The FBI has written an overview of the activity of the Internet Crime Complain Center (IC3), which is turning twenty this week.
The Rise of Cybercrime
At the start of the Nineties the internet was still in its infancy. The decade gives us the first browsers, search engines, web shops, and email. The internet offers new possibilities for private and work life. But these possibilities are also seen by cybercriminals and hackers. With a low risk of getting caught, these criminals manage to scam thousands of people. “People really didn’t know where to report internet scams or other online fraudulent activity,” Donna Gregory, chief at the IC3, stated. And law enforcement agencies also weren’t sure where to de with these complaints. That is why the FBI started a pilot in 2000 to try and stop cybercriminals. They named it the Internet Fraud Complaint Center. The group soon turned out to be successful and changed its name in 2002. Since then it is known as the Internet Crime Complaint Center. They assist the FBI and other security services to solve internet related crimes, such as identity theft, scams, hacking, phishing, and all other forms of fraud. The IC3 catalogues just under 50,000 complaints over the first year. In June of 2007 they received the one millionth internet crime complaint. After that the numbers start rising rapidly. By November of 2009 the number of complaints has been doubled to two million. They hit three million complaints by May 2014. Three years later, in October 2017, the number of complaints has risen to four million. And the five million milestone was reached in March of this year.
Cashing In
The rise of internet crime is easy to explain – there is money to be made. The internet keeps evolving and so do the criminals. They keep finding cunning ways to trick people. FBI Cyber Division Assistant Director Matt Gorham said that “[t]he scale, scope, speed, and impact of cyber threats is constantly evolving. Criminals are opportunistic, and we’ve seen them rapidly adapt to the cyber environment, creating a variety of schemes to exploit the public and private sector.” Donna Gregory calls scams in the early days rudimentary and primitive. But these types of deceit opened up the way to more advanced methods, like DDoS-attacks, ransomware, dating fraud, and Business Email Compromise (BEC). Cybercriminals don’t just target individuals, but companies and organizations as well. Not just the amount of cybercrime has risen over the past twenty years, so has the amount of money that criminals manage to obtain. An average of 431 dollars was taken from a victim in 2001. This number has risen to 7,500 dollars on average this year. Another apparent change over the last twenty years is that the criminals no longer seem to know their victims. In many cases of fraud the culprit lives abroad, sometimes quite literally on the other side of the planet. They also no longer work alone. Very often they seem to have organized in a team of criminals. Gregory stated that “[t]he sophistication of modern online criminals is the most troubling part. We used to be able to give people common sense tips to keep them safe; now it is just much harder to tell the real messages and websites from the fake.”
Corona
Nowadays, cybercriminals respond very well to current circumstances and developments in society. Examples of this are a scam to raise money for the victims of hurricane Katrina in 2005, or after the bombing at the Boston marathon in 2013. Currently, we see a lot of scams involving the corona crisis. The WHO reported that the number of cyber-attacks has quintupled since the start of the pandemic. Cybercriminals managed to obtain login details and passwords of WHO employees. These were then used to send people and companies emails asking them to donate money in the fight against the spread of the virus. Of course, the recipients of these emails didn’t know that the money was transferred into the accounts of the criminals. Hackers are also impersonating video conferencing platforms such as Zoom, Microsoft Teams, and Google Hangouts for phising scams. The hackers have registered domains posing as one of the platforms, so that they can send out ‘official’ links to trick people into downloading malware or to gain access to personal information. Check Point Research found out that in the last three weeks at least 32 malicious Zoom domains have been registered and another 320 domains are highly suspicious. “Criminals and scammers go where there is opportunity,” Gorham summarizes. The surge of cybercrime in this pandemic shows that criminals won’t leave a stone unturned in their search for new opportunities.
