Courtney Howell, CFE
A few months ago, my good friend — we’ll call her Betsy — wanted to sell her old computer to help pay for a new one. She’d sold plenty of items online before, so she listed it in a few different popular spots like Craigslist and Facebook Marketplace and waited for the offers to roll in.
First, Betsy received a message via Craigslist from someone locally who claimed to be interested in buying the computer for their father, but the messages were pushy and gave Betsy a weird vibe, so she ceased communications with that person.
Next, she received a few more messages from interested parties, but those people ended up ghosting her.
Finally, she received a message via Facebook from a woman in Florida named Pamela. From her profile photo, Pamela looked to be in her early to mid-50s and she had several posts about how much she loved her grandchildren. There was also a cute one of her out at a seafood restaurant with friends. Pamela said she was looking to buy a used computer for her grandson as a gift because he’d be graduating soon and she wanted to surprise him. After looking through Pamela’s profile, Betsy decided this purchaser looked legitimate and agreed to sell the computer.
After exchanging a few more messages, Betsy mailed the computer to a FedEx store in Florida. Unfortunately for Betsy, the money never arrived in her bank account and Pamela soon ceased communications on Facebook.
With a growing sense of horror, anger and sadness, Betsy realized she had become the victim of an internet fraud scheme.
According to the FBI’s 2018 Internet Crime Report, this type of scheme — known as a non-payment scheme — was the most common type of internet crime reported last year, while social media was the most popular medium criminals used to facilitate their crimes.
The report includes many interesting and important facts for fraud examiners to be aware of. For instance, business email compromise (BEC) garnered the biggest losses throughout the year, totaling more than $1.2 billion. Meanwhile, the number of tech support fraud cases reported in 2018 jumped up by 161% from the previous year, most of which were reported by individuals over the age of 60. Here are a few more relevant stats from the report:
On average in 2018, 900 internet crimes were reported each day
Individuals over the age of 60 had the most number of reported victims: 62,085
Individuals under the age of 20 had the fewest number of reported victims: 9,129
California had the most number of reported victims: 49,031 (the next closest was Texas with 25,589)
North Dakota had the fewest number of reported victims: 459
California also had the biggest reported losses: $450,482,128 (the next closest was New York with $201,090,065)
South Dakota had the lowest reported losses: $1,733,826
One of the most valuable aspects of the complaint center is that every case that comes through is categorized by FBI analysts and then saved to a searchable database in the FBI’s Law Enforcement Enterprise Portal (LEEP). All sworn law enforcement personnel can then remotely access and search the Internet Crime Complaint Center (IC3) database. This year’s annual report highlights a success story from the Putnam County Sheriff’s Office in Carmel, New York where they identified three related IC3 cases using the database, which then helped them quickly identify another similar case in a matter of hours rather than months.
The report is worth a full read, as it shares some of the most popular types of schemes and highlights various cases of each throughout the U.S.
As soon as my friend Betsy started to suspect something was wrong, we took a closer look at Pamela’s profile. “Pamela” only had about a dozen friends, and there were only twenty or so pictures on her profile. Even though she had many posts on her timeline, the earliest one was only from a few weeks before. The strings began to unravel, the computer was gone and Betsy knew she’d never get any money for it.
She kept saying, “How could this happen to me? I’m suspicious. I know what to look for.” But no matter how many times I told Betsy that it wasn’t her fault and that fraudsters make a living out of duping people, she said she couldn’t help feeling ashamed for falling for the scheme.
After giving my friend a hug, I told Betsy about the IC3. Even though it was difficult for her to write out the facts of her case, we filled out a report together. Our hope was that, just like with the Putnam County Sheriff’s Office, the information we shared would help to eventually catch a crook. At the very least, it is now part of the IC3 database, and through the yearly report, the information we shared will serve to educate potential victims of fraud in the future.
If you believe you may be the victim of an internet crime, please file a complaint with the FBI’s Internet Crime Complaint Center.