Het platform voor open praktijkgericht onderzoek

product

Alerting Consciences to Reduce Cybercrime

Objectives: Aiming to reduce distributed denial-of-service (DDoS) attacks by alerting the consciences of Internet users, this paper evaluates the effectiveness of four warning banners displayed as online ads (deterrent—control, social, informative, and reorienting) and the contents of their two linked landing pages. Methods: We implement a 4 x 2 quasi-experimental design on a self-selected sample of Internet users to measure the engagement generated by the ads and the pages. Engagement is measured on the ads as the ratio of clicks to impressions, and on the pages as percentage of page scrolled, average session duration, video interaction rate, and URLs click rate. Results: Social ads generate significantly more engagement than the rest with low to medium effect sizes. Data reveal no differences in engagement between both landing page designs. Conclusions: Social messages may be a better alternative for engaging with potential cyber offenders than the traditional deterrent messages. Correspondence: Netherlands Institute for the Study of Crime and Law Enforcement (NSCR), De Boelelaan 1077, 1081 HV, Amsterdam, The Netherlands. Email: AMoneva@nscr.n This is a post-peer-review, pre-copyedit version of an article published in Journal of Experimental Criminology. The final authenticated version is available online at: https://link.springer.com/article/10.1007/s11292-022-09504-2

MULTIFILE

product

Introducing object-oriented modelling to cybercrime scripting: visualisation for improved analysis

Crime script analysis as a methodology to analyse criminal processes is underdeveloped. This is apparent from the various approaches in which scholars apply crime scripting and present their cybercrime scripts. The plethora of scripting methods raise significant concerns about the reliability and validity of these scripting studies. In this methodological paper, we demonstrate how object-oriented modelling (OOM) could address some of the currently identified methodological issues, thereby refining crime script analysis. More specifically, we suggest to visualise crime scripts using static and dynamic modelling with the Unified Modelling Language (UML) to harmonise cybercrime scripts without compromising their depth. Static models visualise objects in a system or process, their attributes and their relationships. Dynamic models visualise actions and interactions during a process. Creating these models in addition to the typical textual narrative could aid analysts to more systematically consider, organise and relate key aspects of crime scripts. In turn, this approach might, amongst others, facilitate alternative ways of identifying intervention measures, theorising about offender decision-making, and an improved shared understanding of the crime phenomenon analysed. We illustrate the application of these models with a phishing script.

MULTIFILE

Introducing object-oriented modelling to cybercrime scripting: visualisation for improved analysis

product

The Annual Conference on the Human Factor in Cybercrime

The Annual Conference on the Human Factor in Cybercrime is a small and specialised scientific event that aims to bring together scholars from around the world to present their research advances to a select audience. Its dynamic and linear format favours group discussions since all contributions are heard by all the attendants. This, together with its tailored social scheme, promotes interaction between members, which—in turn—leads to new collaborations. However, it has not yet been analysed whether the design of the conference actually encourages varied participation and fosters collaborative networks among its participants. The purpose of this chapter is to assess participation in the 2018 and 2019 editions to determine whether this is the case. Using descriptive analyses, here we show how participation in the conference has varied and examine the composition of the collaboration networks among the participants. The results show an increased and more diverse participation in the 2019 meeting along with a greater presence of stakeholders. Furthermore, the findings reveal that members of previously established organisations play an important role in cohering the network. Yet few connections exist between academia and practice. A further analysis of the strengths and weaknesses identified in the two editions of the conference serves to elaborate a series of recommendations for future editions.

PDF

product

Determinants of reporting cybercrime

Although the prevalence of cybercrime has increased rapidly, most victims do not report these offenses to the police. This is the first study that compares associations between victim characteristics and crime reporting behavior for traditional crimes versus cybercrimes. Data from four waves of a Dutch cross-sectional population survey are used (N = 97,186 victims). Results show that cybercrimes are among the least reported types of crime. Moreover, the determinants of crime reporting differ between traditional crimes and cybercrimes, between different types of cybercrime (that is, identity theft, consumer fraud, hacking), and between reporting cybercrimes to the police and to other organizations. Implications for future research and practice are discussed. doi: https://doi.org/10.1177/1477370818773610 This article is honored with the European Society of Criminology (ESC) Award for the “Best Article of the Year 2019”. Dit artikel is bekroond met de European Society of Criminology (ESC) Award for the “Best Article of the Year 2019”.

MULTIFILE

product

Understanding cybercrime involvement:

Doelstellingen De mate van betrokkenheid van jonge gebruikers bij wervingsadvertenties voor geldezels op Instagram onderzoeken. Methoden Drie advertenties die de belangrijkste mechanismen voor betrokkenheid bij cybercriminaliteit weerspiegelen en gericht waren op Nederlandse gebruikersclusters werden op twee Instagram-plaatsingen geplaatst. Door middel van dit quasi-experimentele 3 × 2 factorial design konden we het bereik en de weergaven van de advertenties, de doorklikratio's, het geslacht van de deelnemers en de temporele verdelingen van de gebruikersbetrokkenheid analyseren. Resultaten De analyse toont aan dat tot 3% van de jonge gebruikers zich bezighield met de advertenties, vooral met advertenties die een luxe levensstijl promoten en neutralisatietechnieken gebruiken. Mannen waren vaker betrokken en 's nachts werd er meer geklikt. Conclusies Sommige jonge Instagram-gebruikers lijken geneigd om geld te verdienen via hun bankpas en lopen het risico om online betrokken te raken bij cybercriminaliteit. We moedigen toekomstig onderzoek aan om het gebruik van sociale media in criminologische studies verder te onderzoeken. ENGLISH Objectives Examine the level of engagement of young users with money mule recruitment ads on Instagram. Methods Three ads reflecting key cybercrime involvement mechanisms and targeting Dutch user clusters were run on two Instagram placements. By means of this quasi-experimental 3 × 2 factorial design, we were able to analyze the reach and views of the ads, click-through rates, gender of the participants, and temporal distributions of user engagement. Results Mimicking actual recruitment environments, analysis shows that up to 3% of young users engaged with the ads, especially those promoting a luxury lifestyle and using neutralization techniques. Men were more likely to engage, and click-through rates were higher at night. Conclusions Some young Instagram users seem prone to making money through their bank cards and risk becoming involved in cybercrime online. We encourage future research to explore further the use of social media in criminological studies. This is a post-peer-review, pre-copyedit version of an article published in Journal of Experimental Criminology. The final authenticated version is available online at: https://link.springer.com/article/10.1007/s11292-022-09537-7

PDF

product

Coping with cybercrime victimization: An exploratory study into impact and change

In order to find out whether victims adequately recover from cybercrime incidents, it is important to gain insight into its effects and impact on users. However, as it stands now, there is not much literature on the impact of cybercrime. We address this gap by qualitatively examining the impact of two types of cybercrime, namely phishing and malware attacks targeting online banking customers. We used the coping approach as a framework to study how victims deal with the negative events they have experienced. In order to study the impact of cybercrime and how victims cope with it, 30 cybercrime victims were interviewed. We observed that, next to financial damage, victims described different forms of psychological and emotional effects. Victims also reported various kinds of secondary impacts, such as time loss and not being treated properly when handling the incident. In addition, the interview data provided insight into cognitive and behavioral change, which potentially offers opportunities for cybercrime prevention. Our study demonstrates that the level of impact varies among cybercrime victims, ranging from little or no impact to severe impact. In addition, while some victims were only affected for a few days, some were still feeling the effects. The effects and impact of these fraudulent schemes on victims should therefore not be underestimated. We conclude that the coping approach provides a useful framework to study the effects and impact of cybercrime victimization and how victims recover from it. The results of our study provide a steppingstone for future studies on this topic. https://www.linkedin.com/in/rutgerleukfeldt/

PDF

Coping with cybercrime victimization: An exploratory study into impact and change

product

Cybercrime on the menu?

Criminologists have frequently debated whether offenders are specialists, in that they consistently perform either one offense or similar offenses, or versatile by performing any crime based on opportunities and situational provocations. Such foundational research has yet to be developed regarding cybercrimes, or offenses enabled by computer technology and the Internet. This study address this issue using a sample of 37 offender networks. The results show variations in the offending behaviors of those involved in cybercrime. Almost half of the offender networks in this sample appeared to be cybercrime specialists, in that they only performed certain forms of cybercrime. The other half performed various types of crimes on and offline. The relative equity in specialization relative to versatility, particularly in both on and offline activities, suggests that there may be limited value in treating cybercriminals as a distinct offender group. Furthermore, this study calls to question what factors influence an offender's pathway into cybercrime, whether as a specialized or versatile offender. The actors involved in cybercrime networks, whether as specialists or generalists, were enmeshed into broader online offender networks who may have helped recognize and act on opportunities to engage in phishing, malware, and other economic offenses.

PDF

product

The psychological and financial impact of cybercrime victimization

While criminality is digitizing, a theory-based understanding of the impact of cybercrime on victims is lacking. Therefore, this study addresses the psychological and financial impact of cybercrime on victims, applying the shattered assumptions theory (SAT) to predict that impact. A secondary analysis was performed on a representative data set of Dutch citizens (N = 33,702), exploring the psychological and financial impact for different groups of cybercrime victims. The results showed a higher negative impact on emotional well-being for victims of person-centered cybercrime, victims for whom the offender was an acquaintance, and victims whose financial loss was not compensated and a lower negative impact on emotional well-being for victims with a higher income. The study led to novel scientific insights and showed the applicability of the SAT for developing hypotheses about cybercrime victimization impact. In this study, most hypotheses had to be rejected, leading to the conclusion that more work has to be done to test the applicability of the SAT in the field of cybercrime. Furthermore, policy implications were identified considering the prioritization of and approach to specific cybercrimes, treatment of victims, and financial loss compensation.

MULTIFILE

The psychological and financial impact of cybercrime victimization

product

Cybercrime during the COVID-19 pandemic

The outbreak of the COVID-19 virus in December 2019 and the restrictive measures that were implemented to slow down the spread of the virus have had a significant impact on our way of life. The sudden shift from offline to online activities and work may have resulted in new cybersecurity risks. The present study therefore examined changes in the prevalence, nature and impact of cybercrime among Dutch citizens and SME owners, during the pandemic. Qualitative interviews with ten experts working at various public and private organizations in the Netherlands that have insights into cybercrime victimization and data from victim surveys administrated in 2019 and 2021 were analyzed. The results show that there was only a small, non-statistically significant increase in the prevalence of cybercrime during the pandemic among citizens and SME owners. Nevertheless, the COVID-19 pandemic did have an impact on the modus operandi of cybercriminals: victims indicated that a considerable proportion of the offenses was related to the COVID-19 pandemic, particularly in the case of online fraud. Moreover, the use of new applications and programs for work was associated with an increased risk of cybercrime victimization during the COVID-19 crisis. These results suggest that increases in rates of registered cybercrime that were found in previous studies might be the consequence of a reporting effect and that cybercriminals adapt their modus operandi to current societal developments.

PDF

Zoekresultaten

Producten 121

Alerting Consciences to Reduce Cybercrime

Introducing object-oriented modelling to cybercrime scripting: visualisation for improved analysis