At least $60 billion in online fraud occurs annually, but faulty enforcement helps fraudsters escape punishment
Consumer Internet Fraud Cases Are Rising But Prosecutions Aren’t
Internet financial fraud has been on the rise for two decades, and the latest statistics from the FBI show it is continuing to derail the lives of more people and cause more financial hardships.
In 2021, the FBI’s Internet Crime Report (released earlier this month), listed 847,376 complaints of suspected internet crime. This was a 7 percent increase from 2020, and the crimes resulted in losses of over $6.9 billion.
This translates into an average of 2,000 complaints per day, according to the FBI Internet Crime Complaint Center. The victims include average people, as well as celebrities such as Sylvester Stallone, Wesley Snipes, Al Pacino, Neil Simon, Martin Scorsese, Uma Thurman, Sting, Robert De Niro, Anne Hathaway, Sidney Poitier, Liv Tyler and Kiefer Sutherland.
But estimates about internet fraud are conservative because most people do not report it. “While it’s true that Internet-based financial fraud is on the rise, getting concrete information about how many people are being convicted of these crimes or even how much money is being stolen is next to impossible,” according to Linda Chavez, founder and CEO of Seniors Life Insurance Finder in Los Angeles.
This issue is especially pertinent to older Americans. In 2020, the FBI’s Internet Crime Complaint Center (IC3) received a total of 791,790 complaints with reported losses exceeding $4.1 billion. Based on the information provided in the complaints, approximately 28 percent of the total fraud losses were sustained by victims over the age of 60. This was a loss of about $1 billion to seniors and was an increase of about $300 million in losses in 2020 versus what was reported by victims over 60 in 2019.
While the trend in internet fraud covers the gamut from phishing scams, ransomware, non-payment-non-delivery scams, and personal data breaches affecting businesses, individuals, and public facilities (including infrastructure and hospitals), the prosecution and conviction rates are not easy to discern.
Worse, it seems few people in law enforcement and other regulatory agencies make those conviction and prosecution statistics readily available.
Why Prosecutions Are Dropping
What are the reasons for this?
First, many cases of Internet fraud go unreported. This is often because victims are embarrassed about being scammed and don’t want to admit it to authorities, according to Max Benz, CEO of BankingGeek.
“Additionally, even when cases are reported, it can be difficult to track down the perpetrator. Often, criminals use fake names and locations, making it hard to identify them,” Benz told Zenger via email. “Finally, prosecutors may not prioritize Internet fraud cases, as they can be complex and time-consuming to investigate. Consequently, there are fewer convictions for Internet fraud than one might expect.”
Third, a lot of internet fraud emanates from outside the U.S., so there are jurisdictional issues. This means that prosecuting fraudsters operating outside the U.S. is a time-consuming process, and even if large frauds occur and perpetrators are identified, extraditing them is costly.
The bottom line is that internet fraud, especially as it relates to average consumers, is a huge problem few enforcement agencies want to prosecute.
“Experts agree that the reason for this lack of transparency is that nobody wants to talk about it. Large insurance companies work with the banks to keep quiet about exactly how much money they lose to fraud every year because they don’t want their customers — or potential customers — to know things like whether they will be reimbursed if their accounts are hacked,” said Seniors Life Insurance Finder’s Chavez.
“This problem has gotten so out of hand that some banks don’t even bother reporting losses due to fraud anymore. According to some sources, large banks can lose as much as $500 million per year overall from various types of scams, but only report about 10 percent of those losses because they are embarrassed by how bad things have become,” Chavez said.
Law Enforcement Tolerates White-Collar Fraud
Based on data from the U.S. Department of Justice, Internet fraud prosecutions of white-collar offenders in January 2020 reached an all-time low. This meant that the average annual number of white-collar defendants decreased from 26 percent to 30 percent during Donald Trump’s first three years in office from the average under President Barack Obama, according to a 2020 report from Syracuse University.
The prosecution record in the current Biden administration, and the U.S. Justice Department under the leadership of Merrick Garland, is also off to a slow start as it relates to internet fraud. According to experts in the field, a major reason for this is poor coordination between the dozen or so federal and private agencies that collect internet fraud complaint data in the U.S.
Also, internet fraud is a relatively new crime. Criminal codes are based on age-old approaches to punishing and preventing the usual crimes against humanity — murder, robbery, assault, etc.
“It is a challenge to create new laws related to crimes that never could have been conceived 25 years ago,” said attorney Alan Ahdoot, of Adamson Ahdoot Law in Los Angeles. “Legislators vote on every revision or addition to the criminal code and there must be consensus for bills to be passed. There are still so many gaping loopholes related to Internet fraud, and it will take time for those to get closed.
Another problem, Ahdoot says, is there aren’t many existing cases that prosecutors can use as a blueprint for successfully pursuing an internet fraud conviction. “The space is still so new and many of the crimes seem so unprecedented. The Internet still feels like a new frontier, and that is perhaps felt the strongest inside a courtroom,” he said.
Then there’s the previously mentioned problem of quantifying the scope of internet fraud.
“The two main sources of official crime statistics in the United States both largely ignore fraud victimization,” research scholar Marguerite DeLiema wrote in a 2017 report from the Stanford University Financial Fraud Research Center. “The primary source of agency data, the Uniform Crime Report (conducted by the Federal Bureau of Investigation), currently does not include fraud in its list of closely watched crimes.” (However, the latter situation is no longer the case.)
DeLiema, now an assistant research professor at the University of Minnesota’s School of Social Work, told Zenger that the COVID pandemic has caused an increase in crime rates, including fraud and scams. “While anti-money laundering rules apply to many companies that process payments, including fraudulent ones, these laws are not always enforced.”
This was certainly the case with an internet fraud that victimized a Beverly Hills PR firm owned by Devon Blaine, and one of her clients, who did not want to be named. The fraud involved a hacked email address, a money transfer to a person who misrepresented himself as the firm’s accountant, and identity theft. But when the owner contacted the Beverly Hills police department to report the theft, they wrote a report but did not take any action because the owner was not the direct victim of the theft. Police also did not want to pursue the case because the person who was defrauded of the money lived in another jurisdiction, Blaine said.
“No one at the police department wanted the email header code that would have pointed to the hacker’s email provider and address,” Blaine wrote. “How can there be a conviction if law enforcement does not pursue the crime? Certainly, no insurance company has covered these losses.”
Where are the Courts and Law Enforcement?
Another major problem stems from tepid enforcement directives that don’t prioritize fraud prosecutions. Some critics have blamed this failure to prosecute internet-related fraud on the federal level directly on Attorney General Merrick Garland.
Meantime, at the local and state level, law enforcement people lack the resources and time to pursue fraudsters that are often outside their jurisdiction and more technologically sophisticated.
“Many times, the perpetrators of the web-based frauds are not located in the U.S, leaving law enforcement with few options to pursue and making prosecutions in the U.S. increasingly difficult,” according to attorney Sarah P. Santos, founding partner with the law firm of Davis & Santos PLLC in San Antonio.
“The criminals can be anywhere in the world, and they often use sophisticated methods to cover their tracks. Even when they are caught, it can be difficult to prove that they committed the crime,” Adnan Jiwani, digital marketing team lead at PureVPN, an internet security firm in Hong Kong, told Zenger. “Prosecutors may not have the resources or expertise to go up against well-funded cybercrime networks. And many people don’t report online scams because they are embarrassed or think that nothing will happen. As a result, Internet fraud remains one of the most rampant crimes in the world.”
Other reasons for the low conviction rate are that more people are doing it using more sophisticated schemes. This includes “sustained fraud schemes” that capitalize on data breaches, which “make it easier for fraudsters to access personal identification information,” said Nick Hodge, founder of the Daily Profit Cycle, an investment research newsletter.
Using information from a data breach, Hodge said fraudsters will combine actual and bogus data to build new, synthetic identities. “Then, they open fake bank accounts and credit cards. These criminals just cease paying after they’ve acquired great credit scores,” he said.
In a fraud takeover scheme, the perpetrators can take control of an account and make fraudulent online purchases using stolen passwords and credentials obtained through data breaches and other means. “A modest transaction like buying groceries with a debit card can lead to a major one like borrowing money from someone else’s bank account,” Hodge said.
Another very powerful player in shaping internet financial fraud practices is insurance companies. When frauds occur, it’s a complex process to untangle the fraud and determine which financial institution has the most liability to compensate the defrauded client’s funds.
“While the FDIC’s deposit insurance coverage program only covers deposit insurance for up to $250,000 per account, FDIC deposit insurance explicitly does not protect accounts from fraud or online theft,” attorney Santos said.
That, in turn, has led to an increased reliance on cyber insurance policies, in addition to the traditional crime insurance coverages (such as fidelity bonds) to cover some internet-related financial fraud losses, she said.
But that’s no cure-all. For one thing, Santos said, banks still prefer to avoid the expenses and delays related to filing civil suits against fraudsters, since such actions are unlikely to recover any funds. She also said that costs for cyber insurance costs “are skyrocketing and increasingly being issued with more exclusions, consistent with the increase in internet fraud events.”
The bottom line: cyber fraud remains a growing plague without a cure.
Edited by Matthew B. Hall and Virginia Van Zandt