As defined by the McGuire & Dowling (2013), technology enabled crimes are one of the traditional types of the crime, which are executed by using the computers, networks and other types of Information Communication Technology (ICT). Unlike the crimes committed via cyber communication, these can be executed without involving the incentives of ICT. The two most commonly known forms of technology enabled crimes are fraud and theft (McGuire & Dowling, 2013). Few major technology-oriented frauds involve electronic financial frauds, counterfeit sales via online sites, mass-marketing consumer scams, phishing scams and so forth. Such crimes are committed with an intention of personal or financial data attainment. The data gained includes personal information, company accounts, intellectual property and customers’ data base and so on (Rezaee & Riley, 2009). In these cases, the victims are the business associates or general public. This report aims to comprehend the idea behind frauds in the light of technology.
Exploitation of technology, cyber-crimes, technology enabled crimes, thefts and frauds, technology based financial frauds, frauds and scams
Integration of modern technology for the convenience of business ventures or other services has emerged with the rise in criminal behaviour executed by disguising the exact location and identity of the person involved in the scam (Subramanian, 2014). It is to be mentioned that these services are absolutely legal and are used legitimately for certain purposes by billions of user every day. Like other services, technology based services are also being misused by many having illegal intentions. However, these services enable the thieves to address their target anywhere in the world (Samociuk & Iyer, 2012). There are various forms of the technology enabled frauds some commonly executed ones are:
- Electronic Financial Frauds
- Fraudulent Sales Via Only Auction
- Mass-Marketing Consumers Scams
- Phishing Scams
- Dating Website Frauds
Victims of Technology Enabled Frauds
As per the report presented by Skinner (2015), around 2/3 of internet users all over the globe are victims of technology enabled or cyber crime. Taking the statistics of “Norton Cybercrime Report: The Human Impact” into consideration, it states that 58% of victims of technology based frauds that also include credit and debit card frauds are reported every month. On the other side, 80% of the web consumers believe that perpetrators will never be prosecuted. Concurrently, the increasing number of incidents of these frauds has generated awareness to almost everyone with the terms of Phishing and pharming. As discussed above, phishing and pharming actually are the two most common forms of technology based frauds. These frauds scam the victims by ensuring authenticity of their sites and thus they believe data or personal details that are provided by them are secured. The most common cases involve the bank websites asking victim for details and then empty their bank accounts. Other certain ways involve popup one receives, for example virus detected, and provides a solution statement such as “What should you do when your computer gets infected with a virus? Do not worry; just follow the link”. Following such links take the user to bogus websites. Other most common victims of the technology based crimes are those, who use to download and update software or files. For example downloading movies, songs, and other files online or updating systems or software gives the technology based criminals access ones information or data.
Perpetrators of technology enabled frauds
There is a drastic difference between the white collar and violent criminal executing crimes of either high or low intensity. Perpetrators of these kinds of frauds are found to be of younger age with abundance of technical skills and knowledge. One proportion of the perpetrators is those, who are usually known as ‘hackers’ and are motivated to do such things because of the curiosity of how things work, gain more knowledge and to challenge security of systems. Their act is a part of a game rather than a severe crime (Computer Fraud and Abuse, 2015).
One more motivation for these criminals can be to make a strong position in the hacking community. These criminal considers themselves as the revolutionist, as they are spreading the message of freedom. However, the growing number of perpetrators has an intention of financial profit. In order to gain profits, these criminals sell the data and information hacked to further or severe cyber criminals such as spammers, intelligence community, and organised crime. Few fraud perpetrators are those who are unhappy with their jobs or annoyed by someone and aim to seek revenge against the company or the employee, or just want to make financial profits by cheating their company or co-workers.
- Fraud Triangle
Approaches to technological enabled fraud
According to the definition of technology enabled frauds presented by the U.S Department of Justice, it is an act that requires radical technology knowledge by committers, investigators and prosecutors (Gunasekaran, 2002). In such crimes, perpetrators can steal the victim’s data or any other information in no time. Although, there are very few evidences available of such crimes making it more difficult to track.
Technology enabled frauds cost billions of dollars every year, however, with a rapid increase many of the frauds are either not detected or those detected have not been reported (Shoniregun, 2005). It is believed that they cannot be encountered by the technology based frauds due to high security they use. On the contrary, certain networks offer lower standards of security. However, law enforcement is required to be kept up (Gunasekaran, 2002).
The law enforcement in over al world keeps on evolving with the time and demands. In technology enabled crimes the law enforcement, depend on the fraud type or abuse. According to the laws of United Kingdom the criminals of cyber fraud can now be sentenced for life time as per the amendments made in “Computer Misuse Act 1990” (SC Staff, 2015). The original bill of this Act, which was cited from a co-founder of SC, Steve Gold’s hack of Prince Phillip’s email, recognized the technology based hacking a ‘crime’. Thus, according to the recent amendment a person guilty for such crime would be put in prison if they commit “unauthorized act” if they are aware of it. This bill is also expected to prevent individuals from attaining tools such as malware, which is used with the purpose of committing a crime, and thus extend the court of UK’s extra defensive jurisdiction in order to let the prosecution of UK residents executing frauds, while they are actually outside the UK.
The changes within the laws are intended to guarantee that legislations are modified. It takes the criminals to justice and prevents the individual from committing such crimes. Thus, this mitigates the threat and impact of cyber crime. This bill will be further reviewed in 2020. According to the assessment made by the government, the new prosecutions are almost negligible as there were only two trials were made in England and Wales under the light of Computer misuse Act section 3A. Therefore, it was considered that the law will deal with serious technology enabled frauds and not the hackers of low level (Hall, 2015).
On the other side, a separate cyber-crime law was activated in Nigeria, according to which any cyber based fraud committed to disrupt the national infrastructure that causes severe damages will be prosecuted to death by hanging. More general form of the technology oriented crime punishments in Nigeria is 7 years sentence or penalty of £16,000 and both for those guilty for purposefully circulating fake information that might threaten the country’s security or those provoking the general public against the governments by means of electronic messages (SC Staff, 2015).
Effectiveness of Responses To-Date
The Computer Misuse Act in term of effectiveness is found highly useful as it ensures that people and their information is kept safe from fraudulent or scammers. However, it is difficult to track the person or gang involved in such frauds because of the massive size of the internet. For example, if someone is found guilty for hacking any one’s computer and steal or alter information than they would be sentenced accordingly. However, it is difficult to trace them as the criminal might not be using their own IP address. Although, if one is trying to access data without having legislative authorisation, then this would be hard to prove this act as a potential crime as it has not been executed yet. Thereby, it is expected by the government to implement plans that are able enough to reduce such activity of these activities. Every business suffers with great loss every year due to these frauds, which can be restrained by certain simple measures. Along with this, it will serve as a serious warning not to violate the laws set to secure cyber peace (Howard, 2009).
Future Policy Responses
As per the results found by the Spamhaus (2015), the international NGO, which looks upon the malicious activities of computer, UK hold the record of largest proportion of computer systems connected with the compromised internet network of any other country all over the globe. In such situations, these compromised systems might get encountered by number of infections or vulnerabilities. Hence, each of these vulnerabilities is seen under certain criteria of the Computer Misuse Act (Sood, 2001).
It is a fact that along with the time thousands of compromised machines all over the globe that indicates occurrence of new forms of technology enabled crimes. The constantly changing nature of the world wide networking and technology is destined to generate numerous more infections and vulnerabilities, which will definitely be exploited by the criminal community (Clarkson et al., 2010). As a result, legislation is required to keep an eye on the new threats emergence, or the probability of high financial incidents may occur. This deduces that the law enforcement does not stand in a place to react, therefore failing to launch public interest prosecution.
Besides the need of the changing legislation, IT security should be taken as the centre of attention rather than prosecution. Almost all the cases of cyber frauds, which are reported to the Metropolitan Police Computer Crime Unit, could have been avoided, if suitable procedures and policies were put in practice. However, keeping IT security sustainable involves government operations, ISPs, law and policy enforcers, apparatus manufacturers, and many more. In generally, the IT security awareness of people all around the globe is quite low (Miller, 2016).
Moreover, the partnership between government and industry is quite important if this issue is indented to be addressed. For example the ’Get Safe Online Campaign’ is an important example that depicts the success of such partnerships (Shinder & Cross, 2008). By raising awareness through awareness programs the trust issues relating to online trading can be developed. If the users are confident that they are suing a secure web network or the website is not bogus than the online transaction rate will definitely be increased.
Since numerous issues and limitations were found in the application of Computer Misuse Act, which raises the question on sentencing the criminals and hackers being deterred (Bologna & Shaw, 2000). This act particularly covers certain areas of technology based crimes according to the penetration or alteration to the data. The act defines the technology based crimes too broadly as it demonstrates as “unauthorised access to computer material” (Miller, 2016). The law was initiatively constructed with a purpose of ensuring enough scope, so the law would not become old with modification and adaption in technology. However, this illustrates that the Act can perform as a dull tool sometimes in defining computer crime.
The policy that government should have incorporated with Act is the IT security awareness and should ensure that there have been made settings that monitor and sustain such policies. This awareness involves ant-virus software and firewalls as well as ensures that their subscriptions are renewed timely. Keeping the systems up to date will result in great awareness and thus will keep the individual or the business settings compromised (Howard, 2009).
Moreover, with integration of the law enforcement and IT security awareness, one more policy that should be implemented to ensure the reduction of cyber crime is to place the location detectors within the processors of the system. These detectors should have direct contact with the Metropolitan Police Computer Crime Unit that tracks the location of all the processors activated without disturbing their operations. These detecting devices should be one of the built-in feature of the processors so that no one remove it.
The paper concludes that the technology based crimes are the most traditional types of crimes, which have been modifying with the time along with the emergence of new vulnerabilities. The paper successfully determines the two most common forms of cyber frauds such as mass-marketing consumer scams, pharming, phishing and the list goes on. The vicious of these crimes identified are either the general public a respective business venture. These people reportedly have been found encountered in frauds in which either the fake bank website emptied their accounts, or online retailer cheated them by not delivering the goods after the payment have been made. Moreover, the business ventures that undergo such scams involve the activities in which the data or other confidential information is theft by the criminals. The government of UK has established many laws such as ‘Computer Misuse Act’ which was considerably quite effective. As per this law, those accused for the cyber based fraud will be imprisonment for life time. However, if the government pays more attention on IT security awareness along with this act of prosecution, more than half of such cases can be resolved. Moreover, this paper suggested a policy to mitigate the technology based frauds, which is to program tracking device that can detect any unauthentic source trying to assess personal information or any other data.
Bologna, G.J. & Shaw, P., 2000. Avoiding Cyber Fraud in Small Businesses: What Auditors and Owners Need to Know. Wiley.
Clarkson, K.W., Miller, R.L. & Cross, F.B., 2010. Business Law: Text and Cases: Legal, Ethical, Global, and Corporate Environment. Cengage Learning.
Computer Fraud and Abuse, 2015. COMPUTER FRAUD AND ABUSE. [Online] Available at: HYPERLINK "http://www4.semo.edu/gjohnson/AC330/ac330ch5notesedition11.htm" http://www4.semo.edu/gjohnson/AC330/ac330ch5notesedition11.htm [Accessed 1 Feburary 2016].
Gee, S., 2014. Fraud and Fraud Detection: A Data Analytics Approach. John Wiley & Sons.
Gunasekaran, A., 2002. Knowledge and Information Technology Management: Human and Social Perspectives: Human and Social Perspectives. Idea Group Inc (IGI).
Hall, J.A., 2015. Information Technology Auditing. Cengage Learning.
Howard, R., 2009. Cyber Fraud: Tactics, Techniques and Procedures. CRC Press.
Howard, R., 2009. Cyber Fraud: Tactics, Techniques and Procedures. CRC Press.
McGuire, M. & Dowling, S., 2013. Cyber crime: A review of the evidence Chapter 2: Cyber-enabled crimes - fraud and theft. Research Report 75. Home Office.
Miller, R.L., 2016. Business Law Today, Comprehensive. Cengage Learning.
Miller, R.L., 2016. Business Law Today, Standard: Text & Summarized Cases. Cengage Learning.
Rezaee, Z. & Riley, R., 2009. Financial Statement Fraud: Prevention and Detection. John Wiley & Sons.
Samociuk, M.M. & Iyer, M.N., 2012. Fraud and Corruption: Prevention and Detection. Gower Publishing, Ltd.
SC Staff, 2015. New laws include life sentence and hanging for cyber-crime. [Online] Available at: HYPERLINK "http://www.scmagazineuk.com/new-laws-include-life-sentence-and-hanging-for-cyber-crime/article/414907/" http://www.scmagazineuk.com/new-laws-include-life-sentence-and-hanging-for-cyber-crime/article/414907/ [Accessed 1 Feburary 2016].
Shinder, D.L. & Cross, M., 2008. Scene of the Cybercrime. Syngress.
Shoniregun, C.A., 2005. Impacts and Risk Assessment of Technology for Internet Security: Enabled Information Small-Medium Enterprises (TEISMES). Springer Science & Business Media.
Simpson, C., 2015. Review of computer misuse laws essential to keep up with rapidly developing market. [Online] Available at: HYPERLINK "http://www.computerweekly.com/opinion/Review-of-computer-misuse-laws-essential-to-keep-up-with-rapidly-developing-market" http://www.computerweekly.com/opinion/Review-of-computer-misuse-laws-essential-to-keep-up-with-rapidly-developing-market [Accessed 1 Feburary 2016].
Skinner, C.-A., 2015. 65% of Web Users Are Victims of Cybercrime. [Online] Available at: HYPERLINK "http://www.pcworld.com/article/205309/65_percent_of_web_users_are_victims_of_cybercrime.html" http://www.pcworld.com/article/205309/65_percent_of_web_users_are_victims_of_cybercrime.html [Accessed 1 Feburary 2016].
Sood, V., 2001. Cyber Law Simplified. Tata McGraw-Hill Education.
Subramanian, R., 2014. Bank Fraud: Using Technology to Combat Losses. John Wiley & Sons.