A routine activity perspective on online victimisation. Results from the Canadian General Social Survey
| Date | 05 October 2015 |
| Published date | 05 October 2015 |
| Pages | 396-411 |
| DOI | https://doi.org/10.1108/JFC-06-2014-0030 |
| Author | Bradford W. Reyns |
| Subject Matter | Accounting & Finance,Financial risk/company failure,Financial crime |
A routine activity perspective on
online victimisation
Results from the Canadian General Social
Survey
Bradford W. Reyns
Department of Criminal Justice, Weber State University, Ogden, Utah, USA
Abstract
Purpose – The purpose of this study is to test a comprehensive routine activity framework on three
types of online victimization. Prior research has utilized routine activity theory to explain varied online
forms of victimization, but most have focused on its person-based forms. The present study, therefore,
expands upon this research to examine the effects of online exposure, online target suitability and
online guardianship upon phishing, hacking and malware infection victimization.
Design/methodology/approach – Secondary data from the 23rd Cycle of the Canadian GSS were
used to address the study’s research questions using binary logistic regression analyses.
Findings – Particular online behaviors were consistently and positively related to all three types of
online victimization, including booking/making reservations, social networking and having one’s
information posted online. Other online routines exhibited unique effects on online victimization risk.
Originality/value – In support of the theory, the results suggest that online exposure and target
suitability increase risks for phishing, hacking and malware victimization. Online guardianship was
also positively related to victimization, a nding that runs counter to theoretical expectations.
Keywords Hacking, Victimization, Phishing, Malware, Routine activities
Paper type Research paper
Introduction
Cybercrime has emerged as a signicant area of focus for twenty-rst century
victimology. In a short period of time, a substantial body of research has accumulated
investigating the extent and nature of a variety of types of online victimization (Holt and
Bossler, 2014). A key issue in this literature has centered on how best to explain these
forms of online victimization. To that end, several studies have adapted existing
criminological and victimological theories that were developed to explain ofine
experiences to suit the online realm of cyberspace (Bossler and Holt, 2010;Reyns et al.,
2011,2014). Primarily, this research has utilized the routine activity perspective and
suggests that the theoretical framework is useful for understanding online
victimization. However, several questions remain unexplored regarding the relationship
between online victimization and individuals’ online routines.
First, certain types of online victimization have received more research attention than
others. Particular focus has been placed on person-based forms of cybercrime, such as
cyberbullying (Addington, 2013;Navarro and Jasinski, 2012) and online harassment
This analysis is based on the Statistics Canada General Social Survey, Cycle 23, Victimization,
2009. All computations, use and interpretation of these data are entirely those of the author.
The current issue and full text archive of this journal is available on Emerald Insight at:
www.emeraldinsight.com/1359-0790.htm
JFC
22,4
396
Journalof Financial Crime
Vol.22 No. 4, 2015
pp.396-411
©Emerald Group Publishing Limited
1359-0790
DOI 10.1108/JFC-06-2014-0030
(Holt and Bossler, 2009), with less research exploring its property-based varieties, such
as hacking and identity theft. Second, comprehensive evaluations of the theory are
virtually absent from the literature. With a few exceptions, most studies have not
operationalized all of the core concepts of the theory (i.e. exposure to motivated
offenders, target suitability and guardianship) to fully test its utility in accounting for
online victimization. It is therefore unclear the extent to which these concepts
simultaneously affect victimization risk. Third, previous research has overwhelmingly
been based on college student samples from the USA. To an extent, this has been the
logical approach given the heightened risk faced by this population, but with the
Internet usage and victimization spanning all age groups, it is important to also examine
the online routines of not only general populations but also general populations from
other countries.
The present study addresses these three gaps in the literature by operationalizing
and testing a comprehensive routine activity framework on neglected forms of online
victimization using a national sample from Canada. Specically, this study examines
the effects of online exposure, online target suitability and online guardianship on three
forms of online victimization: phishing, hacking and malware infection. In addition to
identifying predictors of victimization, focusing on these three related but distinct
victimization types will allow for a comparison of their respective opportunity
structures. Further, the present study is the rst to examine these relationships within a
Canadian sample. Data for this study were collected in 2009 as part of the Canadian
General Social Survey (GSS), making the present study one of the few cybercrime
victimization studies to utilize a nationally representative sample (Reyns, 2013;Van
Wilsem, 2013).
Previous online victimization research
Online victimization has been researched fairly extensively in the past several years,
with studies examining the extent and nature of its many varied forms (Holt and
Bossler, 2014). A number of cybercrime typologies have been developed during this
period, but none have been universally embraced by researchers working in the eld.
However, Wall’s (2001) early four-category typology is perhaps the most well-known,
dividing cybercrimes into the following categories: cyber-trespass (e.g. hacking), cyber
deception and theft (e.g. identity theft), cyber porn and obscenity (e.g. exploitation) and
cyber violence (e.g. cyberstalking). Published studies from criminology and victimology
span these categories and suggest that online forms of victimization are prevalent
(Rantala, 2008) and, in many cases, growing (Langton, 2011). The present study is
concerned with three related types of online victimization from Wall’s cyber deception
and theft and cyber trespass categories: phishing, hacking and malware victimization.
Each of these types of online victimization has been subject to prior empirical
examination, but more research is needed to fully explore these crimes from a
victimization perspective.
To begin with, phishing involves attempts to deceive targets into disclosing sensitive
information by posing as a legitimate entity (e.g. banks, Web sites). Criminological and
victimological research on phishing is scant, but the few studies that are available
indicate that it is a signicant problem. For example, results from the National
Computer Security Survey (NCSS), which was administered to 7,818 businesses in the
USA by the Bureau of Justice Statistics, revealed that 53 per cent of businesses
397
Routine
activity
perspective
To continue reading
Request your trial