a woman using her mobile phone

Reporting Cyber Crime

The first step toward bringing cybercriminals to justice is reporting cybercrime when it happens.


With just a click of a button on your web browser or an email to IT, you can help take a bite out of cybercrime!

It’s true, cybercrime can be difficult to investigate and prosecute because it often crosses legal jurisdictions, even international boundaries. Offenders often disband online criminal operations and launch new ones with new approaches at a rapid clip. This constant churn means authorities can be working one step behind the hackers.

Criminals don’t own the internet, though – responsible digital citizens like you do. Authorities have seriously upped their game since the first viruses, malware, and phishing attacks. Federal, state, and local law enforcement are hyperfocused today on becoming ever more sophisticated about cybercrime. Billions of dollars in resources are devoted to preventing, stopping, and investigating cyber threats. Legislation continues to be passed that further empowers federal, state, and local authorities to bring cybercriminals to justice and show the world that crime doesn’t pay, even on the internet.

But at the end of the day, stopping cybercriminals begins with you. If you are a target of cybercrime, it cannot be rectified unless the authorities are aware of it. This is also true if you were just a potential target of a nefarious attack, like you identified a phishing email or text before clicking any links. Depending on the nature of the attack, reporting a cybercrime can be as simple as selecting a button on your email program.

Remember, you aren’t alone online! You have the power to stop cybercriminals!


Who to contact    -   Local Law Enforcement

Even if you have been the target of a multinational cybercrime, your local law enforcement agency (such as your local police department or sheriff’s office) has an obligation to assist you by taking a formal report. They are also required to make referrals to other agencies, when appropriate. Report your situation as soon as you find out about it. Nowadays, many local agencies have detectives or departments that focus specifically on cybercrime.


Your workplace’s IT department

If the cybercrime happened in a work context, like if you received a suspected phishing email in your work email inbox, you should contact a supervisor or your company’s IT department. It is very important that you report the situation promptly – cybercriminals might be targeting your company at large so early detection can be critical in stopping this.


Your email provider

Deleting spam, malicious messages or any other suspicious emails keeps you safe, but you can bolster your cybersecurity by reporting any serious cybercrime attempt to your email client. Many of the major email services (like Gmail and Outlook) make this very easy to do. You can also block senders, so you can ensure a bad actor email account never contacts you again, but bear in mind, the bad guys change email addresses, and spoof legit ones, faster than a game of Whack-a-Mole.


The Internet Crime Complaint Center (IC3)

You can get the federal government’s help with your issue by contacting IC3. IC3 is a partnership between the Federal Bureau of Investigation (yes, that FBI) and the National White Collar Crime Center (funded, in part, by the Department of Justice’s Bureau of Justice Assistance). IC3 will thoroughly review and evaluate your complaint and refer it to the appropriate federal, state, local or international law enforcement or regulatory agency that has jurisdiction over the matter. File your complaint with the IC3 here.


Federal Trade Commission (FTC)

While the FTC does not resolve individual consumer complaints, it does run the Consumer Sentinel, a secure online database used by civil and criminal law enforcement authorities worldwide to detect patterns of wrong-doing. Nailing down patterns leads to investigations and prosecutions. You can file your complaint to the FTC here.

If you are the victim of identity theft, you can receive additional help through the FTC hotline at 1-877-IDTHEFT (1-877-438-4338). Find more resources aimed at individuals, businesses and law enforcement at identitytheft.gov.


Local victim services provider

Because cybercrime has impacted so many people across the country, many communities in the United States actually have victim advocate initiatives to help you. These advocates can help you with resources, emotional support and advocacy. Find local victims service providers here.


COLLECT AND KEEP EVIDENCE

Dust off your detective hat. You might not be asked to provide evidence when you initially report cybercrime, but it is imperative that you keep any evidence related to the complaint. That phishing email, suspicious text or ransomware isn’t just bits and bytes – it’s evidence. This material can help law enforcement stop and prosecute hackers.

Keep items in a safe location in the event you are requested to provide them for investigative or prosecutive evidence. All of the following documentation might be considered evidence, but you should keep anything you think could be related to the incident:

  • Canceled checks
  • Certified or other mail receipts
  • Chatroom or newsgroup text
  • Credit card receipts
  • Envelopes (if you received items via FedEx, UPS or U.S. Mail)
  • Facsimiles Log files, if available, with date, time and time zone
  • Social media messages
  • Money order receipts
  • Pamphlets or brochures
  • Phone bills
  • Copies of emails, preferably electronic copies. If you print the email, include full email header information
  • Copies of web pages, preferably electronic
  • Wire receipts

ADDITIONAL RESOURCES     


Report Social Security Fraud

If you believe someone is using your social security number for employment purposes or to fraudulently receive Social Security benefits, contact the Social Security Administration’s fraud hotline at 1-800-269-0271. Request a copy of your social security statement to verify its accuracy.

Report tax fraud


Additional places to report cybercrime