Victimisation in a Digitised Society: A Survey among Members of the Public Concerning e-Fraud, Hacking and Other High-Volume Crimes

Authors: M.M. L. Domaine, E.R. Leukfeldt, J.A. van Wilsem, J. Jansen and W. Ph. Stol
Publisher: The Hague: Eleven International Publishing, 2013. 164p.
Reviewer: Donald Rebovich | September 2015

One of the fastest growing crime problems in our modern society is cybercrime. Cybercrime has been defined as crimes in which a computer is the target of the offense or in which a computer is a tool in committing the offense. The actual crimes committed can range from fraud, to identity theft, to acts of extortion. In cases where the Internet is used, cyber criminals can victimize large numbers of individuals and businesses in the blink of an eye, committing these “crimes at a distance.” There is strong evidence that a rising number of former street criminals have drifted into cyber criminality because they perceive it as being relatively safe, has a lower risk of getting caught and can prove more lucrative in the long run. Reports of high profile breaches into private sector and government databases of sensitive information have been making the news more regularly, raising the anxiety level of the general public. Most of the victimization surveys that are done on this crime area tend to focus on businesses — how often they have been victimized, the damage done as a result of the victimizations and methods the firms use to counteract those attempting to hack into their systems. It is rare to see a survey conducted of the general public on cybercrime victimization. The authors of Victimisation in a Digitised Society: A Survey Among Members of the Public Concerning E-fraud, Hacking and Other High-Volume Crimes have produced such a survey. In their book, the authors (M.M. L. Domaine, E.R. Leukfeldt, J.A. van Wilsem, J. Jansen and W. Ph. Stol) present the results of a national public survey conducted in the Netherlands for the Dutch Central Unit (formerly known as the Netherlands Police Agency). Their survey of over 9,000 Internet users represents the first countrywide view of victimization in the Netherlands caused by “offenses with a digital component,” i.e., cybercrime. The findings offer a unique glimpse into how the average citizen is affected by these technologically-based crimes

The authors begin their book by succinctly explaining how they define cybercrime in their study. They characterize cybercrime as being those crimes in which information and communication technology (ICT) plays a significant role in the committing of the offense. They separate the offenses into two distinct categories. The first category encompasses crimes in which ICT is both the means and the end (e.g., hacking, spreading of viruses), and the second category represents crimes carried out with the aid of ICT (e.g., scamming on the Internet, Internet trade in child pornography, stalking). The authors precede their description of the goals and methodology of the study with an enlightening explanation of how the Dutch Central Unit has recently prioritized the threat of cybercrime and how the Dutch judicial system has done likewise. They go on to carefully explain the two primary goals of the study. Those goals are to examine 1) the extent of cybercrime victimization, and 2) the performance of police in these cases. The authors present their sound methodological approach to the study in a clear manner. They explain how the methods included initial interviews with key figures in the police and Justice departments, followed by interviews with small groups of Internet users to facilitate effective formulation of questionnaire questions. They further describe how a pilot questionnaire was distributed to 1000 Dutch citizens and how, after the questionnaire was refined, the amended questionnaire was distributed to over 20,000 people. The response rate was a little over 10,000 (47%), and of that number 89% indicated that they used the Internet.

The first two topics the authors tackle in their account of results are hacking and malware. The authors clarify how they attempted to measure hacking in a couple of different ways; first, in direct questions on whether or not individuals had been hacked and second, where hacking was part of the offenders modus operandi in later questionnaire sections on identity theft and stalking. Of the respondents, 4.3% were found to have been victimized by hacking. An intriguing detail of the results is that the authors found younger Internet users to be more likely than older users to be victimized by hacking. They also uncover interesting discoveries pertaining to relationships between other demographics and the likelihood of victimization; those who live alone and those with educational levels ending in primary school were more likely to be hacked. The authors’ application of multivariate analysis of the data reveal that factors such as increased levels of Internet use, high visibility on the Internet and the lack of use of virus scanners raise the probability of being exploited by cyber criminals. High frequency of downloading from the Internet was also found to be a predictor of victimization. A noteworthy relationship with age is highlighted with regard to older users of the Internet. Vulnerability to victimization was found to be more pronounced for older users of the Internet, the more they take part in Internet activities.

The authors’ section on malware (i.e., malicious software) found that close to 17% of the respondents reported that they had noticed they had malware on their computers during the previous 12 month period. It was discovered that more highly educated respondents were likely to notice malware. Almost 4 out of 10 respondents were not aware of how malware got onto their computer. Explanations on how malware got onto computers included accessing links in e-mails and on websites, and, in addition, through computer downloading. A little over 16% reported suffering financial loss due to the malware. The study’s questionnaire also queried the respondents on the topic of auction fraud on the Internet (e.g., goods not delivered as agreed, goods delivered but the buyer fails to pay the price). Of those using auction sites, 3.4% were victimized by some version of auction fraud. Less than 1% of the respondents had been victimized by identity fraud on the Internet, but among that group the authors detected a curious pattern. Certain Internet practices, like participating in pay contact or dating sites, seem to contribute to the chances that someone will be victimized through Internet identity fraud. The authors’ analysis of cyber stalking indicated that increased Internet activity and exposure are closely connected to a higher risk of victimization. While only .7% fell victim to cyber threats, three quarters of those victims were found to have been threatened more than once. Overall, the study found that the percentage of multiple victimizations was highest in the age group 15 to 34 years.

The next to last chapter of the book is devoted to the analysis of responses covering the topic of relations between the police and the public. Twenty-nine percent of Internet users believed that the police have a responsibility to safeguard security on the Internet. Interestingly though, the vast majority believed that other entities were responsible for Internet security (financial institutions – 93.4%, website owners – 79.9%). The percentage of victims reporting to the police varied according to the type of victimization (e.g., hacking – 4.1% , stalking – 30.4%). The victims from whom statements were taken by police generally expressed greater satisfaction with the police response then victims in cases where statements were not taken. The authors expressed uncertainty regarding which factors are significant in influencing greater satisfaction and strongly recommend that this area requires additional study.

In the end, the book winds up making an important statement on crime in the Netherlands. Although the percentages of cybercrime victimization revealed in the study may seem to be small to some, it is important to view these percentages in the context of the criminal environment in the Netherlands. Readers may be surprised to learn about how the percentage of those hacked compares to the percentage of those who have been victimized by bicycle theft. The authors draw the reader’s attention to the fact that the criminal event that normally scores highest in victimization surveys in the Netherlands is bicycle theft (4.8%). According to the survey this book is based on, the percentage of people victimized through hacking (4.3%) nearly reaches that high. Clearly, this represents a new age for police in the Netherlands, accentuating the need for public awareness on key aspects of cybercrime to bolster prevention methods and to inform the general public as to what course of action to take when one is victimized by cyber criminals. Appropriately, one of the books recommendations is that police become more familiar with how to address the international aspects of cybercrime, particularly because close to 20% of auction fraud cases in the Netherlands involve contact with a seller in a foreign country. Presently, Netherlands police are not adequately equipped to handle such cases effectively, necessitating a move to enhance international law enforcement collaboration.

As we move further into the 21st Century, cybercrime will, without a doubt, become more pervasive around the globe, compelling law enforcement officials to engage in more proactive methods to address how to respond to victims’ needs and to experiment with imaginative prevention strategies. Absent such an effort, special demographic groups described in this study (e.g., the less educated, those who have high frequencies of Internet use, the young) will remain vulnerable to the actions of enterprising cyber criminals. Cyber criminals in the Netherlands and elsewhere have been found to be shrewd, resourceful and incredibly patient. They often have the ability to actively capitalize on weaknesses in consumer practices to the point where they may “target” susceptible groups, increasing the chances of victimizing these groups. The authors of Victimisation in a Digitised Society have taken a critical step toward equipping criminologists and professionals operating in criminal justice systems with a richer understanding of the key characteristics of those who would be victimized. The information is presented in a crisp, easy-to-understand fashion, with interpretations that furnish thought-provoking insights into the world of cybercrime. Victimisation in a Digitised Society represents a worthy contribution to research on cybercrime and its victims.

Donald Rebovich, Professor of Criminal Justice, Executive Director of The Center for Identity Management and Information Protection (CIMIP) at Utica College, Utica, NY