The effectiveness of using static features in identifying scam genres

Thesis details a cybercrime classification framework stemming from a mixed methodological approach, which is both top down and bottom up and is designed to be multidisciplinary and adaptable across sectors.Master by Research of Mathematical SciencesVariation in scam classification is regularly identified as a primary cause of discrepancy in victim report data resulting in unsuccessful scam identification and insufficient rates of interception by law enforcement, which results in the low prosecution rate of scammers. The result of such discrepancies lead to complex concerns, such as the under reporting of scam incidence, and reduced rates of successful follow up by investigative and enforcement agencies consequential to difficulties in making correct referrals. Without a shared and common lexicon of scam labels and descriptions, communication between investigative agencies and cross-border cooperation is obstructed. With no compatible comprehension of the scam lexicon, timely progression in scam-case management leading to the identification, tracking and interception of scammer communications cannot be realised. Ambiguities leading to interpretational impedances are aiding scammers by enabling their scams in cross-jurisdictional and multi-national platforms. If the wide variety of known scam types could be condensed to recognisable and traceable instances, the business models that scammers use could be identified and future scamming events predicted, monitored, and interrupted. Following a mixed methodology, this research aims to address some of these concerns. This is achieved by clustering scam descriptions and partitioning them into scam types, called scam genres. The result of which reveals homogeneous groups of scam cases and allows for the assessment of the effectiveness of using static features in identifying scam types. Second to this, identification of the most suitable model for reducing scam cases into the fewest number of clusters with the least number of scam cases within in each cluster at an accuracy level of at least 95% is achieved. Through the use of hierarchical clustering, this research grouped publically available scams into homogeneous clusters of scam genres. Two-hundred and seventy-seven scams from 38 separate categories of scam classification were condensed into as few as 7-clusters of scam genre. Following a mixed methodological, grounded theoretical approach and using discriminant function analysis, 82 static features were derived from the 277 scam descriptions analysed. Of the 82 static features derived, it was concluded that only 68 significantly predicted scam type and explained 95% of the total variation found in scam case assignment. The most significant static features determined to be crucial to any scamming campaign and useful in identifying the type of scam genre a scam case belongs to were; what the scam offered, the role of the victim, the goal of the scammer and the method of scam introduction. The results of this research provide empirical evidence of the inconsistent use of definitions across jurisdictions in scam descriptions, and will contribute to the development of a uniform lexicon of scamming terminology as well as become foundational to further research on the impact of scams for law enforcement, the public and private sector, the community and the individual

The case for a consistent cyberscam classification framework (CCCF)

Cyberscam classification schemes developed by international statistical reporting bodies, including the Bureau of Statistics (Australia), the Internet Crime Complaint Center (US), and the Environics Research Group (Canada), are diverse and largely incompatible. This makes comparisons of cyberscam incidence across jurisdictions very difficult. This paper argues that the critical first step towards the development of an inter-jurisdictional and global approach to identify and intercept cyberscams - and prosecute scammers - is a uniform classification system. © 2009 IEEE

The seven scam types: Mapping the terrain of cybercrime

Threat of cybercrime is a growing danger to the economy. Industries and businesses are targeted by cyber-criminals along with members of the general public. Since cybercrime is often a symptom of more complex criminological regimes such as laundering, trafficking and terrorism, the true damage caused to society is unknown. Dissimilarities in reporting procedures and non-uniform cybercrime classifications lead international reporting bodies to produce incompatible results which cause difficulties in making valid comparisons. A cybercrime classification framework has been identified as necessary for the development of an inter-jurisdictional, transnational, and global approach to identify, intercept, and prosecute cyber-criminals. Outlined in this paper is a cybercrime classification framework which has been applied to the incidence of scams. Content analysis was performed on over 250 scam descriptions stemming from in excess of 35 scamming categories and over 80 static features derived. Using hierarchical cluster and discriminant function analysis, the sample was reduced from over 35 ambiguous categories into 7 scam types and the top four scamming functions - identified as scamming business processes, revealed. The results of this research bear significant ramifications to the current state of scam and cybercrime classification, research and analysis, as well as offer significant insight into the business processes and applications adopted by scammers and cyber-criminals. © 2010 IEEE