Food at 12:30 pm. Discussion begins at 12:45 pm. Everyone invited.
“One Click Fraud’ is an online confidence scam that has been plaguing an increasing number of Japanese Internet users, in spite of new laws and the mobilization of police task forces. In this scam, the victim clicks on a link presented to them, only to be informed that they just entered a binding contract and are required to pay a registration fee for a service. Even though no money is legally owed, a large number of users prefer to pay up, because of potential embarrassment due to the type of service “requested” (e.g., pornographic goods).
Using public reports of fraudulent websites as a source of data, we analyze over 2,000 reported One Click Frauds incidents. By correlating several attributes (WHOIS data, bank accounts, phone numbers, malware installed…), we discover that a few fraudsters are seemingly responsible for a majority of the scams, and evidence a number of loopholes these miscreants exploit. We further show that, while some of these sites may also be engaging in other illicit activities such as spamming, the connection between different types of scams is much more tenuous than expected. Last, we show that the rise in the number of these frauds is fueled by high expected monetary gains in return for very little risk. The quantitative data obtained gives us an interesting window on the economic dynamics of some online criminal syndicates. A secondary objective of this work is to further stimulate research efforts in gathering economic and network measurements of online crime.
Nicolas Christin is the Associate Director of the Information Networking Institute at Carnegie Mellon University, where he also serves as a faculty member. He is in addition a CyLab Systems Scientist, and (by courtesy) a faculty member in the Electrical and Computer Engineering department. He holds a Diplôme d’Ingénieur from École Centrale Lille, and M.S. and Ph.D. degrees in Computer Science from the University of Virginia. While in graduate school, he worked at Nortel’s Advanced Technology Lab. Before joining Carnegie Mellon in 2005, he was a post-doctoral researcher in the School of Information at the University of California, Berkeley. He served for three years as resident faculty in the CyLab Japan program in Kobe (Japan), before returning to Carnegie Mellon’s main campus in 2008. His research interests are in computer and information systems networks; most of his work is at the boundary of systems and policy research, with a slant toward security aspects. He has most recently focused on network security and its economics, incentive-compatible network topology design, and peer-to-peer security.