Print
Discuss
Send to friend
RSS feedsA new report has once again highlighted the increase in internet crime, leading to renewed calls for better crime reporting and for firms to do more to protect their online customers. The report, published by online identity protection firm Garlik, found that more than 3.2 million internet crimes were committed last year in the UK, which it said equates to one every 10 seconds.
The firm defined cyber crime as online identity theft, financial fraud, offences against a person, online sexual offences and computer misuse offences. The report gathered its statistics from 26 different sources, including UK payments association Apacs, the DTI and the recent report on personal internet security published by the House of Lords Science and Technology Committee, in an attempt to get a full picture of the scale of the problem.
Chief executive of Garlik, Tom Ilube, said businesses should be aware that although online crime does not appear to be putting off consumers from shopping or using services online, this could change if the situation goes unchecked.
“Businesses need to be aware that what we’re seeing may be non-linear,” Ilube warned. “They may say consumers are not reacting but if business shrugs its shoulders and the government does nothing, in a few years’ time three million crimes may have risen to 30 million and we may see larger shifts in [consumer] behaviour."
Ilube added that the current system for reporting fraud and other internet crime is inadequate and needs to be overhauled. On 1 April this year, the rules for fraud reporting changed, making banks and financial institutions the first point of contact for cheque, card and online fraud offences, rather than the police.
“We may be losing a valuable insight into what’s happening that aspect of the law needs to be revisited as the Lords’ report [on internet security] suggested,” he argued.
Ilube also suggested that online merchants and service providers could do more to encourage their customers to report fraud. “Most sites warn you about phishing emails and other [scams] but rarely encourage you to report what’s going on,” he explained. “It wouldn’t be too difficult to create mechanisms across the industry [to this effect].”
Greg Day, security analyst for web security firm McAfee, argued that the international, anonymous and untraceable nature of much internet crime has made it increasingly popular among the criminal fraternity. “Cyber attacks have become an ever-more prevalent issue as the volume of online shoppers, bankers and users increases, and so does the volume of personal information being posted online,” he added.
Day argued that much responsibility lies with individual users, who should run regular checks on their PC, keep up to date with anti-virus software and limit the amount of personal details they post online.
But Andrew Kellett of analyst firm Butler Group argued that online firms need to take more responsibility to ensure their customers are protected. “We’re starting to get there, although it’s a slow process,” he said. “The banks are considering options for [strong authentication], although it’s disappointing that they haven’t come to the same conclusions over the best way to do this.”
Kellett agreed that online fraud reporting in the UK is currently inadequate and bemoaned the lack of government leadership on issues of internet crime prevention. “The [subsumation] of the National Hi-tech Crime Unit (NHTCU) into the Serious Organised Crime Agency (Soca) is another indication that they don’t want to give cyber crime the attention we all believe it deserves,” he added.
Apacs played down the significance of the figures relating to financial fraud, however. “In real terms, the proportion of online fraud is tiny, even though it seems like a lot of money,” said a spokeswoman. “If someone is set on stealing your identity there is very little you can do to stop them. It’s about being aware of what to do to put the situation right.”
Apacs recommended that firms take a multi-layered approach to security that involves use of fraud-detection technology and the 3-D Secure scheme, which requires users to complete an extra authentication process before purchasing items.
Mark Turner, managing consultant at penetration testing specialist NCC Group, said he was surprised the figure for online crime incidents was not higher, but argued that the public “should be reassured that the banks and online traders spend a lot of time and money on security”.
Turner added that the Payment Card Industry (PCI) Data Security Standard has done much to mandate the safe storage of customer credit card data, making it harder for criminals to commit fraud.
del.icio.us
Digg this
reddit!
