Cybercrime is almost always caused by a virus or malware. When dealing with cybercrime, an ounce of prevention is truly worth a pound of cure. Cybercrime in all its many forms (e.g., online identity theft, financial fraud, stalking, bullying, hacking, e-mail spoofing, information piracy and forgery, intellectual property crime, and more) can, at best, wreak havoc in victims’ lives through major inconvenience and annoyance. At worst, cybercrime can lead to financial ruin and potentially threaten a victim’s reputation and personal safety. It is always wise to do as much as possible to prevent cybercrime.
One of the best ways to prevent cybercrime is to use a powerful security software ( i.e. TrendMicro ) and to also have your computer reviewed by a certified computer technichian at least once every 12 to 18 months.
But, despite our best efforts, our increasingly digital lives may put us in harm’s way. The fact remains that the bad guys continue to find new uses for ever-expanding—but easily accessible—online technologies to steal, harass, and commit all sorts of crime. If cybercrime happens to you, you need to know what to do and to respond quickly.
Should I Report Cybercrime?
Cybercrime can be particularly difficult to investigate and prosecute because it often crosses legal jurisdictions and even international boundaries. And, many offenders disband one online criminal operation—only to start up a new activity with a new approach—before an incident even comes to the attention of the authorities.
The good news is that federal, state, and local law enforcement authorities are becoming more sophisticated about and devoting more resources to responding to cybercrime. Furthermore, over the past several years, many new anti-cybercrime statutes have been passed empowering federal, state, and local authorities to investigate and prosecute these crimes. But, law enforcement needs your help to stop the nefarious behavior of cyber criminals and bring them to justice.
Who to contact:
- Local law enforcement
Even if you have been the target of a multijurisdictional cybercrime, your local law enforcement agency (either police department or sheriff’s office) has an obligation to assist you, take a formal report, and make referrals to other agencies, when appropriate. Report your situation as soon as you find out about it. Some local agencies have detectives or departments that focus specifically on cybercrime.
The Internet Crime Complaint Center (IC3) will thoroughly review and evaluate your complaint and refer it to the appropriate federal, state, local, or international law enforcement or regulatory agency that has jurisdiction over the matter. IC3 is a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center (funded, in part, by the Department of Justice’s Bureau of Justice Assistance). Complaints may be filed online at http://www.ic3.gov/default.aspx
- Federal Trade Commission
The FTC does not resolve individual consumer complaints, but does operate the Consumer Sentinel, a secure online database that is used by civil and criminal law enforcement authorities worldwide to detect patterns of wrong-doing, leading to investigations and prosecutions. File your complaint at: https://www.ftccomplaintassistant.gov/FTC_Wizard.aspx?Lang=en
Victims of identity crime may receive additional help through the FTC hotline at 1-877-IDTHEFT (1-877-438-4388); the FTC website at www.ftc.gov/IDTheft provides resources for victims, businesses, and law enforcement.
Collect and Keep Evidence
Even though you may not be asked to provide evidence when you first report the cybercrime, it is very important to keep any evidence you may have related to your complaint. Keep items in a safe location in the event you are requested to provide them for investigative or prospective evidence. Evidence may include, but is not limited to, the following:
- Canceled checks
- Certified or other mail receipts
- Chat room or newsgroup text
- Credit card receipts
- Envelopes (if you received items via FedEx, UPS, or U.S. Mail)
- Log files, if available, with the folling: date, time and time zone
- Messages from Facebook, Twitter or other social networking sites
- Money order receipts
- Pamphlets or brochures
- Phone bills
- Printed or preferably electronic copies of emails (if printed, include full email header information)
- Printed or preferably electronic copies of web pages
- Wire receipts
Additional Tips for Specific Types of Cybercrime
Once you discover that you have become a victim of cybercrime, your response will depend, to some degree, on the type and particular circumstances of the crime. Here are useful tips to follow for some specific types of cybercrimes:
In cases of identity theft:
- Make sure you change your passwords for all online accounts. When changing your password, make it long, strong and unique, with a mix of upper and lowercase letters, numbers and symbols. You also may need to contact your bank and other financial institutions to freeze your accounts so that the offender is not able to access your financial resources.
- Close any unauthorized or compromised credit or charge accounts. Cancel each credit and charge card. Get new cards with new account numbers. Inform the companies that someone may be using your identity, and find out if there have been any unauthorized transactions. Close accounts so that future charges are denied. You may also want to write a letter to the company so there is a record of the problem.
- Think about what other personal information may be at risk. You may need to contact other agencies depending on the type of theft. For example, if a thief has access to your Social Security number, you should contact the Social Security Administration. You should also contact your state Department of Motor Vehicles if your driver’s license or car registration is stolen.
- File a report with your local law enforcement agency. Even if your local police department or sheriff’s office doesn’t have jurisdiction over the crime (a common occurrence for online crime which may originate in another jurisdiction or even another country), you will need to provide a copy of the law enforcement report to your banks, creditors, other businesses, credit bureaus, and debt collectors.
- If your personal information has been stolen through a corporate data breach (when a cyber thief hacks into a large database of accounts to steal information, such as Social Security numbers, home addresses, and personal email addresses), you will likely be contacted by the business or agency whose data was compromised with additional instructions, as appropriate. You may also contact the organization’s IT security officer for more information.
- If stolen money or identity is involved, contact one of the three credit bureaus to report the crime (Equifax at 1-800-525-6285, Experian at 1-888-397-3742, or TransUnion at 1-800-680-7289). Request that the credit bureau place a fraud alert on your credit report to prevent any further fraudulent activity (such as opening an account with your identification) from occurring. As soon as one of the bureaus issues a fraud alert, the other two bureaus are automatically notified.
For additional resources, visit the Federal Trade Commission athttp://www.ftc.gov/bcp/edu/microsites/idtheft/tools.html
In cases of Social Security fraud:
- If you believe someone is using your social security number for employment purposes or to fraudulently receive Social Security benefits, contact the Social Security Administration’s fraud hotline at 1-800-269-0271. Request a copy of your social security statement to verify its accuracy.
For additional resources, visit the Social Security Administration at http://oig.ssa.gov/report-fraud-waste-or-abuse
In cases of online stalking:
- In cases where the offender is known, send the stalker a clear written warning saying the contact is unwanted and asking that the perpetrator cease sending communications of any kind. Do this only once and do not communicate with the stalker again (Ongoing contact usually only encourages the stalker to continue the behavior).
- Save copies of all communication from the stalker (e.g., emails, threatening messages, messages via social media) and document each contact, including dates, times and additional circumstances, when appropriate.
- File a complaint with the stalker’s Internet Service Provider (ISP) and yours. Many ISPs offer tools that filter or block communications from specific individuals.
- Own your online presence. Set security and privacy settings on social networks and other services to your comfort level of sharing.
- Consider changing your email address and ISP; use encryption software or privacy protection programs on your computer and mobile devices. (You should consult with law enforcement before changing your email account. It can be beneficial to the investigation to continue using the email accounts so law enforcement can also monitor communication.)
- File a report with local law enforcement or contact your local prosecutor’s office to see what charges, if any, can be pursued. Stalking is illegal in all 50 states and the District of Columbia.
For additional resources, visit the Stalking Resource Center at www.ncvc.org/src
In cases of cyberbullying:
- Tell a trusted adult, or local law officer about what’s going on.
- Save any of the related emails, texts, or messages as evidence.
- Keep a record of incidents.
- Report the incident to the website’s administrator; many websites including Facebook and YouTube encourage users to report incidents of cyberbullying.
- Block the person on social networks and in email.
- Avoid escalating the situation: Responding with hostility is likely to provoke a bully. Depending on the circumstances, consider ignoring the issue. Often, bullies thrive on the reaction of their victims. If you or your child receives unwanted email messages, consider changing your email address. The problem may stop. If you continue to get messages at the new account, you may have a strong case for legal action.
- If the communications become more frequent, the threats more severe, the methods more dangerous and if third-parties (such as hate groups and sexually deviant groups) become involved—the more likely law enforcement needs to be contacted and a legal process initiated.
How Did This Happen To Me? Beware of Viruses and Malware.
Many cybercrimes start with malware—short for “malicious software.” Malware includes viruses and spyware that get installed on your computer, phone, or mobile device without your consent—you may have downloaded the malware without even realizing it! These programs can cause your device to crash and can be used to monitor and control your online activity. Criminals use malware to steal personal information and commit fraud. If you think your computer has malware, contact your local computer repair center as soon as possible, you can also file a complaint with the Federal Trade Commission at www.ftc.gov/complaint
Avoid malware with the following tips:
- Keep a clean machine by making sure your security software; operating system and web browser are up to date.
- When in doubt throw it out. Don’t click on any links or open attachments unless you trust the source.
- Make your passwords long and strong and unique. Combine capital and lowercase letters with numbers and symbols to create a more secure password. Use a different password for each account.
- Set your browser security high enough to detect unauthorized downloads.
- Use a pop-up blocker (the links in pop-up ads are notorious sources of malware).
- Back up your data regularly (just in case your computer crashes).
- Protect all devices that connect to the Internet. Along with computers, smart phones, gaming systems, and other web-enabled devices also need protection from malware.
- Make sure all members of your family follow these safety tips (one infected computer on a home network can infect other computers).
Other Places to Find Resources or File a Complaint:
- Anti-Phishing Working Group ([email protected])
- Better Business Bureau (investigates disagreements between businesses and customers; https://www.bbb.org/consumer-complaints/file-a-complaint/get-started)
- CyberTipLine, operated by the National Center for Missing & Exploited Children (investigates cases of online sexual exploitation of children; 1-800-843-5678 or www.cybertipline.com)
- Electronic Crimes Task Forces and Working Groups (http://www.secretservice.gov/ectf.shtml)
- The Secret Service (investigates fraudulent use of currency; http://www.secretservice.gov/field_offices.shtml)
- StopFraud.Gov Victims of Fraud Resources (http://www.stopfraud.gov/victims.html)
- U.S. Computer Emergency Readiness Team (www.us-cert.gov)
- U.S. Department of Justice (www.justice.gov/criminal/cybercrime)
- U.S. Postal Inspection Service (investigates fraudulent on-line auctions and other cases involving the mail; https://postalinspectors.uspis.gov/contactus/filecomplaint.aspx)
- Your State Attorney General (the National Association of Attorneys General keeps a current contact list at http://www.naag.org/current-attorneys-general.php)