Overview

Although the term cybercrime is usually restricted to describing criminal activity in which the computer or network is an essential part of the crime, this term is also used to include traditional crimes in which computers or networks are used to enable the illicit activity. Examples of cybercrime which the computer or network is a tool of the criminal activity include spamming and criminal copyright crimes, particularly those facilitated through peer-to-peer networks. Examples of cybercrime in which the computer or network is a target of criminal activity include unauthorized access (i.e, defeating access controls), malicious code, and denial-of-service attacks. Examples of cybercrime in which the computer or network is a place of criminal activity include theft of service (in particular, telecom fraud) and certain financial frauds. Finally, examples of traditional crimes facilitated through the use of computers or networks include Nigerian 419 or other gullibility or social engineering frauds (e.g., hacking "phishing", identity theft, child pornography, online gambling, securities fraud, etc.). Cyberstalking is an example of a traditional crime -harassment -- that has taken a new form when facilitated through computer networks. Additionally, certain other information crimes, including trade secret theft and industrial or economic espionage, are sometimes considered cybercrimes when computers or networks are involved. Cybercrime in the context of national security may involve hacktivism (online activity intended to influence policy), traditional espionage, or information warfare and related activities. Another way to define cybercrime is simply as criminal activity involving the information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud. One of the recent researches showed that a new cybercrime is being registered every 10 seconds in Britain. During 2006 the computer crooks were able to strike 3.24 million times. Some crimes performed on-line even surpassed their equivalents in real world. In addition, experts believe that about 90% of cybercrimes stay unreported.

According to a study performed by Shirley McGuire, a specialist in psychology of the University of San Francisco, the majority of teenagers who hack and invade computer systems are doing it for fun rather than with the aim of causing harm. Shirley McGuire mentioned that quite often parents cannot understand the motivation of the teenage hackers. She performed an anonymous experiment, questioning more than 4,800 students in the area of San Diego. Her results were presented at the American Psychological Association conference:

38% of teenagers were involved in software piracy; 18% of all youngsters confessed of entering and using the information stored on other personal computer or website; 13% of all the participants mentioned they performed changes in computer systems or computer files.

The study revealed that only 1 out of 10 hackers were interested in causing certain harm or earn money. Most teenagers performed illegal computer actions of curiosity, to experience excitement. Many cyber police is getting more complaints about Orkut these days as many fake profiles being created and thus leads to crime. Computer crime, cybercrime, e-crime, hi-tech crime or electronic crime generally refers to criminal activity where a computer or network is the source, tool, target, or place of a crime. These categories are not exclusive and many activities can be characterized as falling in one or more category. Additionally, although the terms computer crime or cybercrime are more properly restricted to describing criminal activity in which the computer or network is a necessary part of the crime, these terms are also sometimes used to include traditional crimes, such as fraud, theft, blackmail, forgery, and embezzlement, in which computers or networks are used to facilitate the illicit activity. Computer crime can broadly be defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud.

[edit] Discussion
A common example is when a person intends to be malicious and starts to steal information from sites, or cause damage to, a computer or computer network. This can be entirely virtual in that the information only exists in digital form, and the damage, while real, has no physical consequence other than the machine ceases to function. In some legal systems, intangible property cannot be stolen and the damage must be visible, e.g. as resulting from a blow from a hammer. Yet denial of service attacks for the purposes of extortion may result in significant damage both to the system and the profitability of the

site targeted. A further problem is that many definitions have not kept pace with the technology. For example, where the offense requires proof of a trick or deception as the operative cause of the theft, this may require the mind of a human being to change and so do or refrain from doing something that causes the loss. Increasingly, computer systems control access to goods and services. If a criminal manipulates the system into releasing the goods or authorizing the services, has there been a "trick", has there been a "deception", does the machine act because it "believes" payment to have been made, does the machine have "knowledge", does the machine "do" or "refrain from doing" something it has been programmed to do (or not). Where human-centric terminology is used for crimes relying on natural language skills and innate gullibility, definitions have to be modified to ensure that fraudulent behavior remains criminal no matter how it is committed. Issues surrounding hacking, copyright infringement through warez, child pornography, and child grooming, have become high-profile. But this emphasis fails to consider the equally real but less spectacular issues of obscenity, graffiti appearing on websites and "cyberstalking" or harassment that can affect everyday life. There are also problems of privacy when [confidential] information is lost, say, when an e-mail is intercepted whether through illegal hacking, legitimate monitoring (increasingly common in the workplace) or when it is simply read by an unauthorized or unintended person. E-mail and Short Message Service [SMS] messages are regarded as casual communication including many things that would never be put in a letter. But unlike spoken communication, there is no intonation and accenting, so the message can be more easily distorted or interpreted as offensive. Secondly, a computer can be the tool, used, for example, to plan or commit an offense such as larceny or the distribution of child pornography. The growth of international data communications and in particular the Internet has made these crimes both more common and more difficult to police. And using encryption techniques, criminals may [conspire] or exchange data with fewer opportunities for the police to monitor and intercept. This requires modification to the standard warrants for search, telephone tapping, etc. Thirdly, a computer can be a source of [evidence] Even though the computer is not directly used for criminal purposes, it is an excellent device for record keeping, particularly given the power to encrypt the data. If this evidence can be obtained and decrypted, it can be of great value to criminal investigators. -DEFINITION OF FRAUD Computer fraud is any dishonest misrepresentation of fact intended to induce another to do or refrain from doing something which causes loss. In this context, the fraud will result in obtaining a benefit by: altering computer input in an unauthorized way.

This requires little technical expertise and is not an uncommon form of theft by employees altering the data before entry or entering false data, or by entering unauthorized instructions or using unauthorized processes; altering, destroying, suppressing, or stealing output, usually to conceal unauthorized transactions: this is difficult to detect; altering or deleting stored data; or altering or misusing existing system tools or software packages, or altering or writing code for fraudulent purposes. This requires real programming skills and is not common. Manipulating banking systems to make unauthorized identity theft with reference to ATM fraud.

[edit] Offensive Content

The content of websites and other electronic communications may be harmful, distasteful or offensive for a variety of reasons. Most countries have enacted law that place some limits on the freedom of speech and ban racist, blasphemous, politically subversive, seditious or inflammatory material that tends to incite hate crimes. This is a sensitive area in which the courts can become involved in arbitrating between groups with entrenched beliefs, each convinced that their point of view has been unreasonably attacked.

Therefore, it is equally an offense to show hostility to a person who practices a particular faith as to a person who has no religious belief or faith.

[edit] Harassment
Whereas content may be offensive in a non-specific way, harassment directs obscenities and derogatory comments at specific individuals focusing for example on gender, race, religion, nationality, sexual orientation. This often occurs in chat rooms, through newsgroups, and by sending hate e-mail to interested parties (see cyber bullying, harassment by computer, stalking, and cyberstalking).

[edit] Drug Trafficking

Drug traffickers are increasingly taking advantage of the Internet to sell their illegal substances through encrypted e-mail and other Internet Technology. Some drug traffickers arrange deals at internet cafes, use courier Web sites to track illegal packages of pills, and swap recipes for amphetamines in restricted-access chat rooms. The rise in Internet drug trades could also be attributed to the lack of face-to-face communication. These virtual exchanges allow more intimidated individuals to more comfortably purchase illegal drugs. The sketchy effects that are often associated with drug trades are severely minimized and the filtering process that comes with physical interaction fades away. Furthermore, traditional drug recipes were carefully kept secrets. But with modern computer technology, this information is now being made available to anyone with computer access.

[edit] Cyberterrorism
Government officials and IT security specialists have documented a significant increase in Internet probes and server scans since early 2001. There is a growing concern among federal officials[attribution needed] that such intrusions are part of an organized effort by cyberterrorists, foreign intelligence services, or other groups to map potential security holes in critical systems. A cyberterrorist is someone who intimidates or coerces a government or organization to advance his or her political or social objectives by launching computer-based attack against computers, network, and the information stored on them. Cyberterrorism in general, can be defined as an act of terrorism committed through the use of cyberspace or computer resources. As such, a simple propaganda in the Internet, that there will be bomb attacks during the holidays can be considered cyberterrorism. At worst, cyberterrorist may use the Internet or computer resources to carry out an actual attack.

[edit] Documented Cases of Computer Crimes

The Yahoo! website was attacked

at 10:30 PST on Monday, 7 February 2000. The attack lasted three hours. Yahoo was pinged at the rate of one gigabyte/second. On 3 August 2000, Canadian federal prosecutors charged MafiaBoy with 54 counts of illegal access to computers, plus a total of ten counts of mischief to data for his attacks on Amazon.com, eBay, Dell Computer, Outlaw.net, and Yahoo. MafiaBoy had also attacked other websites, but prosecutors decided that a total of 66 counts was enough. MafiaBoy pled not guilty. About fifty computers at Stanford University, and also computers at the University of California at Santa Barbara, were amongst the zombie computers sending pings in DoS attacks. In 26 March 1999, the Melissa worm infected a document on a victim's computer, then automatically sent that document and copy of the virus

via e-mail to other people. Types Of Computer Crimes -Cyber Crime -Malware/Malicious Code -Denial-Of-Service Attack -Hacker/Hacking -Computing Virus -Cyber Terrorism -Information Warfare -Cyber Stalking -Fraud and Identity Theft -Phishing -Virtual Crime Internet crime is crime committed on the Internet, using the Internet and by means of the Internet. Computer crime is a general term that embraces such crimes as phishing, credit card frauds, bank robbery, illegal downloading, industrial espionage, child pornography, kidnapping children via chat rooms, harassment, scams, cyberterrorism, creation and/or distribution of viruses, spam and so on. All such crimes are computer related and facilitated crimes. With the evolution of the Internet, along came another revolution of crime where the perpetrators commit acts of crime and wrongdoing on the World Wide Web. Internet crime takes many faces and is committed in diverse fashions. The number of users and their diversity in their makeup has exposed the Internet to everyone. Some criminals in the Internet have grown up understanding this superhighway of information, unlike the older generation of users. This is why Internet crime has now become a growing problem in the United States. Some crimes committed on the Internet have been exposed to the world and some remain a mystery up until they are perpetrated against someone or some company. The different types of Internet crime vary in their design and how easily they are able to be committed. Internet crimes can be separated into two different categories. There are crimes that are only committed while being on the Internet and are created exclusively because of the World Wide Web. The typical crimes in criminal history are now being brought to a whole different level of innovation and ingenuity. Such new crimes devoted to the Internet are email phishing, hijacking domain names, virii propagation, and cyber vandalism. A couple of these crimes are activities that have been exposed and introduced into the world. People have been trying to solve virus problems by installing virus protection software and other software that can protect their computers. Other crimes such as email phishing are not as known to the public until an individual receives one of these fraudulent emails. These emails are cover faced by the illusion that

the email is from your bank or another bank. When a person reads the email he/she is informed of a problem with he/she personal account or another individual wants to send the person some of their money and deposit it directly into their account. The email asks for your personal account information and when a person gives this information away, they are financing the work of a criminal. According to security firm Symantec, Internet criminal activities have become a serious commercial activity with selling email addresses, details of bank accounts and credit cards through underworld auction sites is on the rise. Some even use trusted websites such as MySpace and Facebook to do this.[1]

[edit] Statistics
The statistics that have been obtained and reported about demonstrate the seriousness Internet crimes in the world. Just the "phishing" emails mentioned in a previous paragraph produce one billion dollars for their perpetrators (Dalton 1). In an FBI survey in early 2004, 90 percent of the 500 companies surveyed reported a security breach and 80 percent of those suffered a financial loss (Fisher 22). A national statistic in 2003 stated that four billion dollars in credit card fraud are lost each year. Only two percent of credit card transactions take place over the Internet but fifty percent of the four billion, mentioned before, are from the transaction online (Burden and Palmer 5). All these finding are just an illustration of the misuse of the Internet and a reason why Internet crime has to be slowed down.

[edit] Stopping the problem

The question about how to police these crimes has already been constructed, but this task is turning out to be an uphill battle. Since the first computer crime law, the Counterfeit Access Device and Computer Fraud and Abuse Act of 1984, the government has been trying to track down and stop online criminals. The FBI has tried many programs and investigations in order to deter Internet crime, like creating an online crime registry for employers (Metchik 29). The reality is that Internet criminals are rarely caught. One reason is that hackers will use one computer in one country to hack another computer in another country. Another eluding technique used is the changing of the emails, which are involved in virus attacks and phishing emails so that a pattern cannot be recognized. An individual can do their best to protect themselves simply by being cautious and careful. Internet users need to watch suspicious emails, use unique passwords, and run anti-virus and anti-spyware software. Do not open any email or run programs from unknown sources.

Cyberterrorism
As the Internet becomes more pervasive in all areas of human endeavor, individuals or groups can use the anonymity afforded by cyberspace to threaten citizens, specific groups (i.e. with membership based on ethnicity or belief), communities and entire countries,

without the inherent threat of capture, injury, or death to the attacker that being physically present would bring. As the Internet continues to expand, and computer systems continue to be assigned more responsibility while becoming more and more complex and interdependent, sabotage or terrorism via cyberspace may become a more serious threat. Cyber-terrorism is the leveraging of a target's computers and information technology, particularly via the Internet, to cause physical, real-world harm or severe disruption of infrastructure.

[edit] The basic definition of Cyber-Terrorism

...subsumed over time to encompass such things as simply defacing a web site or server, or attacking non-critical systems, resulting in the term becoming less useful... There is also a train of thought that says cyberterrorism does not exist and is really a matter of hacking or information warfare. Some disagree with labeling it terrorism proper because of the unlikelihood of the creation of fear of significant physical harm or death in a population using electronic means, considering current attack and protective technologies. The National Conference of State Legislatures (NCSL), a bipartisan organization of legislators and their staff created to help policymakers of all 50 states address vital issues such as those affecting the economy or homeland security by providing them with a forum for exchanging ideas, sharing research and obtaining technical assistance [1] defines Cyberterrorism as follows: the use of information technology by terrorist groups and individuals to further their agenda. This can include use of information technology to organize and execute attacks against networks, computer systems and telecommunications infrastructures, or for exchanging information or making threats electronically. Examples are hacking into computer systems, introducing viruses to vulnerable networks, web site defacing, denialof-service attacks, or terroristic threats made via electronic communication.[2]

[edit] Background Information

Public interest in cyber-terrorism began in the late 1980s. As the year 2000 approached, the fear and uncertainty about the millennium bug heightened and interest in potential cyberterrorist attacks also increased. However, although the millennium bug was by no means a terrorist attack or plot against the world or the United States, it did act as a catalyst in sparking the fears of a possibly large-scale devastating cyber-attack. Commentators noted that many of the facts of such incidents seemed to change, often with exaggerated media reports.

The high profile terrorist attacks in the United States on September 11, 2001 lead to further media coverage of the potential threats of cyberterrorism in the years following. Mainstream media coverage often discusses the possibility of a large attack making use of computer networks to sabotage critical infrastructures with the aim of putting human lives in jeopardy or causing disruption on a national scale either directly or by disruption of the national economy. Authors such as Winn Schwartau and John Arquilla are reported to have had considerable financial success selling books which described what were purported to be plausible scenarios of mayhem caused by cyberterrorism. Many critics claim that these books were unrealistic in their assessments of whether the attacks described (such as nuclear meltdowns and chemical plant explosions) were possible. A common thread throughout what critics perceive as cyber-terror-hype is that of non-falsifiability; that is, when the predicted disasters fail to occur, it only goes to show how lucky we've been so far, rather than impugning the theory.

[edit] Effects of Cyber-Terrorism

Cyberterrorism can have a serious large-scale influence on significant numbers of people. It can weaken countries' economy greatly, thereby stripping the it of its resources and making it more vulnerable to military attack. Cyberterror can also affect internet-based businesses. Like brick and mortar retailers and service providers, most websites that produce income (whether by advertising, monetary exchange for goods or paid services) could stand to lose money in the event of downtime created by cyber criminals. As internet-businesses have increasing economic importance to countries, what is normally cybercrime becomes more political and therefore "terror" related.

[edit] Examples of Cyber-Terrorism

One example of cyberterrorists at work was when crackers in Romania illegally gained access to the computers controlling the life support systems at an Antarctic research station, endangering the 58 scientists involved (Note: it is also argued that this is actually not a case of cyberterrorism, but rather a case of cybercrime, as cyberterrorism requires a political motive and not a primary focus on monetary gain). However, the culprits were stopped before damage actually occurred. Mostly non-political acts of sabotage have caused financial and other damage, as in a case where a disgruntled employee caused the release of untreated sewage into water in Maroochy Shire, Australia.[3] Computer viruses have degraded or shut down some non-essential systems in nuclear power plants, but this is not believed to have been a deliberate attack. More recently, in May 2007 Estonia was subjected to a mass cyber-attack in the wake of the removal of a Russian World War II war memorial from downtown Estonia. The

attack was a distributed denial of service attack in which selected sites were bombarded with traffic in order to force them offline; nearly all Estonian government ministry networks as well as two major Estonian bank networks were knocked offline; in addition, the political party website of Estonia's current Prime Minister Andrus Ansip featured a counterfeit letter of apology from Ansip for removing the memorial statue. Despite speculation that the attack had been coordinated by the Russian government, Estonia's defense minister admitted he had no evidence linking cyber attacks to Russian authorities. Russia called accusations of its involvement "unfounded," and neither NATO nor European Commission experts were able to find any proof of official Russian government participation.[1] In January 2008 a man from Estonia was convicted for launching the attacks against the Estonian Reform Party website and fined.[2][3] In October 2007, the website of Ukrainian president Viktor Yushchenko was attacked by hackers. A radical Russian nationalist youth group, the Eurasian Youth Movement, claimed responsibility. [4] Since the world of computers is ever-growing and still largely unexplored, countries new to the cyber-world produce young computer scientists usually interested in "having fun". Countries like China, Greece, India, Israel, and South Korea have all been in the spotlight before by the U.S. Media for attacks on information systems related to the CIA and NSA. Though these attacks are usually the result of curious young computer programmers, the United States has more than legitimate concerns about national security when such critical information systems fall under attack. In the past five years, the United States has taken a larger interest in protecting its critical information systems. It has issued contracts for high-leveled research in electronic security to nations such as Greece and Israel, to help protect against more serious and dangerous attacks. However, many claim that this interest is starting to also target the much smaller 'prey' out there (ie; every-day computer crackers/pranksters), raising questions about just who is being labeled a "cyber-terrorist".
[citation needed]

In 1999 hackers attacked NATO computers. The computers flooded them with email and hit them with a denial of service (DoS). The hackers were protesting against the NATO bombings in Kosovo. Businesses, public organizations and academic institutions were bombarded with highly politicized emails containing viruses from other European countries.[citation needed] No physical harm or injury had been inflicted.[citation needed]

[edit] Countering Cyber-Terrorism

The US Department of Defense charged the United States Strategic Command with the duty of combating cyber-terrorism. This is accomplished through the Joint Task ForceGlobal Network Operations (JTF-GNO). JTF-GNO is the operational component supporting USSTRATCOM in defense of the DoD's Global Information Grid. This is done by integrating GNO capabilities into the operations of all DoD computers, networks, and systems used by DoD combatant commands, services and agencies.

On November 2, 2006, the Secretary of the Air Force announced the creation of the Air Force's newest MAJCOM, the Air Force Cyberspace Command, which will be tasked to monitor and defend American interest in cyberspace. The AFCC will draw upon the personnel resources of the 67th Network Warfare Wing as well as other resources of the Eighth Air Force; it will be placed under the command of Lieutenant General Robert J. Elder, Jr. Designated to stand up around Summer 2007.

[edit] Cyber-Terrorism in Fiction

The Japanese cyberpunk manga, Ghost in the Shell (as well as its popular movie and TV adaptations) centers around an anticyberterrorism and cybercrime unit. In its mid-21st century Japan setting such attacks are made all the more threatening by an even more widespread use of technology including cybernetic enhancements to the human body allowing people themselves to be direct targets of cyberterrorist attacks. Cyberterroris m was featured in Dan Brown's Digital Fortress. Cyberterroris m was featured in Amy Eastlake's Private Lies. In the Bruce Willis movie Live Free or Die Hard, Willis's character John McClane takes

on a group of cyberterrorists intent on shutting down the entire computer network of the United States. Virtual crime or in-game crime refers to a virtual criminal act that takes place in a massively multiplayer online game (MMOG), usually an MMORPG. The huge time and effort invested into such games can lead online "crime" to spill over into real world crime, and even blur the distinctions between the two. Some countries have introduced special police investigation units to cover such "virtual crimes". South Korea is one such country and looked into 22,000 cases in the first six months of 2003.[citation needed]

[edit] Meaning
Several interpretations of the term "virtual crime" exist. Some legal scholars opt for a definition based on a report on what was the first prominent case, a "rape in cyberspace."[1] One such scholar defined virtual crime as needing to have all the qualities of a real crime, and so was not a new subset of crime at all.[2] Conversely, it has also been said that the connection between virtual crimes and real crimes are "tenuous at best: It is the link between a brutal rape and a fictional story of a brutal rape. Surely the difference is more striking than any similarity."[3] To rectify this, the modern interpretation of the term "virtual" must be amended such that it carries the traditional implication; "that is such in essence or effect, though not recognised as such in name or according to strict definition."[4] In this sense, it "would include those crimes that somehow evoke and approach the effect and essence of real crime, but are not considered crimes."[5]

[edit] Virtual economies

Main article: Virtual economy Some players spend a vast amount of time playing these games, typically building their character and a collection of items. Some such items may have been obtained through months of gameplay, involving various tasks and a substantial level of effort. According to standard conceptions of economic value, the goods and services of virtual economies do have a demonstrable value. Since players of these games are willing to substitute real economic resources of time and money (monthly fees) in exchange for these resources, by definition they have demonstrated utility to the user. Stemming from their value in the virtual economy, these items, and the characters themselves, have gained monetary value in the real world. Online auction web site eBay, along with specialist trading sites, have allowed players to sell their wares to the highest

bidder. This has attracted fraudulent sales as well as theft. Many game developers, such as Blizzard Entertainment (responsible for World of Warcraft) oppose and even prohibit the practice. Some argue that to allow in-game items to have monetary values makes these games, essentially, gambling venues.

[edit] Ownership
In most games players do not "own", materially or intellectually, any part of the game world, and merely pay to use it (one exception being Second Life). Because this "virtual property" is actually owned by the game developer, a developer who opposed real commerce of in-game currencies would have the right to destroy virtual goods as soon as they were listed on eBay or otherwise offered for real trade. However, such a decision would be controversial with game participants.

[edit] Known cases

In South Korea, where the number of computer game players is massive, some have reported the emergence of gangs and mafia, where powerful players steal and demand that beginners give them virtual money for their "protection". In China, Qiu Chengwei was sentenced to life in prison after stabbing and killing fellow The Legend of Mir 3 gamer Zhu Caoyuan. In the game Qiu had lent Zhu a powerful sword (a "dragon sabre"), which Zhu then went on to sell on eBay for 7,200 Yuan (about 473 or $870). With no Chinese laws covering the online dispute, there was nothing the police could do. [1][2] Cybersex is common on instant messaging (IM) systems and has been seen as having questionable moral, if not legal, standings when children are involved. In the game The Sims Online a 17-year old boy going by the in-game name "Evangeline", was discovered to have built a cyber-brothel, where customers would pay sim-money for minutes of cybersex. This led to the cancellation of his accounts but no legal action, mainly because he was above the age of consent.[3][4][5] The term virtual mugging was coined when some players of Lineage II used bots to defeat other player's characters and take their items. The Japanese Kagawa Prefectural Police arrested a Chinese foreign exchange student on 16 August 2005 following the reports of virtual mugging and the online sale of the stolen items. [6] The virtual economies of many MMOs and the exchange of virtual items and currency for real money has triggered the birth of the gaming sweatshop, in which workers in the developing world, typically China (although there has been reports of this type of activity in Eastern European countries), earn real-world wages for long days spent monotonously performing in-game tasks. Most instances typically involve farming of resources or currency, which has given rise to the epithet Chinese Adena Farmer, because of its first reported widespread use in Lineage II. More egregious cases involve using exploits such as in duping money or items, such as a large-scale incident in Star Wars: Galaxies. Both

practices can place great stress on the creators' artificial economy, requiring robust design, and often repeated updates, to preserve reasonable work/reward ratios and game balance. There have also been reports of collusion (or vertical integration, depending on the source) among farmers and online currency exchanges. In 2002, a company called Blacksnow Interactive, a game currency exchange, admitted to using workers in a "virtual sweatshop" in Tijuana, Mexico to farm money and items from Ultima Online and Dark Age of Camelot. When Mythic Entertainment cracked down on the practice, Blacksnow attempted to sue the game company. It was reported on 14th November 2007 that a Dutch teenager had been arrested for allegedly stealing virtual furniture from "rooms" in 3D social-networking website Habbo Hotel. The teenagers involved were accused of creating fake Habbo websites in order to lure users into entering their account details, which would then be used to steal virtual furniture bought with real money totalling 4000.[7]