Editorial: Serve and Protect - Publication: SMH Magazine - Date: September 2001

Back to Editorials

THE Internet is unparalleled in its reach as a communications medium, creating enormous possibilities not only for e-commerce, but also for Internet crime. While examples of the Web's dark side at work have been well documented, government and private agencies
have sprung to the online community's defence.

According to the National Consumers League in the United States, it receives more than 100 complaints related to Web scams each month, dealing with amounts ranging from $US10 ($18) to $US10,000.

The 10 most frequent fraud reports involve undelivered Internet and online services: damaged, defective,misrepresented or undelivered merchandise; auctions; pyramid schemes and multilevel marketing; misrepresented onlinebusiness opportunities and franchises; work-at-home schemes; prizes and sweepstakes; credit card offers; books;self-help guides; and magazine subscriptions.

As virtually all of the crimes at this stage are consumer fraud-related, it won't necessarily be your cyber cop that is keeping a careful eye on the market. Instead, consumer protection agencies are at the forefront of safeguarding the online community.

In an effort to prevent dubious online operators, the International Marketing Supervision Network instigated an annual global Internet sweep in 1997. The sweep days areco-ordinated by the Australian Competition and Consumer Commission (ACCC) and involve about 70 consumer affairs enforcement agencies from 30 countries.

In 1997 the sweep day targeted "get rich quick" schemes and in 1998 the focus was on Web sites promoting "miracle cures" and misleading health claims. Once suspicious sites are identified, the operators are sent an emailadvising them that their activities may be in breach of the law. Sweep results identified more than 1,100 suspicious Web sites in 1997 and 1,400 in 1998. The 1999 sweep day assessed e-commerce Web sites, with examinations of sites within a particular industry (eg, books, travel, CDs, clothing).

Australian agencies involved in the 1999 sweep included the National Office of theInformation Economy (www.noie.gov.au), the ACT Consumer Affairs Bureau (www.consumer.act.gov.au), the Consumer and Business Affairs, Victoria (www.consumer.vic.gov.au), the NSW Department of Fair Trading (www.fairtrading.nsw.gov.au), and the WA Ministry of Fair Trading (www.fairtrading.wa.gov.au).

For the ACCC, the issue of Internet fraud protection is essentially the same as other areas of consumer fraud. Its director of public relations, Lin Enright, said: "Basically, we are faced with the simple challenge of protecting consumers through the proliferation of e-business and enforcing the Trade Practices Act.

"Any scams regarding the sale of goods and services that existed prior to the Internet have been reborn via the medium. This may be pyramid selling, chain letters, or dubious advertisements."

Enright is keen to highlight the fact that Web scams aren't simply an offshore phenomena, citing a recent example of a local ISP, Freenet 2000, that touted an income generation scheme via a pyramid referral process.

"The facility was designed to recruit new people to the service. The ACCC felt that this was in contravention of the Trade Practices Act and therefore decided to stop it."

Paul Childs, media manager at the NSW Department of Fair Trading, said the department is constantly warning consumers about the pitfalls of purchasing online.

"Occasionally we talk to overseas law enforcement bodies about scams on the Web, and recently [the department] had discussions with the Mounties [Canada's Federal law enforcement body] about Web scams," he said. "We recently took action against a local operator selling CDs via the Internet. People buying CDs from the company were being billed twice for their purchases. We are still in the process of acting against this company." Cyberbanking has added a new dimension to Internet scams, providing the potential for Web-based financial institution fraud. According to ACCC statistics, 88,000 Australian Internet users were regular users of online banking in 1998, a number that grew to about 145,000 last year.

In recent years, a range of cyberbanking fraud cases was uncovered by the US Federal Bureau of Investigation. As far back as 1994, a group of people in Russia gained unauthorised access to Citibank's Cash Management System and collected $US6 million before intervention by US Federal authorities.

Banking practices differ internationally. The Code of Banking Practice relating to online banking in Australia can be accessed on the Australian Bankers' Association Web site at www.bankers.asn.au. Last year, the Australian Securities and Investment Commission

(ASIC) announced the formation of a working group to ensure that consumers using electronic banking had access to adequate consumer protection.

Last year, ASIC (www.asic .gov.au) clearly illustrated how easy it was to fool online investors with its Millennium BugInsurance site. As the Australian regulator of the securities and futures markets, ASIC is responsible for consumer protection in the
financial services sector.

So, to educate consumers about investing on the Net, ASIC developed the Millennium Bug Insurance cyberscam on April 1, 1999. The scam site (www.smbi.com .au) offered a fake investment scheme in aneffort to highlight the willingness of people to invest in
companies about which they know nothing.

The ASIC's April Fool's Day joke convinced more than 1,400 people to seek further information, and then persuaded 233 to part with more than $4 million.

The ASIC Web site also includes "Internet Safety Checks" that highlight basic checks that can be made by consumers before investing in Internet-based schemes. These include checks to ascertain whether a company exists and whether or not it has issued a

The ASIC electronic enforcement unit also houses programs to trawl through various Australian sites and locate offers and information related to shonkyinvestment offerings. Continuing to highlight cyberscams, ASIC also launched the "Gull Awards".Located on its Web site, the Gull Awards feature cautionary tales of investment scams.

Internet Fraud Watch and the National Fraud Information Centre facilitate the efforts of law enforcement agencies by providing a one-stop reporting centre for consumers at www.fraud.org. In terms of Australian laws governing the online environment, little legislation has been enacted to cater exclusively for the digital age, however.

Existing laws govern online fraud, though in areas such as hacking and malicious damage, the legal clock
ticks far slower than the rapid evolution of business and technology.

In February 1998, the US Government established the National Infrastructure Protection Centre in response to the growing dangers posed by high-tech sabotage and cyber-attack to sectors such as banking, finance, communications, information technology and energy.

In January this year Australia's Justice Minister, Amanda Vanstone, announced that continuing Internet attacks had underscored Australia's need to retool its criminal law "to address the actions of those who intentionally impair electronic communications to or from a computer without authorisation."

Under proposed new legislation, hackers who sabotage Web sites may face up to 10 years in jail. Although broadening the existing legislation was accepted, a number of security experts have suggested that in trying to implement laws which will counter the problem could put commercial Web organisations in a "catch 22" position. Ultimately, it would seem that the technical community needs to help the legislators understand enough about how the network works to helpfashion enforceable laws.

In Australia the Australian Federal Police (AFP), the Australian Security Intelligence Organisation, the Defence SignalsDirectorate and the Commonwealth' Protective SecurityCo-ordination Centre each play a major role in the reporting, analysis and response mechanisms for the range of potential threats to the information infrastructure.

According to John Geurts,director of electronic research at the AFP, the multiplicity of lawenforcement agencies and legal systems involved in tracking and prosecuting computer crime is likely to impede the co-operation necessary to address Internet and e-commerce crime issues. Sovereign governments are finding it difficult to control online behaviour at home, not to mention abroad. This issue presents more complications for the AFP, Geurts says.

"In Australia, our MutualAssistance legislation allows evidence to be collected for overseas agencies only after the written approval of the Attorney-General," he says.

"Changes to the MutualAssistance Act should seek to allow Australian law enforcement to collect evidence prior to the approval of the Attorney-General."

Written by Craig Stephens

Back to Editorials