Report Cyber Crime: Your First Step Towards Justice
If you’re employed at an organization, it’s crucial to notify your internal IT Department or your Managed Service Provider about any cyber incidents. For those who prefer handling matters independently, the following tips will serve as a helpful guide. Please read the legal disclaimer at the bottom of this page.
Who to Contact
1. Local Law Enforcement
For both business owners and individuals, reporting cyber crime to local law enforcement is a critical first step. These authorities play a crucial role in initiating investigations within their jurisdiction and can act as a bridge to larger, national investigations if necessary. When you report a cyber crime, you not only aid in the potential capture and prosecution of the criminals but also help in raising awareness about the types of cyber threats prevalent in your area. This cooperation can lead to a safer business environment and community, as law enforcement uses this information to better understand and combat cyber threats.
2. Your Workplace’s IT Department
If you’re part of an organization and encounter a cyber threat, it’s essential to report this immediately to your IT department. Cyber criminals often target specific industries or companies, and your report could be the first alert to a wider-scale attack on your company’s network. The IT department can take immediate action to protect sensitive data and mitigate the risk of further damage, which is crucial for maintaining the security of company assets and customer trust.
3. Your Email Provider
Phishing or suspicious emails should be reported directly to your email service provider. Major providers like Gmail and Outlook have mechanisms in place to report such emails, which helps them enhance their spam filters and security measures. By reporting phishing attempts, you contribute to a safer email environment not just for yourself but for all users. It’s a proactive step in disrupting the operations of cyber criminals who rely on email as a primary vector for attacks.
4. The Internet Crime Complaint Center (IC3)
The IC3 serves as a central hub for the reporting of cyber crime affecting both individuals and businesses in the U.S. When you file a complaint with the IC3, you’re providing valuable information that assists in the understanding and tracking of online criminal activity. The center reviews complaints, supports investigations across jurisdictions, and refers cases to the appropriate law enforcement agencies. Reporting to the IC3 can help link your case to broader criminal activities, potentially aiding in larger investigations.
5. Federal Trade Commission (FTC)
The FTC does not address individual complaints directly but plays a vital role in collecting data on cyber fraud and identity theft to identify patterns of criminal activity. Reporting to the FTC helps in building cases against widespread scams and can lead to significant legal actions against cyber criminals. For businesses, engaging with the FTC demonstrates a commitment to fighting cyber crime and protecting consumers.
6. Local Victim Services Provider
After experiencing cyber crime, individuals and business owners might feel overwhelmed or uncertain about the next steps. Local victim services providers offer crucial support, including counseling, legal advice, and assistance in understanding your rights and the resources available to you. They provide a personalized support network to help you navigate the aftermath of cyber crime, ensuring you’re not alone in your recovery journey. Engaging with these services can facilitate a more resilient approach to handling the impacts of cyber crime on both a personal and professional level.
How to Collect and Preserve Evidence
Collecting and preserving evidence is a critical step in the process of reporting cyber crime. Proper handling of evidence not only aids in the investigation but can also significantly impact the outcome of legal proceedings. Here’s an enhanced guide on how to collect and preserve evidence in the event of a cyber crime.
What Constitutes Evidence?
1. Digital Communications: Emails, text messages, and social media messages that are related to the cyber crime. These can include phishing attempts, threatening messages, or any communication with the perpetrator.
2. Financial Transactions: Records of any unauthorized transactions, including bank statements, online transaction histories, and receipts.
3. Digital Files: Any files that were affected by the cyber crime, such as those infected by malware or ransomware. This includes the malicious files themselves, if safely isolable.
4. Logs and Metadata: System logs, browser histories, and email headers that can provide details about the origins of the cyber attack. This information can include IP addresses, timestamps, and routing information.
5. Physical Evidence: In some cases, physical items like printed emails, letters, or devices used by the perpetrators can be part of the evidence.
How to Safely Store Evidence
1. Secure Digital Copies: Make digital copies of all electronic evidence and store them in a secure location, such as an encrypted external hard drive or a cloud storage service with strong security measures.
2. Preserve Original State: Avoid altering or editing the original documents or files. If you need to review or share the evidence, use the copies you’ve made.
3. Maintain a Chain of Custody: Keep a detailed record of everyone who has access to the evidence, including dates and reasons for access. This is crucial for the integrity of the evidence in legal processes.
4. Use Secure Communication: When sharing evidence with authorities or legal advisors, use secure methods of communication to protect the confidentiality and integrity of the evidence.
5. Seek Professional Advice: If unsure about how to handle certain types of evidence, consult with cyber security professionals or legal advisors to ensure that the evidence is preserved correctly.
Following these guidelines will help ensure that the evidence you collect is admissible in court and can be effectively used to support the investigation and prosecution of cyber criminals.
Additional Resources
- identitytheft.gov
- FBI Cyber Crime Investigation
- Cybersecurity & Infrastructure Security Agency
Legal Disclaimer: The content provided on this page is intended for informational purposes only and does not constitute legal advice, nor is it meant to be a comprehensive guide on how to respond to cyber crimes. This is a free resource designed to assist individuals and businesses in understanding the steps that can be taken to report cyber incidents. Users should treat it as a general guide and are encouraged to seek professional legal counsel for specific cases or concerns. The creators of this page assume no responsibility for the actions taken by users based on the information provided herein.
Author: Mike Braico CEO and Cybersecurity Expert
Mike Braico is a CEO and Cybersecurity expert with over 30 years of Information Technology experience. His career spans public and private sector companies including Novell, AOL, Netscape, Sun Microsystems (later acquired by Oracle), and Integrated Media Technologies (IMT). Mike has been leading InData Consulting for over 10 years.
An entrepreneur with a keen vision, Mike has co-founded three successful startups, showcasing his exceptional ability to navigate the rapidly evolving technology landscape. Beyond his entrepreneurial ventures, Mike is deeply involved in private equity, advising clients and investors on leveraging technology to sculpt competitive business strategies and drive significant value creation.
With a diverse technology and customer advisory portfolio, Mike has delivered strategic insights across various industries including artificial intelligence (AI), blockchain, financial services, manufacturing, construction, film and television production, healthcare, social media, and private equity. His profound understanding of technology and its application across various sectors have made him an invaluable organizational resource to business owners and entrepreneurs.
Mike is available for speaking engagements, podcasts, and strategy consulting. Contact Mike