A single act of “economic mass victimization” is likely to hit a broad spectrum of e-commerce customers in the next two years, according to a report released Friday by Gartner.
Stamford, Connecticut-based Gartner said that the theft will occur in small amounts over a widespread base and go undetected by law enforcement, due to a lack of adequate preparation and an increasing base of skilled Internet experts in countries with depressed economies.
“Cybercriminals can now surreptitiously steal millions of dollars, a few dollars at a time, from millions of individuals simultaneously,” said Gartner analyst Richard Hunter. “They are very likely to get away with the crime.”
Gartner also predicts that the economic cost of cybercrime will explode in coming years, increasing by 1,000 to 10,000 percent through the end of 2004, due mainly to a lack of spending and training in online crime techniques among law enforcement agencies.
For instance, Gartner said the U.S. federal government’s spending on cybercrime enforcement will continue to make up less than 1 percent of all law enforcement spending.
The study cites the recent attacks on as many as 40 e-commerce sites in the U.S. launched from the former Soviet Union. The Federal Bureau of Investigation said stolen credit card information may have been sold to organized crime entities in Eastern Europe.
“This new generation of perpetrator won’t be firing off warning shots,” said Hunter. “All computer users on a network must take precautions against intruders gaining a foothold. Prevention is the most important defense.”
Earlier studies have argued that a patchwork of cybercrime laws, with little international agreement on how to attack online fraud and theft, will give criminals the upper hand.
“Lawbreakers can easily jump borders to evade law enforcement or to take advantage of more lax environments,” Gartner said. “This capability can turn a localized crime into one of global proportions.”
In fact, Gartner argues that online consumers should not count on law enforcement and should instead take steps to protect themselves.
The study recommends that Web users install firewalls as more Internet access moves from dial-up to broadband, always-on connections, and use credit cards with low credit limits for online purchases.
It also urges consumers to closely monitor their financial statements, keeping an eye open for even the smallest unauthorized charge, especially during busy shopping times such as the Christmas season.
Gartner said that criminals will employ a method of fraud or theft that involves duplicating small transactions millions of times, a technique that will create a longer time before detection. Criminals are likely to use small transactions first and then increase the size of their theft if they go undetected, the study said.
This story is exactly why the company I work for requires a faxed copy of the credit card for our signature files for all international orders. We find that only fraudulent orders will not fax over the information as they really do not have the card handy. There are a few times when a legitimate customer will not want to do so, and it is very hard to convince them that this is something we must do hence we may loose a sale but it is worth it just so we do not have any angry customers calling us in a few months with a fraudelent charge on there statements.