Results show that 18 percent of businesses have been victimized, and two-thirds reported that the crime was detected within the past 12 months. The majority of these victims had detected no more than two such crimes in the past 5 years. Compared to others, businesses were twice as likely to be victimized if they had over 1,000 employees; if they used computers widely; or if their computers could be remotely accessed. Further, a third of respondents believed computer crime might be occurring undetected in their business; half at least suspected they could be suffering from computer crime. Among detected crimes, 39 percent resulted from employee tips, 32 percent through audits, 26 percent through investigation of suspected losses, 23 percent by chance, and 33 percent through tips from informants or customers. About 50 percent indicated losses were less than $10,000, while 20 percent valued losses at over $99,000. Banks, schools, contractors, retailers, insurers, and manufacturers were among victims of computer crime. The majority of security measures used were mandatory or automatic (e.g., controlled access, fire detectors or alarms). Finally, information and computer security accounted for only a small percentage of annual security budgets, although 44 percent of companies planned to increase their expenditures in this area. 5 graphs.