How IC3 Targets Internet Fraud
How Complaints Become Cases
The FBI in Los Angeles last week announced it opened an investigation to determine who hacked into a restricted database at the University of California at Los Angeles (UCLA) that held the names and personal information of some 800,000 students, faculty, and alumni. Anyone who thought they had been further victimized as a result of the breach was encouraged to contact the Internet Crime Complaint Center (IC3).
To understand why IC3 was brought into the picture in this case, it helps to see how the program works.
The IC3 was founded six years ago as a partnership between the FBI and the National White Collar Crime Center (NW3C). The NW3C is a nonprofit organization which assists state and local law enforcement in fighting cyber and economic crime. The IC3’s aim is to be a central repository and analytical resource addressing the full spectrum of Internet-related crime complaints such as hacks, auction scams, identity theft, etc.
Complaints submitted through IC3’s website, www.ic3.gov, are reviewed by FBI and NW3C analysts and analyzed to identify leads and patterns from the hundreds of complaints that are received daily. The IC3 then refers the complaints, along with their analyses, to FBI field offices or other federal, state, and local law enforcement agencies. It’s there that investigators determine whether or not to open a case. Last year, IC3 referred 97,076 fraud complaints—which equated to $183 million in losses—for potential investigations.
Supervisory Special Agent (SSA) Kim Richmond, who is assigned to the FBI Cyber Division’s IC3 unit in Fairmont, West Virginia, described the IC3 as a clearinghouse for complaints.
The sheer volume of complaints—231,493 last year alone—enables IC3 analysts to look for links and patterns, which can lead to stronger cases and help zero in on the major sources of criminal activity. In one case referred by the IC3 and investigated by the U.S. Postal Inspection Service, a California man who was offering expensive tickets to sporting events through an online auction—then not delivering the tickets—was arrested on 12 counts of mail fraud and faces up to 20 years in prison if convicted.
The IC3 2005 Internet Crime Report revealed that auction fraud and non-delivery of goods accounted for more than three-quarters of complaints in 2005. Nigerian Letter scams—where individuals posing as foreign government officials ask for your help placing large sums of money in overseas bank accounts—cost complainants the most money last year, an average of $5,000 apiece. Most of those who submitted complaints to IC3, however, lost less than $1,000 each in scams in 2005.
In the case of suspected identity theft and potential loss of personal data, such as the FBI investigation in the UCLA hack, the IC3 recommends the following steps:
- Contact the fraud departments at the three major credit bureaus and get a “fraud alert” placed on your file.
- Notify your creditors, determine if any accounts have been fraudulently accessed, close those accounts, and use new passwords when opening new accounts.
- File a report with your local law enforcement agency; retain a copy because it may be requested as proof by creditors or businesses.
- File a complaint with IC3 so that agents and analysts can apply their analytical tools and expertise to hone in on the perpetrators.