Online fraud is a major problem. Many of these frauds cross international borders. Criminals “over there” steal money from victims “over here”. But there’s a relatively simple change that email software and service providers could make that could have a significant impact on this type of fraud: let’s tell end users when an email was transmitted from a foreign mail server.
Last week, the UK Office of National Statistics released its first-ever estimates of fraud and computer crime. The numbers are sobering. In the 12-month period ending March 2016, the ONS estimates that 2 million computer crimes and 3.8 million frauds were perpetrated on victims in England and Wales. A staff member at ONS familiar with the survey expressed the (informal) view that approximately one half of these frauds were conducted using some form of online communication while the remainder used other methods such as telephone or traditional post.
The police face enormous challenges trying to enforce the law against criminals who commit fraud at a distance. Keeping in mind that more than 90% of these frauds produce a financial loss of less than £1,000 (67% produce losses of less than £100), there are limited circumstances in which a full investigation is practical.
Even when an official investigation can be justified, many of these investigations quickly encounter a barrier: an international border. Many fraud attempts directed to UK-resident victims originate from criminals who appear to be located outside of the UK.