The Fraud Blog with Tracy Kitten

Not Tough Enough on Cybercrime

Stronger Sentences in Fraud Cases Needed as Deterrent
Not Tough Enough on Cybercrime

The only way to really put a dent in financial fraud and cybercrime is through aggressive prosecution of fraudsters and tough sentences for the guilty.

See Also: Live Webinar | Improve Cloud Threat Detection and Response using the MITRE ATT&CK Framework

The sentencing handed down by a federal court in Atlanta last week to a player in the RBS WorldPay heist is an example of the kind of slap-on-the-wrist punishment that, unfortunately, is all too common in cyberfraud cases.

The sentence is inappropriate because it does not send a strong enough message about how seriously U.S. courts are taking international financial schemes. 

A Chicago woman who admitted to leading one of the crime cells involved in the $9 million heist, which in one day hit U.S. accounts and cards from ATM and POS points throughout the world, got just 30 months behind bars. She also must pay $89,000 in restitution for the fraudulent transactions her ring contributed to the heist on Nov. 8, 2008.

Even if it turns out that this fraudster cooperated with federal investigators, the sentence in this massive heist case is inappropriate because it does not send a strong enough message about how seriously U.S. courts are taking international financial schemes.

IT security and privacy attorney David Navetta agrees. "The sentence seems relatively weak compared to the crime," he says. "This fraud involved $9 million stolen, and probably millions in investigative expenses on top of that. I'm not sure if this sentence sends a very strong message to deter future crimes."

Effective Deterrent Action

Jenny Durkan, U.S. Attorney for the Western District of Washington, has the results to back up her assertion that aggressive prosecutions and tough sentences are effective in deterring cybercrime.

Durkan has devoted a lot of time and energy to taking down crime rings responsible for fraud. In recent years, her focus has been on card fraud, targeting the criminals and rings that perpetrate attacks on ATMs and point-of-sale systems and devices.

The U.S. attorney has prosecuted a long list of fraud cases, and she's won some tough sentences. For example, in an elaborate skimming scheme that targeted Chase ATMs, one defendant was sentenced to five years in prison, and ordered to pay $400,000 in restitution.

The ramped-up prosecution of fraud cases in the Seattle area "has driven the amount of skimming fraud almost to zero," Durkan says.

When opportunities arise to send strong messages about intolerance for cybercrime and financial fraud, we must seize them. The sentencing in the RBS WorldPay case, unfortunately, was a missed opportunity.

About the Author

Tracy Kitten

Tracy Kitten

Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years' experience, she covered the financial sector for 10+ years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by, ABC News, and MSN Money.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.