Computer and internet fraud takes many forms, but generally refers to fraud accomplished through the unauthorized use of a computer, or the unauthorized accessing of data on or through the internet or a computer network. One common form of computer and internet fraud is hacking—the remote, unauthorized entry of a computer or computer system by using technological tools such as stolen passwords and surreptitiously-installed computer programs (bots) that allow the hackers to access valuable data.

Computer and internet fraud may be prosecuted criminally based on various state and federal statutes, including the federal Computer Fraud and Abuse Act located in the U.S. Code (statutes) at 18 U.S.C. §1030.

Common types of internet fraud include business fraud, credit card fraud, internet auction fraud, identity theft, investment schemes, Nigerian letter fraud, and non-delivery of merchandise. Some common methods for accomplishing these and other types of computer fraud include:

• Business E-Mail Compromise (BEC): A sophisticated scam targeting businesses working with foreign suppliers and companies that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.

• Data Breach: A leak or spill of data which is released from a secure location to an untrusted environment. Data breaches can occur at the personal and corporate levels and involve sensitive, protected, or confidential information that is copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so.

• Denial of Service (DoS): An interruption of an authorized user's access to any system or network, typically one caused with malicious intent.

• E-Mail Account Compromise (EAC): Similar to BEC, this scam targets the general public and professionals associated with, but not limited to, financial and lending institutions, real estate companies, and law firms. Perpetrators of EAC use compromised e-mails to request payments to fraudulent locations.

• Malware/Scareware: Malicious software that is intended to damage or disable computers and computer systems. Sometimes scare tactics are used by the perpetrators to solicit funds from victims.

• Phishing/Spoofing: Both terms deal with forged or faked electronic documents. Spoofing generally refers to the dissemination of e-mail which is forged to appear as though it was sent by someone other than the actual source. Phishing, also referred to as vishing, smishing, or pharming, is often used in conjunction with a spoofed e-mail. It is the act of sending an e-mail falsely claiming to be an established legitimate business in an attempt to deceive the unsuspecting recipient into divulging personal, sensitive information such as passwords, credit card numbers, and bank account information after directing the user to visit a specified website. The website, however, is not genuine and was set up only as an attempt to steal the user's information.

• Ransomware: A form of malware targeting both human and technical weaknesses in organizations and individual networks in an effort to deny the availability of critical data and/or systems. Ransomware is frequently delivered through spear phishing emails to end users, resulting in the rapid encryption of sensitive files on a corporate network. When the victim organization determines they are no longer able to access their data, the cyber perpetrator demands the payment of a ransom, typically in virtual currency such as Bitcoin, at which time the actor will purportedly provide an avenue to the victim to regain access to their data.

In Missouri, computer and internet fraud is addressed under both state and federal laws. State statutes criminalize various forms of cybercrime, including unauthorized access to computer systems, identity theft, and financial fraud conducted via the internet. Missouri's computer crimes statutes can be found in Chapter 569 of the Missouri Revised Statutes, specifically sections 569.095 to 569.099, which cover offenses such as tampering with computer data, users, equipment, and systems. At the federal level, the Computer Fraud and Abuse Act (CFAA) at 18 U.S.C. § 1030 provides a broad legal framework for prosecuting offenses related to hacking, unauthorized access, and damage to computer systems. The CFAA also covers various forms of fraud and related activity in connection with computers, including the transmission of harmful programs, trafficking in passwords, and extortion involving computers. In cases of computer and internet fraud, law enforcement agencies may pursue charges under the most applicable state or federal statutes, depending on the nature and scope of the criminal activity. Victims of such frauds can report to local law enforcement or federal agencies like the FBI for investigation and potential prosecution.