The Internet Crime Complaint Center (IC3) in USA started as a partnership between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation, and is focused on cyber crime.

IC3's report for 2007 has just been published, and is interesting reading. Not the least when comparing the actual submitted complaints to what is focused upon in the media. Media focus is to a large extent about scary terms as phishing and identity theft; both of which only count for a minor fraction ot the reported complaints..

The report is from the US and thereby does not, nor intends to, represent "Internet crime in the world". However, the results should be interesting and presumably to some extent relevant also for other countries and regions. One may however, assume that the number of perpetrators from the US is somewhat overrepresented in this report compared to what would have been seen in similar reports from other parts of the world.

A few "highlights" from the report

Contrary to what may have been expected (?) the number of submitted complaints in 2007 is at the same level as previous year (an insignificant decline actually). The reason why there is not an increase can of course only be speculated upon, but it may have been due to the increased focus over the latest years on the penalties involved in engaging in cyber crime.

The total amount of money lost on the other hand, shows a substantial increase from the previous year and reaches an all time high of USD 239 million. The report analyses the losses involved, and interesting data is presented, like:

• The median (as opposed to average) monetary loss was USD 680.
• Over 15% of the reported cases involved a monetary loss of less than USD 100.
• Over half of the reported cases involved a monetary loss of less than USD 1 000.
• Only 12% involved a monetary loss of more than USD 5 000.

This seems to indicate that cyber crime at this point in time is characterized by a large number of smaller crimes, rather than major ones.

As mentioned above, the "popular" fraud techniques like e.g. identity theft and phishing were not among those most reported. By far the most reported offense complaints this year (as previous) had to do with auction fraud - 36% (a significant decrease from 2006, though). Number two on the list is non-delivery of merchandise and/or payments (25%). Identity theft represented approximately 3% of the complaints (an increase).

The report provides several demographical statistics regarding both the perpetrators and the victims. Not surprisingly (perhaps?) those perpetrators who were identified by gender, were mostly male (75% similar to 2006). Male victims were also reported to have greater losses than females.
It is also interesting to note that persons older than 60 years reported higher losses than any other of those age groups represented in the report. This is consistant with the 2006 results, and may perhaps be explained by the fact that this age group was not exposed to the Internet and its use at an early age.

Anonymous contact methods between the perpetrators and the victims were by far the most used technique, with emails and web pages as the most popular tehniques by far. Only in 1,7% of the cases were face-to-face meetings used. More surprisingly is the fact that almost 18% had contact by telephone and more than 10% corresponded by physical mail ("snail mail").

A caveat regarding interpretation

One should in particular take into consideration that this report and the statistics presentented above, represent the complaints reported to IC3. For various reasons organizations and individuals may choose not to report when they are victimized of cyber crime. How this would affect the abovementioned statistics compared to what is the real situation, is in itself an interesting analysis.

More information

The full report - The Internet Crime Complaint Center 2007 Internet Fraud Crime Report: January 1, 2007-December 31, 2007 is available as a PDF file from this link (opens a separate browser window).

The report also provides

• a very useful set of best practices to prevent Internet crime (appendix II),
• detailed examples of techniques used, like "Pet scams", "Secret Shopper and Funds Transfer Scams", "Romance Fraud", and more