Monday, October 12, 2020

Cybercrime victim support: positive developments, growing resources (Cybersecurity Awareness Month, D12)

Thinking before you click any link in an email is good advice. But as the second full week of Cybersecurity Awareness Month 2020 gets under way, it is important to bear in mind this simple fact: all the cybersecurity awareness in the world cannot guarantee that you won't be victimized by people intent on abusing digital technology for their own ends. 

Of course, that's no excuse not to learn, and do, as much as you can about cybersecurity, but I'm sure all of us have been tempted to click dodgy email links at one time or another. And who hasn't received one of those dreaded notification emails that are sadly real: "we're sorry but your account information was exposed by a breach of our security." In other words, becoming a cybercrime victim is sometimes out of our hands. And that bring us to today's topic: what to do if you're a victim of cybercrime?

Fortunately, this question is a lot easier to answer today than it was even five years ago because numerous agencies and entities have stepped up to help cybercrime victims. A notable example in the US is the Cybercrime Support Network which runs the Fight Cybercrime website. Cybercrime Support Network (CSN) is "a public-private, nonprofit collaboration created to meet the challenges facing millions of individuals and businesses affected each and every day by cybercrime."

To help cybercrime victims the CSN website can direct you to suitable resources based on whether you are an individual or a business and what type of problem you are dealing with (the website is much easier to use than this image is to read—I made this mash-up to give you a sense of much help Fraud Support has to offer). 

There is a lot of helpful information for cybercrime victims on

CSN defines cybercrime and online fraud as "any illegal activity involving the internet, such as websites, chat rooms, email, and social media accounts." Examples include advance-fee schemes, non-delivery of goods or services, or fake employment/business opportunity scams. Basically, we're talking any crime that involves the use of the internet to communicate false or fraudulent representations to individuals and businesses. 

One of the things I really appreciate about the Fight Cybercrime site is how quickly you can find the right help when something has gone wrong. Suppose you're an individual who has experienced some form of internet-related fraud. Maybe you think someone is trying to scam you out of a deposit on an apartment. Chey and I ran into this scam a few moves ago and I'm going to blog about that experience later this week, but I wish Fight Cybercrime had been around back then. These days, but here's what you can do if this happens to you.

Go to the FightCybercrime home page and select "Get started". You will see a question—What Happened—and a series of answers, like I Lost Money and I Was Hacked. Alternatively you can choose from the Scams menu at the top of the page. If you chose Financial Purchase Scams you will be shown nine types of scams. In this example, Real Estate and Mortgage scams is closest to what you're dealing with. When you chose that option you get a page full of information about what you can do and who to contact. Furthermore you are given a systematic approach to dealing with the problem in three stages: Report, Recover, and Reinforce. Links and suggestions are provided for each stage.
FightCybercrime is the brainchild of Kristin Judge, a passionate advocate for cybercrime victims. And she's not stopping with online support. Her goal is to create a national cybercrime reporting infrastructure by 2021 so that anyone in the US will be able to dial “211” to report a cybercrime. Already the 211 number is ready to handle calls dealing with hacks and breaches in: Rhode Island; Kent county in Michigan; and Orange, Osceola, and Seminole counties in Florida. Check this site for more information

More cybercrime victim resources

ITRC: In the cybercrime surveys I have seen and done, identity theft always shows up as a serious problem, one that can be particularly upsetting to victims. Fortunately, there is an Identity Theft Resource Center, the ITRC, to which victims can turn: 

"The ITRC is a non-profit organization established to support victims of identity theft in resolving their cases, and to broaden public education and awareness in the understanding of identity theft, data breaches, cyber security, scams/fraud and privacy issues."

FTC: In my opinion, one of the most consumer-supportive agencies in the US government is the Federal Trade Commission. The FTC offers good advice and resources on identity theft

IC3: Another victim-friendly agency is the Internet Crime Complaint Center, often referred to as IC3. The IC3 website is the place to go to report a cybercrime of any kind. 

And this is a good place for me to add my own plug for the act of crime reporting. 

Even though reporting a crime can seem like a lot of effort, and the agency to which you report it may offer little hope of resolving things to your satisfaction, every report of a cybercrime adds weight to the argument that the government should devote more resources to cybercrime deterrence. 

I was several years into my study of cyber-criminology before I realized that a vicious cycle exists in which law enforcement folks who are eager to fight cybercrime can't get enough resources to pursue cyber-criminals because not enough cyber-criminal activity is reported, often because victims don't think law enforcement can do much about cybercrimes, which is too often true because they don't have enough resources, because not enough of the cyber-criminal activity that is happening is being reported...and so on.

So, please do report any cybercrime you encounter. Your crime report not only helps the effort to get more resources for, and more attention focused on, the struggle against cybercrime; your report might be the missing piece in a pattern that helps the authorities crack and a case and identify suspects. And of course it could the one case that convinces a decision-maker that "enough is enough" and it is time to fully fund cybercrime deterrence.

Thank you! 

Do Your Part. Report Cybercrime. #BeCyberSmart

No comments: