Silicon.com: Nine out of ten cybercriminals outwit PC plod
Owen Blacker
ukcrypto at maillist.ox.ac.uk
Thu, 14 Sep 2000 10:04:16 +0100
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original Message-----
> From: WebMaster@silicon.com [mailto:WebMaster@silicon.com]
> Sent: Thursday, September 14, 2000 9:55 AM
>
>
> HEADLINE: Nine out of ten cybercriminals outwit PC plod
> PUBLISHED: 7:08pm on Wednesday 13th September 2000
> CHANNEL: Ebusiness security
> AUTHOR: Sonya Rabbitte
> SERVICE: http://www.silicon.com
>
> TEXT OF STORY FOLLOWS:
>
> A study by information solutions company Experian found that 53 per
> cent of UK e-tailers which had informed police of losses from
> online crime encountered a lack of interest. Only one in ten
> reported cases of internet fraud has resulted in prosecution.
>
> However, blame for spiralling internet fraud does not lie solely
> with the police, according to Richard Fiddis, CEO of Experian UK.
>
> He said: "Our survey shows that online retailers either do no
> checking or rely almost totally on manual fraud prevention
> measures. Almost half said they do not use any external data when
> verifying a customer's name and address before authorising a
> transaction."
> The survey also shows that the majority of online retailers took a
> long time to discover fraud. Two-thirds took a month to detect a
> credit card crime, with 18 per cent citing a delay of up to two
> months, making it easier for the thief to strike again. In 40 per
> cent of cases the same perpetrator struck more than once on the
> same website.
>
> Steven Phillipson, head of commercial fraud at law firm PCB, said
> Experian's figures are consistent with evidence he has encountered.
> He warned that online retailers are putting short-term commercial
> gain ahead of long-term customer confidence.
> He agreed that the police do need greater powers to tackle the
> problem, but stressed that the most efficient solution is stringent
> self-regulatory controls.
> He said: "Ecommerce retailers should be setting up a regulatory
> body to take action if a retailer is careless. They should not only
> be able to punish the hacker in a civil court, but should also
> place effective sanctions on the retailer."
> He added that careless retailers should foot the bill if an
> effected [sic] consumer wished to take a civil case against a
> hacker.
> He said: "At the moment, retailers pay in the region of three to
> four per cent of fraud chargeback levels. They should be paying a
> certain percentage out of their own pockets, something that will
> hurt."
> SILICON SAYS:
> Fraud needs to be stopped at the root, with well-managed websites.
> Companies should be scared if things go wrong. The trouble with
> self-regulation is it's voluntary. Online retailers won't vote for
> tougher penalisation. Why should they? Look at the kitemark schemes
> already in operation from the likes of Clicksure and Trust UK.
> Chances are the vast majority of consumers know nothing about them.
> The Data Protection Commissioner does its best, but is failing to
> fully implement the Data Protection Act. That's why silicon.com
> says 'Back the Act'. For more on Back the Act, see
> http://www.silicon.com/a39096 .
For related news, see:
E-banks told to carry the can for online fraud
http://www.silicon.com/a39431
Hackers steal card numbers from Western Union online
http://www.silicon.com/a39551
Inside Track: Steven Phillippson, head of commercial fraud, PCB
http://www.silicon.com/a39579
STORY ENDS
For more information on silicon.com go to http://www.silicon.com.
silicon.com - the who, what, when, where and why of ebusiness
-----BEGIN PGP SIGNATURE-----
Version: PGP 7.0
Comment: Due to RIP, pls check for revocation before using this key!
iQA/AwUBOcCUr1VeQSYAA2h0EQIDhgCdGjdQTX1A5hI/94IMQuGJpuPwq+sAoMkb
QpVu6+ImTxOQ9AiHjnyyC/iB
=XSdz
-----END PGP SIGNATURE-----
_____________________________________________________________________
This message has been checked for all known viruses by UUNET delivered
through the MessageLabs Virus Control Centre. For further information visit
http://www.uk.uu.net/products/security/virus/