As noted in Chapter 1, research on cybercrime has increased dramatically over the last decade. The majority of criminological research in the 1990s was largely expository in nature, arguing about the nature of cybercrime, the applicability of theory, or oﬀender behavior as a whole (e.g. Goodman, 1997; Grabosky, 2001; Skinner & Fream, 1997; Wall, 1998). The transition to empirical research was not, however, immediately easy or achieved through large-scale survey data collection. Many researchers depended on either qualitative data with interviewees (e.g. Jordan & Taylor, 1998; Taylor, 1999), content analyses of media or court documents (Hollinger & Lanza-Kaduce, 1988; Smith, Grabosky, & Urbas, 2003), or online data from forums and various websites (e.g. Durkin & Bryant, 1999; Meyer, 1989; Quayle & Taylor, 2002). The initial quantitative studies utilized university student populations from single institutions (e.g. Hollinger, 1992; Skinner & Fream, 1997). This trend continues today, though sample populations are continually changing to include minors and adults, providing greater prospective insights (see Holt & Bossler, 2014). The lack of generalizable population studies and data generated from oﬃ-
cial statistics from law enforcement are commonly acknowledged problems among cybercrime scholars (e.g. Holt, 2010; Holt, Burruss, & Bossler, 2015; Wall, 2001). There are, however, few critical assessments of the reasons for the state of the ﬁeld, and the challenges evident in existing data sources. There are also few recommendations available as to how future research may beneﬁt from novel data collection processes with various online data sources. Thus, this chapter considers the limits of existing data sources that can be used to examine cybercrime, as well as assess the ﬁndings of those studies using
diﬀerent data sets. The chapter concludes with an exploration of the use of new data sources collected from the web and from computer security tools to assess unique oﬀenses.