We tend to forget that the e-mails telling us we have won the Microsoft Lottery and phone calls telling us we have won a Caribbean cruise are merely the latest variations on scams which date back hundreds of years. Just before Christmas the National Fraud Authority published an extensive research report on the experiences of fraud victims. It makes chilling reading, to complement the weather outside if you are snowed in today. You will find the “story” in more succinct (equally bleak) form on www.thinkjessica.com (supported by SOCA and the NFA).
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
One of the problems in addressing on-line fraud is that it is only “an annoyance” for those running the major players with the resources to take action and muscle to make their suppliers take action). Their losses are often less than their security budget, let alone that which they write off as bad debts. For small firms and individuals it can be a tragedy.
We should remember it can also be a tragedy for those who thought they could avoid risk by not going on-line, using only the telephone or mail order – let alone those who allow themselves to be helped by “that nice man at the door who said he was a social worker / calling to check the safety of my wiring / was working in the area and noticed …”
I strongly support the psychology and logic behind the “Think Jessica” exercise but in the on-line world we have too many “awareness” exercises and not enough action. More-over that proliforation makes it easier to set up fraudulent exercises which distribute malware under the guise of protection.
Hence one of the objectives of the “awareness” stream of the e-Crime Reduction Partnership. I am about to send an e-mail to the Information Society Alliance (Eurim) e-Crime circulation list on to encourage those wishing to promote awareness to come together and build on established campaigns, like “Get Safe On-line“. Yesterday the steering committee of the Information Security Awareness Forum confirmed their support for this approach. But actually persuading the members of twenty or so professional bodies and trade associations to stop reinventing square wheels and disseminate common messages and material is easier said than done.