Posted by Virus Bulletin on Apr 24, 2007
Laws and agencies beginning to target online fraud and ID theft.
With profits from fraud using privileged personal data stolen via phishing or spyware rocketing and making the development of malware an ever more lucrative business, governments worldwide are beginning to take more concerted action to combat the problem.
In the US, the 'SPY ACT' anti-spyware legislation put forward in 2004 continues its slow crawl through the approval process, and is already picking up criticism for loopholes and a lack for comprehensive coverage. Now a multi-agency task force on identity theft has issued a briefing document offering schemes and strategies to battle the growing problem of personal data, stolen via physical as well as electronic means and used to defraud individuals of funds directly or to set up false identities for other fraudulent purposes.
The strategic plan proposes methods for safeguarding data from exposure, including legislation and guidelines for government and private institutions regarding the use and dissemination of sensitive private data, controls to prevent the misuse of stolen data, support and reporting channels for victims of fraud, and more effective detection and punishment methods for the perpetrators of fraud and identity theft. The full report, including in-depth analysis of the problems faced and detailed lists of strategic recommenations, can be found (in PDF format) here.
Meanwhile in Europe, UK experts are designing a Europe-wide portal for reporting cybercrime, according to reports last week. With numerous studies finding that much online fraud and data theft goes unreported, often due to lack of clarity over jurisdictions and a shortage of dedicated law enforcement agencies, the new body dubbed Victims of Internet Crime Europe (VOICE) hopes to gather vital data on the scale of the problem, which it is hoped will result in more clarity in regulation and more effective government spending.
'These latest moves are an encouraging sight, but the problem needs much more rapid action,' said John Hawes, Technical Consultant at Virus Bulletin. 'Identity theft and cybercrime are rampant, with huge sums being made from phishing and spying - this is a major global issue that needs coordinated action on a global scale, with powerful new laws and enforcement bodies with the flexibility to respond to the fast-evolving online world and its equally fast-evolving dangers. The Internet is now the hub of the global economy, and it is in danger of being swamped by thieves and scammers.'
A panel discussion on cybercrime, featuring representatives from US and European law enforcement agencies, will debate approaches to fighting online crime at the VB conference in Vienna (19-21 September 2007). Full details of the conference and online registration can be found here.
Posted on 24 April 2007 by Virus Bulletin