With barely a day going by without another large company or website reporting a data breach, it’s easy to fall into the mistake of thinking that it’s all-too-easy for online criminals to “get away with it”.
The widespread use of vulnerable software, unpatched poorly-defended systems, and the growing adoption of so-called “smart” devices has created a wider attack surface for those bent on intruding on company networks, planting malware, and stealing information.
And although cybercrime is undoubtedly becoming more commonplace, it would be a mistake to think that law enforcement agencies aren’t working hard to uncover those responsible and bring them to justice.
In the UK, for instance, the National Crime Agency (and Regional Organised Crime Units) have shown great effort in crippling notorious cybercrime rings, botnets and a range of emerging threats. Yet three years after its official inception, an annual agency report reveals that cybercrime has surpassed traditional criminal activity.
What is clear is that the efforts of the police are hampered if victims are not prepared to come forward to report that they have been victims of online crime. Gathering evidence and putting a case together against an online criminal is so much harder, if you don’t have access to any victims.
So, if you believed that your company had been hacked or had suffered an internet attack – would you know who to contact?
How to report cybercrime and online fraud in the United States:
Those wanting to report a suspected hack in the United States can find helpful information on the FBI’s cybercrime portal, and the US Department of Justice has produced a helpful chart describing who to contact to report computer crime:
|Type of Crime||Appropriate federal investigative law enforcement agencies|
|Computer intrusion (i.e. hacking)|
|Counterfeiting of currency|
|Child Pornography or Exploitation|
|Child Exploitation and Internet Fraud matters that have a mail nexus|
|Internet fraud and SPAM|
|Internet bomb threats|
|Trafficking in explosive or incendiary devices or firearms over the Internet|
In addition, the FBI provides a guide for state, local, tribal, and territorial (SLTT) law enforcement on how to refer cybercrime reports to federal government.
If you think you’ve been affected by an internet fraud incident, you can also file a report with the Internet Crime Complaint Centre (IC3).
How to report cybercrime and online fraud in the UK:
Action Fraud works alongside British law enforcement agencies as the “reporting centre” for fraud and cybercrime.
Clicking Report Fraud will ask a couple of questions and take you to the reporting system for active cybercrime incidents. On the other hand, if you received something suspicious but didn’t respond, choose the attempted report option instead.
If English isn’t your native language, Action Fraud provide a helpful language centre for making incident reports. The Action Fraud team provide a wealth of other helpful information, including a guide to scam emails and the extensive A-Z of Fraud.
To update a previously submitted report, you will need your Crime Reference Number (CRN) to hand. Visit the Update portal and submit the appropriate information directly.
Reporting cybercrime and online fraud in Europe:
Europol’s European Cybercrime Centre (EC3) works to “combat cybercrime in a digital age” by uniting the intelligence services of EU member states. The Report Cybercrime page on the Europol site provides a direct link to the dedicated reporting system for each country.
Along with an abundance of interesting reports and data, the EC3 sub-site also provides a range of useful links for Advisory Group members and content reporting services.
Reporting cybercrime elsewhere:
The Australian Commonwealth, State and Territory Governments developed the real-time ACORN (Australian Cybercrime Online Reporting Network) platform for reporting cybercrime incidents. ACORN also provides a range of educational materials and practical resources for staying safe online.
Visitors from other countries (such as Japan) should get in touch with the local law enforcement authority for the most relevant information.
Remember – some territories may not separate cybercrime prevention from other policing duties, so reach out to a non-emergency line if you’re unsure.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.