International Journal of Cyber Criminology 

About: International Journal of Cyber Criminology is an academic journal. The journal publishes majorly in the area(s): The Internet & Cybercrime. It has an ISSN identifier of 0974-2891. Over the lifetime, 152 publications have been published receiving 3720 citations.

Cybercrime Victimization: An Examination of Individual and Situational Level Factors

Abstract: IntroductionOver the past two decades, cybercrime has emerged as a salient area of inquiry for criminologists and a growing concern for public policy. Although there are many definitions of cybercrime, the term generally refers to crimes committed through the use of computers and computer networks, but it also includes crimes that do not rely heavily on computers (Britz, 2008). Extant research has explored the nature and extent of cybercrime (Cukier & Levin, 2009; Finley, 2009; Finn, 2004; Geis et al., 2009; Huang et al., 2009; Jaishankar, Halder, & Ramdoss, 2009; Ponte, 2009; Stroik & Huang, 2009), correlates of offending and victimization (Berg, 2009; Bossler & Holt, 2010; Buzzell et al., 2006; Choi, 2008; Higgins, 2005; 2006; Higgins, Fell & Wilson, 2007; Higgins & Makin, 2004; Higgins, Wolfe & Marcum, 2008; Holt & Bossler, 2009; Marcum, 2008; Skinner & Fream, 1997; Turgeman-Goldschmidt, 2009) and issues relating to investigating and prosecuting this type of crime (Roberson, 2009; Hinduja, 2009; Shoemaker & Kennedy, 2009). In spite of the considerable and growing scholarship on cybercrime, however, few studies have examined the theoretical causes and correlates of cybercrime victimization.To date, there have been five studies that applied the lifestyles/routine activities perspective (Cohen & Felson, 1979; Hindelang, Gottfredson & Garafalo; 1978) and the general theory of crime (Gottfredson & Hirschi, 1990) to account for cybercrime victimization (Ashalan, 2006; Bossler & Holt, 2010; Choi, 2008; Holt & Bossler, 2009; Marcum, 2008). Overall, the findings generated from these studies underscore the importance of both situational and individual factors in understanding online victimization. However, whether both individual and situational factors predict all types of cybercrime victimization equally remains elusive. For instance, there is evidence that low self-control is a significant predictor of person-based cybercrime victimization (i.e., offenses where a specific person was the target) but not computer-based cybercrime victimization (i.e., offenses where computers and not the individuals were the targets; see Bossler & Holt, 2010). While the expectation would be that criminological theories such as the general theory of crime, routine activities, rational choice, and different versions of social control theory should be able to explain different types of crimes and different subtypes of cybercrimes equally because they claim to be general theories, our empirical knowledge on this matter is rather meager. Hence, assessing the role that individual and situational factors play in certain forms of cybercrime victimization will be pertinent not only to the development of a theoretical framework on cybercrime victimization but also on the advancement of the victimology scholarship and providing information for specific public policies.To that end, the current study explores the effects of individual and situational factors on seven forms of cybercrime: computer virus, unwanted exposure to pornographic materials, sex solicitation, online harassment by a stranger, online harassment by a nonstranger, phishing and online defamation.3 In particular, this study applies the general theory of crime (Gottfredson & Hirschi, 1990) and the lifestyles/routine activities perspective (Cohen & Felson, 1979; Hindelang, Gottfredson & Garofalo, 1978) to determine if low levels of self-control, and exposure to motivated offenders, online risky behaviors and activities, and capable guardianship affect the above seven forms of cybercrime crime similarly. In the following sections, we first review the lifestyles/routine activities perspective and the general theory of crime. We also discuss the empirical evidence among exposure to motivated offenders, online risky behaviors and activities, capable guardianship, low levels of self-control and cybercrime victimization. …

On-line Activities, Guardianship, and Malware Infection: An Examination of Routine Activities Theory

Abstract: IntroductionThe Internet and World Wide Web have dramatically altered the way we communicate, live, and conduct business around the world. These advancements have modified traditional activities, such as banking, dating, and shopping, into activities in which individuals interact with others but neither leave the house nor actually physically meet people (Newman & Clarke, 2003). The growth and penetration of computer technology in modern life has provided criminals with efficient tools to commit crime by providing opportunities to commit crimes that could not exist without cyberspace. Few criminologists, however, have empirically assessed the impact of computer technology on victimization. As a consequence, there is a lack of understanding in the ability of traditional theories of crime to account for the prevalence and potential reduction of cybercrime victimization. In particular, routine activities theory (Cohen & Felson, 1979) may be successful in this endeavor as it has been traditionally used to examine how technological innovations affect crime patterns and victimization.One of the more common and significant forms of cybercrime victimization is the destruction of data files due to malicious software, or malware (Furnell, 2002; Taylor, Caeti, Loper, Fritsch, & Liederbach, 2006). Malware typically includes computer viruses, worms, and Trojan horse programs that alter functions within computer programs and files. Viruses can conceal their presence on computer systems and networks and spread via e-mail attachments, downloadable files, instant messaging, and other methods (Kapersky, 2003; Szor, 2005; Taylor et al., 2006). Trojan horse programs also often arrive via e-mail as a downloadable file or attachment that people would be inclined to open, such as files titled "XXX Porn" or "Receipt of Purchase." When the file is opened, it executes some form of a malicious code (Furnell, 2002; Szor, 2005; Taylor et al., 2006). In addition, some malware is activated by visiting websites, particularly pornographic websites, which exploit flaws in web browsers (Taylor et al., 2006). Though worms do not involve as much user interaction as other malware because of its ability to use system memory and to send copies of itself, humans can facilitate its spread by simply opening e-mails that have the worm code embedded in the file (Nazario, 2003).Cybercriminals often utilize malware to compromise computer systems and automate attacks against computer networks (Furnell, 2002). These programs can disrupt e-mail and network operations, access private files, delete or corrupt files, and generally damage computer software and hardware (Taylor et al., 2006). The dissemination of viruses across computer networks can be costly for several reasons, including the loss of data and copyrighted information, identity theft, loss of revenue due to customer apprehension about website safety, time spent removing the programs, and losses in personal productivity and system functions (Symantec, 2003; Taylor et al., 2006). This is reflected in the dollar losses associated with malware infection. U.S. companies who participated in a recent Computer Security Institute reported losses of approximately $15 million because of viruses in 2006 alone (CSI, 2007). An infected system in one country can spread malicious software across the globe and cause even greater damage because of the interconnected nature of computer systems. The Melissa virus, for example, caused an estimated $80 million in damages worldwide (Taylor et al., 2006). Thus, malware infection poses a significant threat to Internet users around the globe.A large body of information security research explores the technical aspects of malicious software. These research efforts have placed special emphasis on the creation of software applications like anti-virus programs that can identify and contain malicious software on computer systems (Kapersky, 2003; PandaLabs, 2007; Symantec, 2003). …

Computer Crime Victimization and Integrated Theory: An Empirical Assessment

Abstract: This study empirically assessed a computer-crime victimization model by applying Routine Activities Theory. Routine Activities Theory is arguably, as presented in detail in the main body of this study, merely an expansion of Hindelang, Gottfredson, and Garofalo’s lifestyle-exposure theory. A self-report survey, which contained multiple measures of computer security, online lifestyles, and computer-crime victimization, was administered to 204 college students to gather data to test the model. Utilizing structural equation modeling facilitated the assessment of the new theoretical model by conveying an overall picture of the relationship among the causal factors in the proposed model. The findings from this study provided empirical supports for the components of Routine Activities Theory by delineating patterns of computer-crime victimization.

What's Love Got to Do with It? Exploring Online Dating Scams and Identity Fraud

Abstract: IntroductionThe rapid development of information and communication technologies (ICTs) and the prevalence of the internet offer an alternative venue for romantic endeavors. Internet daters experience excitement when they interact with other people through new, digital mediums. Four factors make online dating attractive to customers. First, individuals do not have to leave their homes or workplaces to date. Matchmaking sites are open for business 24 hours a day, 7 days a week, allowing daters to remotely scan profiles at their convenience. Second, the anonymity feature of the internet allows individuals to participate privately in dating without the oversight of others or the fear of stigma. Third, interactive online dating allows customers to experience new forms interaction, such as live chats, instant messaging, flirtatious emoticons, nudges, and winks (Fiore & Donath, 2004; Wang & Lu, 2007). Fourth, online dating sites serve up 'perfect matches' quickly. By using advanced search engines, 'scientific' matching services, and proprietary algorithms, dating sites instantly find compatible matches based on values, personality styles, attitudes, interests, race, religion, gender, and ZIP codes (Mitchell, 2009). These digital environments of anonymity and flexibility allow daters to test pluralistic ways of being that are instantaneous, alterable, and open to interpretation, making online dating attractive and stimulating to customers (Hitsch et al., 2005; Wang & Lu, 2007).Not surprisingly, these qualities have resulted in the proliferation of the online dating sector since the mid-1990s, so much so that there are approximately 1,400 dating sites in North America today, such as Match.com, eHarmony.com, Chemistry.com, and Lavalife.com to name a few (Close & Zinkhan, 2004; Scott, 2009). US daters spent approximately $245 million on online personals and dating services in the first half of 2005 (OPA 2005). The online dating industry generated revenues of $957 million in 2008, making it the fourth highest grossing internet industry after online gambling, digital music, and video games (Epps et al., 2008; McMullan & Rege, 2009; Mitchell, 2009). In fact, the online dating sector is anticipated to generate $1.049 billion in 2009 and is expected to grow at a rate of 10% annually, with projected revenue of $1.9 billion by 2012 (Mitchell, 2009). This successful industry, however, is plagued by cyber crimes, such as romance scams and identity fraud. According to the National Consumers League (NCL), the average victim of a 'sweetheart swindle' lost more than $3,000 in 2007 (NCL 2008; BBC 2007). The Internet Crime Complaint Centre's (IC3) 2007 Internet Crime Report found that online dating fraud was one of the most commonly reported complaints in the everrising internet fraud claims (IC3 2007; Mitchell, 2009). Reliable victimization statistics, however, do not exist for several reasons. As King and Thomas (2009) note, romance scams are international in scope and no centralized database tracking victims and their losses is currently available. Furthermore, law enforcement bodies only receive a fraction of all scam complaints, either because victims are embarrassed after being duped, or because they do not realize that they have been swindled (King & Thomas, 2009). While the estimates of victimization are rough at best, online daters are prime targets of romance scams and identity fraud, and thereby warrant special attention.In the context of this paper, cyber crime is defined as any crime (i) where ICTs may be the agent/perpetrator, the facilitator/instrument, or the victim/target of the crime and (ii) which may either be a single event or an on-going series of events (Rege-Patwardhan, 2009; Symantec 2007). This definition encompasses both the duration of the crime as well as the roles (perpetrator, facilitator, and victim) of ICTs in cyber crimes. Cyber criminals are offenders who (i) are driven by a range of motivations, such as thrill, revenge, and profit, (ii) commit and/or facilitate cyber crimes, (iii) work alone, in simple partnerships, or in more formalized settings, and (iv) have varying levels of technical expertise (Rege- Patwardhan, 2009; Rogers, 2005; Wall, 2007). …

Examining the social networks of malware writers and hackers

Abstract: A substantive body of research has emerged exploring the social dynamics and subculture of computer hacking. Few, however, have considered the structure of social networks in the hacker community due in part to the lack of visible information about active hackers or malware writers. Our research focuses on the rarely studied subject of underground networks of computer hackers. Thus, this study explores the social networks of a group of Russian hackers using publicly accessible data to understand the nature of social relationships and the ways that they affect information sharing and action. The findings demonstrate that there are a limited number of highly skilled hackers relative to those with some knowledge of computers. Additionally, those hackers with substantive technical skills are centrally located within friendship networks and are the focus of greater attention overall. The impact of these findings for our understanding of computer hacking, and peer networks generally are considered in detail.