- Computer Crime: Any criminal act requiring knowledge of computer technology to commit, investigate, or prosecute it, in which a computer is the
- object of the crime, such as when a perpetrator steals someone’s computer or software;
- subject of the crime, such as when a perpetrator steals personal information or proprietary software from someone’s computer; or
- instrument of the crime, such as when a perpetrator uses a computer to commit fraud or to steal, alter, or destroy someone’s personal information.
- Cyber Crime: A crime that occurs on, or is committed using, the Internet – including social networks and online dating sites.
- Cyber Fraud: Any material misrepresentation made knowingly over the Internet with the intent of deceiving another person who actually and reasonably relies on the misrepresentation to her detriment. Examples of cyber fraud include:
- offering an item for sale on a legitimate or fake auction or retail web site, then refusing to send the item after receiving payment, sending an item worth substantially less than the one offered, or diverting the buyer’s payment from the intended seller to an account belonging to the fraudster; and
- soliciting monetary gifts for a bogus charity or diverting a donor’s payment from a legitimate charity to an account belonging to the fraudster; and
- soliciting money to facilitate a large, bogus financial transaction of which the fraudster promises to pay the recipient of the solicitation a hefty percentage.
- Identity Theft: Stealing another person’s identifying information (e.g., Social Security number, name, date of birth) in order to access the victim’s financial resources. Many identity thieves do not use the information they steal, preferring to sell it (repeatedly, if possible) via the Internet.
- Trojan Horse: Software that appears to perform a legitimate function but allows the provider unauthorized access to information stored on the user’s computer.
- Phishing: Attempting to acquire financial data, passwords, or other personal information by sending an e-mail message purporting to be from, or by creating a web site purporting to belong to, a legitimate business, such as a bank or credit card company, in hopes that someone will enter valuable information the phisher can use for fraudulent purposes.
- Vishing: A form of phishing that also includes a phone call from, or requires the recipient to respond by phone to, the phisher.
- Employment Fraud: Sending bogus e-mails to jobseekers or professionals asking for information that the phisher can use to steal the recipient’s identity.
- Stalking: Harassing or following a person while making a “credible threat” that causes the victim to be in reasonable fear of her safety or the safety of her immediate family.
- The stalking laws many states first enacted in the early 1990s required physical proximity to the victim; and, therefore, did not address using the Internet to stalk victims.
- Since 1998, forty-five states and the federal government have criminalized cyber stalking – using the Internet, e-mail, social-network sites, or some other form of electronic communication to harass someone.
HACKING AND CYBER TERRORISM
- Hacking: Gaining unauthorized access to someone else’s computer or computerized information.
- Malware: A program, often in the form of a worm or a virus, that harms a computer or information stored on a computer. Both worms and viruses are self-replicating; but, while a worm is a free-standing program, a virus must attach to another program to spread.
- Botnet: A network of computers a hacker has misappropriated without their owners’ knowledge to spread malware via the Internet.
- As Web-based software (as opposed to software you buy and install on your computer) becomes more prevalent, so does Web-based crimeware.
- Cyber Terrorism: Using a computer to damage, alter, disrupt, or shut down – or to threaten to damage, alter, disrupt, or shut down – a critical computer system, such as the FAA air traffic control system, a regional power grid, the Federal Reserve check clearing system, or to commit industrial or military espionage going beyond “mere” theft or sabotage going beyond “mere” vandalism.
- Spam: Unsolicited bulk e-mails advertising the spammer’s product or service or including one or more hyperlinks to a Web site advertising a product or service. Thirty-six states regulate or prohibit spam, giving recipients of unwanted spam and, in some cases, Internet service providers (ISPs), legal grounds for blocking spam or opting out of the mailing list the spammer used and for recovering monetary damages or penalties from spammers.
- In 2003, Congress enacted the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act, which prohibits certain types of spamming activities, such as using a false return e-address and transmitting false, misleading, or deceptive information via e-mail.
- The 2006 U.S. Safe Web Act expands the reach of CAN-SPAM to spammers and servers located outside the U.S. but directing their spam to users within the U.S.
- Gambling: A game of chance that (re-)distributes money or other property among persons who paid valuable consideration for the chance to win it.
- State Regulation: Some states prohibit gambling; most states allow, subject to regulation, one or more forms, such as casino gaming, pari-mutuel betting on horse or dog races, state-run lotteries, and games of chance run by or for the benefit of a charity.
- Internet Gambling: Because state laws vary widely, and because the Internet allows the residents of a state to access out-of-state and offshore gambling sites, the question arises:
- Can a resident of a state that prohibits or regulates gambling legally engage in games of chance over the Internet in which she could not legally engage offline?
- Concerned about underage gambling, addiction, and the use of Internet gambling sites for money laundering, Congress passed the Unlawful Internet Gambling Enforcement Act of 2006, which bars Internet gambling sites from using credit cards and other forms of electronic payment to reflect a player’s wins and losses.
COMBATING CYBER CRIME
- Because committing cyber crime in a jurisdiction does not require the criminal to be physically present there, and because of the high degree of anonymity that goes along with activity over the Internet, police and prosecutors have difficulty applying existing property-based criminal law to crimes committed over the Internet.
- The Computer Fraud and Abuse Act of 1984 (as amended by the National Information Infrastructure Protection Act of 1996) subjects a person to criminal prosecution for accessing or attempting to access a computer online, without authority, to obtain classified, restricted, or protected data – including financial and credit records, medical records, legal files, and other confidential or sensitive data.
- The federal wire fraud statute, the Economic Espionage Act, RICO, the Electronic Funds Transfer Act, the Anticounterfeiting Consumer Protection Act, and the National Stolen Property Act also apply to crimes committed in cyberspace. Computer users can help combat cyber crime by using encryption and other security safeguards to protect their emails, their computers, and the information stored on them.