NESTA Crime Online - University of Brighton Repository
NESTA Crime Online - University of Brighton Repository
NESTA Crime Online - University of Brighton Repository
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
hours <strong>of</strong> an <strong>of</strong>ficial vulnerability disclosure. The survey also revealed that in the first half<br />
<strong>of</strong> 2008 attacks targeting flaws in browser plug-ins are increasing markedly. 191 Also in<br />
the first half <strong>of</strong> 2008, around 78 per cent <strong>of</strong> web browser exploits targeted browser plug-<br />
in bugs. 192 Web browser plug-ins are additional pieces <strong>of</strong> s<strong>of</strong>tware that add extra<br />
capabilities to a web browser, such as the ability to view movies and videos, and other<br />
types <strong>of</strong> web content.<br />
Cybercriminals use peer-to-peer (P2P) tools for identity theft. 193 Using P2P tools to share<br />
music, s<strong>of</strong>tware and other digital content is similar to leaving the front door <strong>of</strong> a house<br />
wide open for a burglar to saunter in. A woman’s credit card details were found in<br />
disparate places such as Troy, Michigan, Tobago and Slovenia because her shared music<br />
folder was making her entire “My Documents” folder available to P2P audience for 24<br />
hours a day. 194<br />
Another key way cybercriminals effectively solicit data illegally is through spamming.<br />
The skills deployed vary in their sophistication. An example <strong>of</strong> a low skill used in<br />
spamming involves sending bulk unsolicited e-mails requesting personal details. One<br />
example is the notorious ‘Nigerian Letter’ scam (also called the ‘419 fraud’). 195 This<br />
involves e-mails from Nigeria in which the target is enticed to advance sums <strong>of</strong> money in<br />
the hope <strong>of</strong> realising a significantly larger gain, particularly through high returns from<br />
the unsuspecting victim’s ‘investment’.<br />
The skills for spamming, however, are becoming more sophisticated. Spammers are<br />
going back to basics. 196 Nine out <strong>of</strong> ten spam messages now contain little more than a<br />
191 John Leyden, (2008), “Cybercrooks get faster, further, nastier,” The Register, 29 th July.<br />
192 A plug-in consists <strong>of</strong> a piece <strong>of</strong> s<strong>of</strong>tware that interacts with a web application to provide a very specific<br />
function "on demand." Applications support plug-ins for many reasons, for instance, to enable other developers<br />
to create new applications.<br />
193 A peer-to-peer (P2P) computer network uses diverse connectivity between participants in a network. Such<br />
networks are useful for sharing content files containing audio, video, data or anything in digital format..<br />
194 Chris Preimerberger, (2006), “Cyber-criminals use P2P tools for Identity Theft, Security analyst Warns.”<br />
www.eweek.com/c/a/Security/Cybercriminals-Use-P2P-Tools-for-Identity-Theft-Security-Analyst-Warns/,<br />
accessed 18 th August 2008.<br />
195 This is also referred to as the “Advance Fee Fraud”, named “419 Fraud” after the relevant section <strong>of</strong> the<br />
Nigerian Criminal Code.<br />
196 John Leyden, (2008), “Cybercrooks get faster, further, nastier,” The Register, 29 th July. See also Guillaume<br />
Page 64