Accession Number : ADA570745
Title : Dissecting One Click Frauds
Descriptive Note : Technical rept.
Corporate Author : CARNEGIE-MELLON UNIV PITTSBURGH PA CYLAB
Personal Author(s) : Christin, Nicolas ; Yanagihara, Sally S ; Kamataki, Keisuke
Report Date : 23 Apr 2010
Pagination or Media Count : 25
Abstract : One Click Fraud is an online confidence scam that has been plaguing an increasing number of Japanese Internet users, in spite of new laws and the mobilization of police task forces. In this scam, the victim clicks on a link presented to them, only to be informed that they just entered a binding contract and are required to pay a registration fee for a service. Even though no money is legally owed, a large number of users prefer to pay up, because of potential embarrassment due to the type of service requested (e.g., pornographic goods). Using public reports of fraudulent websites as a source of data, we analyzed over 2,000 reported One Click Fraud incidents. By correlating several attributes (WHOIS data, bank accounts, phone numbers, malware installed, etc.), we discover that a few fraudsters are seemingly responsible for a majority of the scams, and evidence a number of loopholes these miscreants exploit. We further show that, while some of these sites may also be engaging in other illicit activities such as spamming, the connection between different types of scams is much more tenuous than expected. Last, we show that the rise in the number of these frauds is fueled by high expected monetary gains in return for very little risk. The quantitative data obtained gives us an interesting window on the economic dynamics of some online criminal syndicates.
Descriptors : *COMPUTER CRIMES , *COMPUTER NETWORK SECURITY , *CONTRACTS , *ELECTRONIC COMMERCE , *INTERNET , CLUSTERING , COMPUTER VIRUSES , COST BENEFIT ANALYSIS , CRIMINALS , DATA ACQUISITION , JAPAN , LAW ENFORCEMENT , MEASUREMENT , METHODOLOGY , PROFITS , QUANTITATIVE ANALYSIS , VULNERABILITY
Subject Categories : Economics and Cost Analysis
Sociology and Law
Computer Systems Management and Standards
Distribution Statement : APPROVED FOR PUBLIC RELEASE