Security can be defined as the degree of resistance to, or protection from harm. It applies to any vulnerable and valuable assets, such as persons, dwellings, communities, nations or organizations. Cybercrime is any crime committed or facilitated via the Internet. It is any criminal activity involving computers and networks. It can range from fraud to unsolicited emails (spam). It includes the ...

Digital technologies are constantly changing, and with it criminals are finding new ways to abuse these technologies. Cybercrime investigators, then, must also keep their skills and knowledge up to date. This work proposes a holistic training development model – specifically focused on cybercrime investigation – that is based on improving investigator capability while also considering the capac...

Phishing and related cybercrime is responsible for billions of dollars in losses annually. Gartner reported more than 5 million U.S. consumers lost money to phishing attacks in the 12 months ending in September 2008 (Gartner 2009). This paper asks whether the majority of organised phishing and related cybercrime originates in Eastern Europe rather than elsewhere such as China or the USA. The Ru...

This work addresses fundamental questions about the nature of cybercriminal organization. We investigate the organization of three underground forums: BlackhatWorld, Carders and L33tCrew to understand the nature of distinct communities within a forum, the structure of organization and the impact of enforcement, in particular banning members, on the structure of these forums. We find that each f...

Recent discussions of ‘cybercrime’ focus upon the apparent novelty or otherwise of the phenomenon. Some authors claim that such crime is not qualitatively different from ‘terrestrial crime’, and can be analysed and explained using established theories of crime causation. One such approach, oft cited, is the ‘routine activity theory’ developed by Marcus Felson and others. This article explores t...

Cybercrime activities are supported by infrastructures and services originating from an underground economy. The current understanding of this phenomenon is that the cybercrime economy ought to be fraught with information asymmetry and adverse selection problems. They should make the effects that we observe every day impossible to sustain. In this paper we show that the market structure and des...

Cybercrime incurs an estimate of $110 billion per annum globally (Norton Cybercrime Report 2012). This excludes the non-financial impact. The combined impact presents an enormous problem worldwide, from the point of view of overall management (detection, monitoring and prevention). While there are lists/categories of cybercrimes published in books, government websites, security and crime-relate...

Cybercrimes over the years have become both increasingly numerous and sophisticated. This paper presents a taxonomy for cybercrimes that can be used for the analysis and categorization of such crimes, as well as providing consistency in language when describing cybercrimes. This taxonomy is designed to be useful to information bodies such as the Jamaican Cybercrime Unit, who have to handle and ...

Cybercrime has received significant coverage in recent years, with the media, law enforcers, and governments all working to bring the issue to our attention. This paper begins by presenting an overview of the problem, considering the scope and scale of reported incidents. From this, a series of common attack types are considered (focusing upon website defacement, denial of service and malware),...

This research-in-progress paper reports on a project that seeks to develop a new process perspective on incentive mechanisms in cybercrime prevention networks. Adopting such a view is of great importance given the continuous innovations in cybercrime that makes fighting it a constant endeavour, involving actors from multiple networks. To this end, we zoom in on specific prevention encounters oc...