Information Systems Frontiers

, Volume 19, Issue 3, pp 443–455 | Cite as

Computer assisted frauds: An examination of offender and offense characteristics in relation to arrests

  • Ruochen Liao
  • Shenaz Balasinorwala
  • H. Raghav Rao


Previous studies on fighting computer-assisted frauds have attempted to assist law enforcement agencies (LEAs) to better understand important aspects of motivation, opportunity and deterrence. However, there have been few empirical studies on the profiles of convicted offenders, post detection. This paper examines characteristics of frauds and their associated respective law enforcement response with particular emphasis on frauds facilitated by information technology. The findings show how the prosecution and conviction of the offenders differ among commonly-seen types of computer assisted frauds, and bring new evidence to the common association of gender and crime, severity and punishment, etc. The findings may help LEAs and legislative bodies to evaluate their current practices from the point of restorative social justice.


Frauds Offender characteristics Offense characteristics Culpability Conviction Judicial outcome 


Compliance with ethical standards


This research has been funded in part by the National Science Foundation under grants # 1523174, #1554373, 1,227,353 and # 1419856. We acknowledge the comments of the guest editors and referees that have considerably increased the clarity of the paper.


  1. Agnew, R., & Brezina, T. (2001). Juvenile delinquency: Causes and control. Los Angeles: Roxbury Publishing Company.Google Scholar
  2. Albrecht, W.S., Wernz, G.W., Williams, T.L. (1995). Fraud: Bringing light to the dark side of business. Irwin Professional Pub.Google Scholar
  3. Albrechtsen, E. (2007). A qualitative study of users' view on information security. Computers & Security, 26(4), 276–289.CrossRefGoogle Scholar
  4. Allison, P.D. (2012). Logistic regression using SAS: Theory and application. SAS Institute.Google Scholar
  5. Anderson, C. L., & Agarwal, R. (2010). Practicing safe computing: A multimedia empirical examination of home computer user security behavioral intentions. MIS Quarterly, 34(3), 613–643.Google Scholar
  6. Atoum, I., Otoom, A., & Abu Ali, A. (2014). A holistic cyber security implementation framework. Information Management & Computer Security, 22(3), 251–264.CrossRefGoogle Scholar
  7. Baker, C. R. (1999). An analysis of fraud on the internet. International Rescuer, 9(5), 348–360.Google Scholar
  8. Barker, K. J., D'Amato, J., & Sheridon, P. (2008). Credit card fraud: Awareness and prevention. Journal of financial crime, 15(4), 398–410.CrossRefGoogle Scholar
  9. Bequai, A. (1978). Computer crime. Citeseer.Google Scholar
  10. Bequai, A. (1983). How to prevent computer crime: A guide for managers. Wiley.Google Scholar
  11. Bequai, A. (2000). America’s internet commerce and the threat of fraud. Computers & Security, 19(8), 688–691.CrossRefGoogle Scholar
  12. Bernard, T. J., & Engel, R. S. (2001). Conceptualizing criminal justice theory. Justice Quarterly, 18(1), 1–30.CrossRefGoogle Scholar
  13. Brenner, S. W. (2004). US cybercrime law: Defining offenses. Information Systems Frontiers, 6(2), 115–132.CrossRefGoogle Scholar
  14. Brenner, S. W., & Schwerha, J. J. (2004). Introduction—Cybercrime: A note on international issues. Information Systems Frontiers, 6(2), 111–114.CrossRefGoogle Scholar
  15. Brown, C. S. (2015). Investigating and prosecuting cyber crime: Forensic dependencies and barriers to justice. International Journal of Cyber Criminology, 9(1), 55.Google Scholar
  16. Burns, R. G., Whitworth, K. H., & Thompson, C. Y. (2004). Assessing law enforcement preparedness to address internet fraud. Journal of Criminal Justice, 32(5), 477–493.CrossRefGoogle Scholar
  17. Carter, D. L., & Katz, A. J. (1996). Computer crime: An emerging challenge for law enforcement. FBI Law Enforcement Bulletin, 65(12), 1–8.Google Scholar
  18. Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the internet: Academic press.Google Scholar
  19. Chan, M., Woon, I., & Kankanhalli, A. (2005). Perceptions of information security in the workplace: Linking information security climate to compliant behavior. Journal of information privacy and security, 1(3), 18–41.CrossRefGoogle Scholar
  20. Choi, K.-S. (2008). Computer crime victimization and integrated theory: An empirical assessment. International Journal of Cyber Criminology, 2(1), 308.Google Scholar
  21. Chua, C. E. H., & Wareham, J. (2004). Fighting internet auction fraud: An assessment and proposal. Computer, 37(10), 31–37.CrossRefGoogle Scholar
  22. Clarke, R. V. G., & Felson, M. (1993). Routine activity and rational choice (Vol. 5): Transaction publishers.Google Scholar
  23. Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 588–608.Google Scholar
  24. Crossler, R. E., Johnston, A. C., Lowry, P. B., Hu, Q., Warkentin, M., & Baskerville, R. (2013). Future directions for behavioral information security research. Computers & Security, 32, 90–101.CrossRefGoogle Scholar
  25. D'Alessio, S. J., & Stolzenberg, L. (2003). Race and the probability of arrest. Social Forces, 81(4), 1381–1397.CrossRefGoogle Scholar
  26. D'Arcy, J., & Devaraj, S. (2012). Employee misuse of information technology resources: Testing a contemporary deterrence model. Decision Sciences, 43(6), 1091–1124.CrossRefGoogle Scholar
  27. D'Arcy, J., & Hovav, A. (2004). The role of individual characteristics on the effectiveness of IS security countermeasures. AMCIS 2004 PRO, 176.Google Scholar
  28. D’Arcy, J., & Hovav, A. (2009). Does one size fit all? Examining the differential effects of IS security countermeasures. Journal of Business Ethics, 89(1), 59–71.CrossRefGoogle Scholar
  29. Dinev, T., & Hu, Q. (2007). The centrality of awareness in the formation of user behavioral intention toward protective information technologies. Journal of the Association for Information Systems, 8(7), 386.Google Scholar
  30. Dodge, R. C., Carver, C., & Ferguson, A. J. (2007). Phishing for user security awareness. Computers & Security, 26(1), 73–80.CrossRefGoogle Scholar
  31. Dolan, K. M. (2004). Internet auction fraud: The silent victims. Journal of Economic Crime Management, 2(1), 1–22.Google Scholar
  32. Farahmand, F., & Spafford, E. H. (2013). Understanding insiders: An analysis of risk-taking behavior. Information Systems Frontiers, 15(1), 5–15.CrossRefGoogle Scholar
  33. Gottschalk, P. (2010). Knowledge management technology for organized crime risk assessment. Information Systems Frontiers, 12(3), 267–275.CrossRefGoogle Scholar
  34. Hansen, K. (2003). Education and the crime-age profile. British Journal of Criminology, 43(1), 141–168.CrossRefGoogle Scholar
  35. Heidensohn, F., Rock, P., McIntosh, M., Smart, C., & Smart, C. (1977). Women, crime and criminology. JSTOR.Google Scholar
  36. Heinze, G. (1999). The application of Firth’s procedure to cox and logistic regression. In Technical report 10. Vienna: Department of Medical Computer Sciences, Section of Clinical Biometrics, Vienna University.Google Scholar
  37. Heinze, G., & Puhr, R. (2010). Bias-reduced and separation-proof conditional logistic regression with small or sparse data sets. Statistics in Medicine, 29(7–8), 770–777.CrossRefGoogle Scholar
  38. Herath, T., & Rao, H. R. (2009). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47(2), 154–165.CrossRefGoogle Scholar
  39. Higgins, G. E., Fell, B. D., & Wilson, A. L. (2006). Digital piracy: Assessing the contributions of an integrated self-control theory and social learning theory using structural equation modeling. Criminal Justice Studies, 19(1), 3–22.CrossRefGoogle Scholar
  40. Hindelang, M. J., Gottfredson, M. R., & Garofalo, J. (1978). Victims of personal crime: An empirical foundation for a theory of personal victimization: Ballinger Cambridge.Google Scholar
  41. Hittle, B. D. (2001). Uphill battle: The difficulty of deterring and detecting perpetrators of internet stock fraud. An. Fed. Comm. LJ, 54, 165.Google Scholar
  42. Holt, T. J., & Bossler, A. M. (2008). Examining the applicability of lifestyle-routine activities theory for cybercrime victimization. Deviant Behavior, 30(1), 1–25.CrossRefGoogle Scholar
  43. Howard, R. (2009). Cyber fraud: Tactics, techniques and procedures: CRC press.Google Scholar
  44. Jackson, J. E. (1994). Fraud masters: Professional credit card offenders and crime. Criminal Justice Review, 19(1), 24–55.CrossRefGoogle Scholar
  45. Karmen, A. (2012). Crime victims: An introduction to victimology: Cengage learning.Google Scholar
  46. Kauffman, R. J., & Wood, C. A. (2003). An investigation of premium bidding in online auctions. University of Minnesota MISRC Working Paper, 304.Google Scholar
  47. Kellermann, T. (2010). Building a foundation for global cybercrime law enforcement. Computer Fraud & Security, 2010(5), 5–8.CrossRefGoogle Scholar
  48. King, G., & Zeng, L. (2001). Logistic regression in rare events data. Political Analysis, 9(2), 137–163.CrossRefGoogle Scholar
  49. Koops, B.-J., Leenes, R., Meints, M., Van der Meulen, N., & Jaquet-Chiffelle, D.-O. (2009). A typology of identity-related crime: Conceptual, technical, and legal issues. Information, Communication & Society, 12(1), 1–24.CrossRefGoogle Scholar
  50. Lee, S. M., Lee, S.-G., & Yoo, S. (2004). An integrative model of computer abuse based on social control and general deterrence theories. Information Management, 41(6), 707–718.CrossRefGoogle Scholar
  51. Li, J., Wang, G. A., & Chen, H. (2011). Identity matching using personal and social identity features. Information Systems Frontiers, 13(1), 101–113.CrossRefGoogle Scholar
  52. Li, X. (2008). The criminal phenomenon on the internet: Hallmarks of criminals and victims revisited through typical cases prosecuted. University of Ottawa Law & Technology Journal, 5(1–2), 125–140.Google Scholar
  53. McCarron, M. C. (2004). Management of Internet Fraud by law enforcement agencies. Canadian Journal of Police and Security Services, 2(4), 249.Google Scholar
  54. McGuire, M. (2012). Organised crime in the digital age. London: John Grieve Centre for Policing and Security.Google Scholar
  55. Messerschmidt, J. W. (1993). Masculinities and crime: Critique and reconceptualization of theory: Rowman & Littlefield Publishers.Google Scholar
  56. Moon, B., McCluskey, J. D., & McCluskey, C. P. (2010). A general theory of crime and computer crime: An empirical test. Journal of Criminal Justice, 38(4), 767–772.CrossRefGoogle Scholar
  57. Neilson, W. S., & Winter, H. (1997). On criminals' risk attitudes. Economics Letters, 55(1), 97–102.CrossRefGoogle Scholar
  58. Ngo, F. T., & Paternoster, R. (2011). Cybercrime victimization: An examination of individual and situational level factors. International Journal of Cyber Criminology, 5(1), 773.Google Scholar
  59. Pahnila, S., Siponen, M., & Mahmood, A. Employees' behavior towards IS security policy compliance. In System sciences, 2007. HICSS 2007. 40Th annual hawaii international conference on, 2007 (pp. 156b-156b): IEEEGoogle Scholar
  60. Peduzzi, P., Concato, J., Kemper, E., Holford, T. R., & Feinstein, A. R. (1996). A simulation study of the number of events per variable in logistic regression analysis. Journal of Clinical Epidemiology, 49(12), 1373–1379.CrossRefGoogle Scholar
  61. Pfleeger, C. P., & Pfleeger, S. L. (2002). Security in computing: Prentice hall Professional technical reference.Google Scholar
  62. Post, G. V., & Kagan, A. (2007). Evaluating information security tradeoffs: Restricting access can interfere with user tasks. Computers & Security, 26(3), 229–237.CrossRefGoogle Scholar
  63. Pratt, T. C., Holtfreter, K., & Reisig, M. D. (2010). Routine online activity and internet fraud targeting: Extending the generality of routine activity theory. Journal of Research in Crime and Delinquency, 47(3), 267–296.CrossRefGoogle Scholar
  64. Ryan, K. V., & Krotoski, M. L. (2012). Caution advised: Avoid undermining the legitimate needs of law enforcement to solve crimes involving the internet in amending the electronic communications privacy act. USFL Rev., 47, 291.Google Scholar
  65. Smith, G. P., & Urbas, G. (2004). Cyber criminals on trial. Criminal Justice Matters, 58(1), 22–23.CrossRefGoogle Scholar
  66. Smith, D. A., Visher, C. A., & Davidson, L. A. (1984). Equity and discretionary justice: The influence of race on police arrest decisions. The Journal of Criminal Law and Criminology (1973-), 75(1), 234–249.CrossRefGoogle Scholar
  67. Soper, D. S., Demirkan, H., & Goul, M. (2007). An interorganizational knowledge-sharing security model with breach propagation detection. Information Systems Frontiers, 9(5), 469–479.CrossRefGoogle Scholar
  68. Standler, R. B. (2002). Computer crime. Retrieved February, 6, 2005.Google Scholar
  69. Stanton, J. M., Stam, K. R., Guzman, I., & Caledra, C. Examining the linkage between organizational commitment and information security. In Systems, Man and Cybernetics, 2003. IEEE International Conference on, 2003 (Vol. 3, pp. 2501–2506): IEEEGoogle Scholar
  70. Stevenson. (2000). Computer fraud: Detection and prevention. Computer Fraud & Security, 2000(11), 13–15.CrossRefGoogle Scholar
  71. Stevenson. (2005). Plugging the" phishing" hole: Legislation versus technology. Duke L. & Tech. Rev., 2005, 6–26.Google Scholar
  72. Sullivan, R. J. (2010). The changing nature of US card payment fraud: Industry and public policy options. Economic Review-Federal Reserve Bank of Kansas City, 95(2), 101.Google Scholar
  73. Thornton, D., Gunningham, N. A., & Kagan, R. A. (2005). General deterrence and corporate environmental behavior. Law & Policy, 27(2), 262–288.CrossRefGoogle Scholar
  74. Wall, D. (2003). 1 cybercrimes and the internet. Crime and the Internet, 1.Google Scholar
  75. Wang, J., Gupta, M., & Rao, H. R. (2015). Insider threats in a financial institution: Analysis of attack-proneness of information systems applications. MIS Quarterly, 39(1), 91–112.Google Scholar
  76. Weisheit, R., & Mahan, S. (1988). Women, crime, and criminal justice: Anderson Cincinnati.Google Scholar
  77. Williams, K. R., & Hawkins, R. (1986). Perceptual research on general deterrence: A critical review. Law and Society Review, 545–572.Google Scholar
  78. Willison, R. (2006). Understanding the offender/environment dynamic for computer crimes. Information Technology & People, 19(2), 170–186.CrossRefGoogle Scholar
  79. Willison, R., & Backhouse, J. (2006). Opportunities for computer crime: Considering systems risk from a criminological perspective. European Journal of Information Systems, 15(4), 403–414.CrossRefGoogle Scholar
  80. Yar, M. (2005). The novelty of ‘cybercrime’ an assessment in light of routine activity theory. European Journal of Criminology, 2(4), 407–427.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media New York 2017

Authors and Affiliations

  • Ruochen Liao
    • 1
    • 2
    • 3
  • Shenaz Balasinorwala
    • 1
    • 2
    • 3
  • H. Raghav Rao
    • 1
    • 2
    • 3
  1. 1.Department of Management Science and SystemsState University of New York at BuffaloBuffaloUSA
  2. 2.Blue Cross Blue Shield of WNYBuffaloUSA
  3. 3.Department of ISCS, College of BusinessUniversity of Texas at San AntonioSan AntonioUSA

Personalised recommendations