Online financial cyber crime (hereafter, "cyber fraud" for brevity's sake) has increased exponentially in the past 4 years, forming the foundation of a trend that shows no signs of abating. What began with simple 419 scams and rudimentary phishing has grown into a highly complex underground economy generating professional-quality software tools, legitimate businesses that provide protection to cyber criminals, sophisticated stock-manipulation schemes, and, most tellingly, a sense of community among the criminals. The global total of criminal gain from cyber fraud is impossible to estimate precisely, but most indicators suggest it stands in the high tens of billions of dollars, perhaps in the hundreds.
Because cyber criminals find easy success in targeting consumers and retail banks, they, until quite recently, have had few incentives to expand their activities; this is changing. Stock manipulation through compromised accounts is gaining in popularity, indicating that the more competent fraudsters are becoming more capable and knowledgeable. Others are finding ways to "cash out" accounts that would previously have been too large (therefore salient) to use once stolen. As a result, brokerage and retirement accounts are new favorites in the fraud underground. Trojan tool-kits are rapidly outstripping phishing, and the relatively new threat of pharming is maturing into an almost invincible attack vector.
It seems clear that the cyber fraud underground is acquiring the scope and expertise to constitute, for perhaps the first time, a serious threat to the global operations of major corporations. The main concerns should be brokerage account takeovers and their use in ˝pump-and-dump˝ scams and the ever-present insider threat; these are the threats of highest potential consequence. The threats most likely to occur are data exposure through laptop theft or by Trojan infection of an internal computer.