Fraud has traditionally been defined as the use of deception for personal gain. Typically, a perpetrator will seek to use false or misleading information to obtain an unfair advantage over their intended victim. Less discussed has been the long and developed historical relationship between fraud and technology. As it is usually expressed, certain technologies "enable" the fraud in various ways. For example, by assisting in their execution or augmenting their scope by adding scale or force to the act. In order to analyse and highlight the role of human-technical enablement in contemporary fraud, in particular the role of various professionals with specialised skills and resources, this presentation will focus upon one type of online fraud where their role has been especially significant. In particular, it will investigate one type of online fraud which has sought to benefit from the role of professional human enablers, specifically, online non-delivery fraud originating in Cameroon which usually targets online consumers in the global north. In particular, whilst the modus operandi of this type of fraud has been described as following a basic delineated pattern, one where offenders deploy fraudulent websites as a means of advertising their non-existent products, very little is known about how these fraudulent websites are built. This presentation will seek to explore not only how fraudulent websites are built but how they stay online long enough by using insights generated from qualitative interviews (n=14) conducted with website developers in Cameroon that specialise in building these websites.

The global threat of ransomware cannot be understated, as criminal groups have targeted businesses and governments of all sizes. Technical scholars have focused on potential solutions to detect and mitigate ransomware attacks and decrypt victim files, though the social science research community has been slower to respond. Criminologists are increasingly focused on the organization or practices of offenders, which may improve our understanding of their modus operandi. There is also a need to consider the victims of these attacks, and assess their response to any active ransomware threat. This presentation will explore these issues using an open-source data set of corporate entities affected by ransomware. A mixed methods approach was taken, and the findings illustrate the global distribution of ransomware victims, the scope of data that may have been impacted by the attack, and their payment to the attackers. The implications of this study for our understanding of ransomware victimization will be discussed in depth.

In 2022, Australia experienced two of its largest data breaches. Optus (the nation’s second largest telecommunications provider) had data relating to approximately 10 million Australians compromised in an incident reported on 22 September. Only a few weeks later on 12 October, Medibank (one of Australia’s largest health insurance providers) reported a cybersecurity attack which saw the personal details of 9.7 million Australians exposed. Both incidents encompassed a wide range of personal information, including sensitive details such as driver’s licence numbers, passport numbers, Medicare numbers, and (with Medibank) personal medical histories.
This presentation explores the experiences of 2000 individuals who were part of the Optus and/or Medibank data breaches. Using data taken from an online survey, it provides a summary of their experiences and the impact of these data breaches, including both financial and non-financial harms. Based on these results, the paper argues for a range of actions to better support those involved in data breaches to reduce the level of harm experienced into the future.

Sextortion (a portmanteau of the terms “sexual” and “extortion”) is a form of image-based sexual abuse in which an offender threatens to distribute a victim’s intimate, sexual images, videos, or information unless they comply with the offender’s demands. Victim-survivors of sextortion report experiencing unique and complex impacts due to the dynamics of this crime. Research has explored the effects of this victimization which can include shame, fear, and trauma. This paper will explore the narratives of sextortion victims through qualitative thematic analysis of 29 sextortion victim impact statements. In their own words, these individuals provide rich and descriptive accounts of the harm caused by these offenses. We examine the victim-offender relationship and the reported psychological consequences for this group of victim-survivors.