Network News

X My Profile
View More Activity

Consumers Report $239 Million Lost To Cyber Fraud In '07

U.S. consumers reported losing more than $239 million from online fraud last year, up from $198 million in 2006, according to data released today by the FBI.

Internet auction fraud (35.7 percent) and merchandise non-delivery (24.9 percent) were the most frequently reported types of cyber fraud. The median loss amount per fraud incident last year was approximately $680, the report said. The most costly scams involved investment fraud, which cost consumers about $3,500 per incident -- and check fraud ($3,000). In nearly 74 percent of the cases, the perpetrators contacted the victim via e-mail.

The full report is available here (PDF).

The FBI cautions, however, that some fraud reports may have been misclassified by victims. For example, it works closely with auction giant eBay, which routinely refers fraud victims to the FBI's Internet Crime Complaint Center (IC3), the organization that published these figures. The report notes that many consumers referred to the IC3 by eBay may actually have been victimized by phishing attacks, which use e-mail to lure people into entering their personal and financial data at fake bank and e-commerce sites. eBay and its online payment service were the top two brands impersonated by phishers in February, according to, a Web site that tracks phishing statistics. Of the 13,208 phishing sites tracked by Phishtank in February, 9,552 -- or 72 percent -- were fake eBay or PayPal sites.

The numbers in the FBI's report come from nearly 220,000 fraud complaints reported last year to the IC3, a partnership between the FBI and the National White Collar Crime Center. As such, they should not be viewed as representative of the total cost of cyber crime, because most cyber fraud is not reported, said Tom Kellerman, vice president of security awareness at Core Security Technologies, a Boston based security firm.

"Most [cyber] fraud is related to identity theft, such as setting up fraudulent lines of credit for individuals, and intellectual property theft for corporations which is very difficult to ascertain and measure," Kellerman said. "The real statistic to note is what percentage of cybercrime cases are actually noticed let alone investigated and those of us in the know fully understand that this number is marginal."

Security Fix recently published an analysis on the true costs of cyber crime that offered evidence to suggest the problem may cost businesses and consumers more than $100 billion a year. But that number will remain purely speculative until financial institutions are forced to more accurately classify and report cyber-fraud in all its forms and until regulators start publishing more data about it.

Consumers who believe they have been victimized by cyber crime can file a report with the FBI at this link here.

By Brian Krebs  |  April 4, 2008; 12:49 PM ET
Categories:  Fraud , From the Bunker , Safety Tips , U.S. Government  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Reach Out And Hack Someone
Next: Beware Targeted Data-Stealing Tax Scam


Speaking of PayPal -- is this inquiry legitimate ?????

Security Center Advisory!

We recently noticed one or more attempts to log in to your PayPal account from a foreign IP address and we have reasons to believe that your account was hijacked by a third party without your authorization. If you recently accessed your account while traveling, the unusual log in attempts may have been initiated by you.

If you are the rightful holder of the account you must verify your PayPal account!

If you receive this email and you are not the rightful holder of the account please be informed that PayPal works with the International Police and any illegal acts will be punished according with the law!

Verify your Account
Email address:
PayPal password:

Verify your Email password

Same with the PayPal password

Verify your personal information



Zip Code:

State (if applicable):


Social Security Number:

Date of Birth:
--(Ex: 01-01-1900)

Verify your credit card information

Full Name:

Credit/Debit Card Number:

Expiration Date:
/ (Ex:01/2008)

Card Verification Number (CVV2):

By clicking the button "Submit Your Verification" you confirm your identity with us. The verification process is instant.

Your session will be closed after you verify your information.

If you choose to ignore our request, your account will remain limited until you verify your information at your bank.

Thank you for using PayPal! The PayPal Team
Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to your PayPal account and choose the "Help" link in the footer of any page.

To receive email notifications in plain text instead of HTML, update your preferences here.

PayPal Email ID PP697

Posted by: brucerealtor | April 4, 2008 2:10 PM | Report abuse

>is this inquiry legitimate ?????

Of course not! As usual, PayPal would never send out such a request. Cases where PayPal actually limit accounts result in a notification Email. However the correct action is to ignore all links in the Email and just log into the real PayPal site. You'll see a message regarding any limitations at that time if the Email was real.

It's good to know that "the International Police" are on the case! (ROFL)

Posted by: Moike | April 4, 2008 3:45 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company