In late 2018, the Georgia Bureau of Investigations opened a new cyber center, training a new unit of investigators to take on cases of alleged cybercrime. The move was an attempt to stem the tide of theft, fraud and other offenses committed electronically.
According to a special agent in charge of the new investigation unit, cybercrime costs the state of Georgia at least $38 million per year. However, that estimate could be severely low.
Misleading numbers
The GBI special agent explains that reports of cybercrime statewide represent only a fraction of offenses that actually occur. There were 461 reported cybercrimes in 2017, including phishing, pharming, smishing and vishing.
However, if GBI estimates are accurate, for every one of those crimes for which the Bureau receives a report and conducts an investigation, there are at least six that go unreported. If this is true, then the $38 million figure for losses to the state due to cybercrime could be seven times too small.
Most common crime
Many of the offenses that the new cyber unit is investigating involve the alleged theft of business or personal information related to finances. About 90% of those cases involve a phishing scheme via email. The alleged victim receives an email with the appearance of a legitimate communication from a trusted source.
Sometimes, the emails contain malicious software that sends information about the victim back to the sender. Other times, the alleged victim, lulled into a false sense of security by the email’s professional appearance, enters the requested information by hand, unwittingly providing financial data to an alleged thief.
Many times, the phishing email will use the logos and branding of a real company with which the alleged victim already does business. Therefore, the alleged offense goes by the name of business email compromise and represents some of the costliest cybercrimes in the state.