Home / News

Cybercrime Losses Overestimated, Say Researchers

Cybercrime losses may be erroneously overestimated as most information available on cybercrime losses are derived from surveys, argue two researchers in a recent paper titled, "Sex, Lies and Cybercrime Surveys". Dinei Florencio and Cormac Herley from Microsoft Research examine some of the difficulties of forming an accurate cybercrime estimate by survey:

"First, losses are extremely concentrated, so that representative sampling of the population does not give representative sampling of the losses. Second, losses are based on unverified self-reported numbers. Not only is it possible for a single outlier to distort the result, we find evidence that most surveys are dominated by a minority of responses in the upper tail (i.e., a majority of the estimate is coming from as few as one or two responses). Finally, the fact that losses are confined to a small segment of the population magnifies the difficulties of refusal rate and small sample sizes. Far from being broadly-based estimates of losses across the population, the cyber-crime estimates that we have appear to be largely the answers of a handful of people extrapolated to the whole population. A single individual who claims $50,000 losses, in an N = 1000 person survey, is all it takes to generate a $10 billion loss over the population. One unverified claim of $7,500 in phishing losses translates into $1.5 billion."

Related topics: Cybercrime

WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

To post comments, please login or create an account.

Related Blogs

Related News

Topics

Industry Updates – Sponsored Posts

Q3 2014 DDoS Trends: Attacks Exceeding 10 Gbps on the Rise

Tips to Address New FFIEC DDoS Requirements

Smokescreening: Data Theft Makes DDoS More Dangerous

MarkMonitor Named a Top Trusted Website in OTA's 2013 Online Trust Honor Roll

Mitigating DDoS Attacks: A Global Challenge

Our New Initiatives To Combat Botnets

MarkMonitor Releases Q2 2012 Fraud Intelligence Report

How Secure is Your Mobile Network? And Does It Even Matter? (Webinar)

Nominum Launches Comprehensive Suite of DNS-Based Security Solutions for Russian Service Providers

Implementing a Cyber-Security Code of Conduct: Real-Life Lessons From Australia (Webinar)

DDoS Attacks: Top Trends and Truths (Webinar)

MarkMonitor Fraud Intelligence Report, Q4 2011

Q3 2011 Fraud Intelligence Report

The Spookiest DDoS Attacks in History

MarkMonitor Fraud Intelligence Report Released for Q2 2011

Businesses Lack Safeguards Against DDoS Attacks and DNS Failures, New Research Shows

Q1 2011 Fraud Intelligence Report

The Botnet-Counterfeit Drugs Connection

Q4 2010 Fraud Intelligence Report

Report Sheds Light on Scale and Complexity of Online Piracy and Counterfeiting Problem

Sponsored Topics

dotMobi

Mobile

Sponsored by
dotMobi
Afilias

DNSSEC

Sponsored by
Afilias
Minds + Machines

Top-Level Domains

Sponsored by
Minds + Machines
Verisign

Security

Sponsored by
Verisign