affecting interstate or foreign commerce or if the government or any state department uses the accessed computer.
7. Transmitting an interstate or foreign commerce communication with the prior intention of extorting from any person, money or anything of value if the communication contained a threat to damage a protected computer.
8. Or the threat of obtaining information from a protected computer or exceeding the authorisation and threatening the confidentiality of such information. The last one is to demand money for causing damage to a protected computer to pave the way for extortion.

 The Computer Fraud and Abuse Act (CFAA) was amended several times in 1989, 1994, 1996, 2001, 2022, and 2008. Each time the act was amended, the extent of its application and the types of conduct falling under it were also expanded.

Cyber Fraud Reporting (How to Report Cyber Fraud)

Due to the increase in cyber fraud crimes, governments worldwide have been trying to cope with this active field. There are different means through which you can report cyber fraud, depending on which country you’re in. Some governments have set up hotlines, and others have teamed this way with online crime reporting.

Here are different means to report cyber fraud between one country and another:

Internet Fraud Complaint Center Australia

The Australian Cyber Security Center is an online website you can use if you are an Australian person, institution or even the government to report a cybercrime. The reporting tool available on their website explains a few points to understand before placing your report and makes it easier to do so.

Cyber Fraud Police, Is There Such a Thing? Action Fraud Police!

The Action Fraud Police is the official website through which you can report a Cyber Crime in the UK. On the website, you are guided through the definition of cybercrime and how to recognise and report it.

Action Fraud is the National Fraud and Cyber Crime Reporting Center in the United Kingdom. Their online website has all the information you will need to know when reporting a possible or undergoing cyber fraud crime. Their Action Fraud Reporting Tool takes you through reporting a cyber fraud crime.  

What Are Action Fraud Contact Details?

The Action Fraud website not only helps you report a cyber crime online and follow up on your report but also offers you the opportunity to speak to experts who are available and ready to help. Here are their contact details:

1. Action Fraud Crime Number: One great feature of Action Fraud is that you can call the service line and seek their guidance whether you’re inside the UK or abroad. Something very commendable! These are the phone numbers to call when you need help:
   • From inside the UK: 0300 123 2040
   • From abroad: +44 300 123 2040
2. Action Fraud Opening Times: The Action Fraud team receives calls from Monday to Friday, 8:00 a.m. to 8:00 p.m.
3. On the other hand, if your company is currently suffering from a live cyber attack, you can call their lines any time during the week; their services are available 24/7.

Action Fraud Reporting Tool

Through the Action Fraud online reporting tool, experts are available around the hour to provide any assistance and help you if you feel you’re becoming a fraud victim. Through the tool, you’re asked several questions to identify what’s happened to you so the experts can advise you on what to do.

Action Fraud Phishing

One of the services offered through Action Fraud is the ability to help you recognise and report a suspicious email, call, text message or even a website you’ve encountered, otherwise known as a “Phishing” attempt. They ask you some questions on their website and offer you the means to report what you suspect.

Action Fraud Phishing Reporting Tool

The Phishing reporting tool available on the Action Fraud website takes you through several steps to determine what happened to you and how to help you. In addition, you can use several service lines and numbers if you are certain you’ve been subject to a phishing attempt. These service lines and numbers are as follows:

Malicious Email

If you’ve received an email that you suspect is a scam or don’t feel too sure about it. You can forward that email to the email address of the Suspicious Email Reporting Service (SERS) at [email protected]

What might raise your suspicions is that the email you’ve gotten might be from a company you’ve never had communications with before, or maybe you just don’t feel comfortable with the email you received.

When you forward the email to SERS, they will have the National Cyber Security Centre (NCSC) analyse the email and any links pertaining to it. Upon the confirmation of malicious activity, they might block the address from which the email was sent, cooperate with partner companies to remove malicious links and raise more awareness of suspicious emails and the methods used in the scam.

Suspicious Text Message

Most phone service provider companies have designated means to help customers report malicious text messages they might receive. You can forward the text you’ve received to 7726 for free, after which the service provider will further investigate the message. If the text turns out malicious, the provider will block the number from which it was sent.

Malicious Phone Call

This is another common cyber fraud version scammers use. They might call you and pretend they’re from an organisation you care about, such as a bank or a charitable organisation, or maybe even pretend to be the police. They will ask for personal information such as your bank details or ask you to transfer money to them.

If you’ve gotten such a call and suspect they were scammers, please do call these numbers:

1. England, Wales and Northern Ireland: call 0300 123 2040 or report them via the Action Fraud Reporting Tool.
2. Scotland: Report to the Police Scotland by calling 101.

Malicious Website

Some scammers may run fake websites which will download viruses onto your computer or operate to steal your personal information and passwords, for example. Through the NCSC website, you are guided through several steps to report a website you’ve encountered that you feel is suspicious. After you report a website, the NCSC has the power to remove the website if an investigation proves the website to be a scam.

Scam Adverts

Whether on websites, search engines or even through social media, scammers can use adverts to trick people. These adverts might scam you by using fake celebrity endorsements, fake reviews, or even offering discounted goods. Their aim is generally the same: tricking you into transferring money to them. You can report scam adverts through the reporting tool offered by the NCSC website!

How to Report Facebook for Cyber Fraud?

As seen above, Facebook and social media can be a fertile environment for cyber fraud crimes. The social giant has set up different processes for reporting types of suspicious activity that you might encounter.

• However, if you believe you’ve encountered a scammer, you can first block their account and report it directly to [email protected]

How to Protect Yourself from Cyber Fraud?

Because prevention is better than cure, it’s important to know how to keep yourself and safeguard your personal information from cyber fraud! Here are some tips:

1. Obtaining a full-service online protection program like the renowned Norton Security suite. The program will help protect your personal information as you spend time on the internet, warn from and protect against malware, viruses and ransomware.
2. Keep Your Software Updated: Whichever online security program you choose, please make sure to keep it updated. If you choose a manual setting, set the update option to automatically download the latest updates so you won’t forget to update it.
3. Using Strong Passwords: While using strong passwords is a must, do not try to repeat them between websites that contain sensitive information about you. Use a password of at least ten characters, including uppercase and lowercase letters, numbers, and symbols.
4. Watch What You Share on Social Media: As much as possible, try to lessen the amount of personal information you share on social media, especially Facebook, as it advocates sharing more of your life experiences with others. Rule of thumb: the less you share, the more protected you are! And be careful about the settings you choose for sharing; don’t set your information to the “Public” privacy setting.
5. Secure Your Wi-Fi: From a strong Wi-Fi password to using a VPN, you can protect information leaving your computer. Using a VPN, especially when using Wi-Fi in public places, encrypts all the data leaving your computer until it reaches its destination. So, if a scammer tries to hack into your device, they will only find encrypted data.
6. Protect Yourself Against Theft of Personal Information: Be aware of what personal information, especially financial and payment card information, you share online. This is why using a VPN in public places is very important.
7. Keep Up to Date on Major Security Breaches: Somehow, when we hear about cyber breaches in other countries, the first thing we think about is that, thankfully, it’s not in ours. This couldn’t have been further from the truth; the world is intricately interconnected through the cyber world. An attack in one place can quickly reach another. If you’ve learned about a security breach on a certain website you use, change your information and password immediately.
8. Have a Chat with Your Kids: Always keep communication open with your children and let them know what is acceptable online. When speaking with them, emphasise that they can come to you if they are afraid or might have encountered unacceptable online behaviour.

It’s tough to say no one has encountered cyber fraud, whether you fell for the scam or were one of the lucky ones who got away. Every invention has two sides, and so does the cyber world. Take the necessary steps to protect yourself from cyber fraud and report any suspicious behaviour immediately!

FAQs