Abstract
Email spam is one of the primary means to facilitate the perpetration of internet fraud and the distribution of malware. The present research sought to examine the impact of routine activity theory at the national level on three forms of cybercrime perpetrated through email spam. A sample of 871,146 spam email messages sent in 2012 were divided into three categories: fraudulent emails, emails spreading malware, and non-serious spam emails. The measures were then aggregated by country and five measures of routine activity theory at the national level were tested for their impact on cybercrime among 120 nations. Concurrent with prior research, the results indicated that internet users per capita positively predicted all three forms of cybercrime. Unlike previous research, GDP presented a different relationship amongst all three outcomes: positive for spam, negative for fraud, and nonsignificant for malware. Implications of these findings and suggestions for future research are discussed.
Similar content being viewed by others
Notes
Scripts in emails tend to be of the form “ < script language = ’JavaScript’ > ”, and so the pattern matcher would identify such text.
References
Gudkova, D. (2013). Kaspersky security bulletin: Spam evolution 2012. Securelist. Retrieved April 29, 2013 from http://www.securelist.com/en/analysis/204792276/Kaspersky_Security_Bulletin_Spam_Evolution_2012.
Symantec. (2014). Internet security threat report. 2013 Trends, vol. 19.
Felson, M. (2011). Routine Activities and Transnational Crime. International Crime and Justice, 11–18.
Cohen, L. E., & Felson, M. (1979). Social change and crime rate trends: A routine activity approach. American Sociological Review, 44(4), 588–608.
Kigerl, A. (2012). Routine activity theory and the determinants of high cybercrime countries. Social Science Computer Review, 30(4), 470–486.
Lachhwani, V., & Ghose, S. (2012). Online information seeking for prescription drugs. International Journal of Business and Systems Research, 6(1), 1–17.
Kindsight. (2012). Malware report Q2 2012. Kindsight Security Labs. Retrieved May 3, 2013 from: https://www.kindsight.net/sites/default/files/Kindsight_Security_Labs-Q212_Malware_Report-final.pdf.
TrendMicro. (2014). Turning the tables on cyberattacks: Responding to evolving tactics. TrendLabs 2Q 2014 Security Roundup.
Solutionary. (2013). 2013 Global threat intelligence report (GTIR).
IC3. (2013). 2013 Internet crime report. Federal Bureau of Investigation Internet Crime Complaint Center.
Ultrascan. (2013). 419 advance fee fraud statistics 2013. Ultrascan Advanced Global Investigations.
Land, K. (Ed.). (2018). Criminal circumstance: A dynamic multi-contextual criminal opportunity theory. Routledge.
Suler, J. (2003). The online disinhibition effect. Cyberpsychology Behavior, 7, 321–326.
Hawdon, J., Costello, M., Ratliff, T., Hall, L., & Middleton, J. (2017). Conflict management styles and cybervictimization: Extending routine activity theory. SociolSpectr, 37(4), 250–266.
Van Wilsem, J. (2011). Worlds tied together? Online and non-domestic routine activities and their impact on digital and traditional threat victimization. European Journal of Criminology, 8(2), 115–127.
Reyns, B. W., Henson, B., & Fisher, B. S. (2011). Being pursued online applying cyberlifestyle-routine activities theory to cyberstalking victimization. Criminal Justice and Behavior, 38(11), 1149–1169.
Marcum, C. D., Higgins, G. E., & Ricketts, M. L. (2010). Potential factors of online victimization of youth: An examination of adolescent online behaviors utilizing routine activity theory. Deviant Behavior, 31(5), 381–410.
Marcum, C. D., Ricketts, M. L., & Higgins, G. E. (2010). Assessing sex experiences of online victimization: An examination of adolescent online behaviors using routine activity theory. Criminal Justice Review, 35(4), 412–437.
Pyrooz, D. C., Decker, S. H., & Moule Jr, R. K. (2013). Criminal and routine activities in online settings: Gangs, offenders, and the internet. Justice Quarterly, 1–29.
Holt, T. J., & Bossler, A. M. (2013). Examining the relationship between routine activities and malware infection indicators. Journal of Contemporary Criminal Justice. https://doi.org/10.1177/1043986213507401.
Ngo, F. T., & Paternoster, R. (2011). Cybercrime victimization: An examination of Individual and Situational level factors. International Journal of Cyber Criminology, 5(1), 773–793.
Reyns, B. W. (2015). A routine activity perspective on online victimisation: Results from the Canadian general social survey. Journal of Financial Crime, 22(4), 396–411.
Leukfeldt, E. R. (2015). Comparing victims of phishing and malware attacks: Unraveling risk factors and possibilities for situational crime prevention. ar**v preprint ar**v:1506.00769.
Leukfeldt, E. R., & Yar, M. (2016). Applying routine activity theory to cybercrime: A theoretical and empirical analysis. Deviant Behavior, 37(3), 263–280.
Leukfeldt, E. R. (2014). Phishing for suitable targets in the Netherlands: routine activity theory and phishing victimization. Cyberpsychology, Behavior, and Social Networking, 17(8), 551–555.
Reyns, B. W. (2013). Online routines and identity theft victimization: Further expanding routine activity theory beyond direct-contact offenses. Journal of Research in Crime and Delinquency, 50(2), 216–238.
Reyns, B. W., & Henson, B. (2015). The thief with a thousand faces and the victim with none identifying determinants for online identity theft victimization with routine activity theory. International Journal of Offender Therapy and Comparative Criminology. https://doi.org/10.1177/0306624X15572861.
Williams, M. L. (2015). Guardians upon high: An application of routine activities theory to online identity theft in Europe at the country and individual level. British Journal of Criminology, 56, 21–48.
Holt, T. J., Leukfeldt, R., & Van De Weijer, S. (2020). An examination of motivation and routine activity theory to account for cyberattacks against dutch web sites. Criminal Justice and Behavior, 47(4), 487–505.
Bock, K., Shannon, S., Movahedi, Y., & Cukier, M. (2017). Application of routine activity theory to cyber intrusion location and time. In 2017 13th European Dependable Computing Conference (EDCC) (pp. 139–146). IEEE.
Maimon, D., Kamerdze, A., Cukier, M., & Sobesto, B. (2013). Daily trends and origin of computer-focused crimes against a large university computer network an application of the routine-activities and lifestyle perspective. British Journal of Criminology, 53(2), 319–343.
Song, H., Lynch, M. J., & Cochran, J. K. (2015). A macro-social exploratory analysis of the rate of interstate cyber-victimization. American Journal of Criminal Justice, 1–19.
Conway, D., & White, J. M. (2012). Machine learning for email. O’Reilly Media.
Fawcett, T. (2004). ROC graphs: Notes and practical considerations for researchers. Machine Learning, 31, 1–38.
WWLegal. (2011). World Wide Legal News. Retrieved from http://www.wwlegal.com/posts/e-mail-impersonators-identifying-spoofed-e-mail on January 13, 2016.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Kigerl, A. Routine activity theory and malware, fraud, and spam at the national level. Crime Law Soc Change 76, 109–130 (2021). https://doi.org/10.1007/s10611-021-09957-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10611-021-09957-y