Cybercrime prevention tips and tools

How can I prevent becoming a victim of cybercrime? If you utilize technology, computers, or smartphones, you will likely become a target of this growing problem. Here are some positive steps to decrease your risk of this ever-increasing problem. 

Facts about Cybercrimes:

• In 2018, almost 700 million people were victims of cybercrime.
• Cybercriminals generate revenues of $1.5 TRILLION annually.
• Cybercrime will cost $6 trillion annually by 2021.
• Businesses face attacks as many as 16,856 times per year.
• At least 1.7 times per week, cybercrimes work and damage targets.
• 46 attacks are suffered per day, or two every hour.
• It takes 196 days, on average, for a company to even realize it’s been hacked. 

What types of Cybercrimes exist today?

Although many cybercrimes are occurring throughout the world today, here are some of the most commonly seen:

• Viruses: software that is specifically designed to gather information from files on your computer or to cause disruption to your computer
• Phishing scams: emails that look professional but are socially engineered to get you to interact with fraudulent websites
• Skimmers: these devices are used to steal your credit or debit card information so that the criminals get access to your bank or credit card accounts
• Social Media Hacking: criminals will attempt to utilize information placed on your social media pages to gain insight into your life and either use this information to extort or cause emotional damage to you or gather further information for financial gain
• Online Shopping scams: criminals will sell you something you saw on an online auction and never send you the item after you have paid for it
• Ransomware attacks: criminals will encrypt your files and require you to pay a price for the decryption key
• Smartphone/PDA threats: although you may feel more comfortable using your devices, these too can become infected and carry information that criminals can use for financial gain 

Tips to Consumers:

Viruses can be defended against. There are several virus protection software available on the market today. Installing one of these software packages and keeping them up to date can protect you from downloading a virus.

Phishing attempts can be defended against. Companies will not send you that your password needs to be reset unless you specifically initiate contact with the company. Several of these emails may also contain spelling errors, tell you that you inherited millions of dollars from some unknown relative or person, or purport to be from the Federal Government. Do not respond to these types of emails; if unsure, call the company from a trusted source phone number, i.e., the back of your credit card, a bank statement, etc.

Skimmers can have a financial effect on your credit card or bank accounts. These devices are placed in gas station pumps and bank ATMs or can easily be carried by criminals. Utilize reputable places to do business with when using a credit/debit card. Check your credit card/bank statements monthly, and get your free credit report yearly to ensure no new accounts were opened without your knowledge.

Social Media pages provide criminals with a wealth of knowledge about you. Criminals will use this information for various reasons. It is best not to have a Social Media page, but be careful when posting travel plans and your birthday information, and do not friend anyone you do not know. Make your Social Media page private so it can only be viewed by your friends and not the world.

Online Shopping scams have been occurring for years. When using an online shopping site, ensure that it is a reputable company and use a secure payment method, i.e., PayPal, Google Wallet, etc. Never pay for anything in digital currency like Bitcoin or Blue Chip cards.

Ransomware attacks are becoming more prevalent, not only in the business sector but also on private computers. Be careful of the websites you visit, and even more careful of links on websites you are unfamiliar with. A good anti-virus software can alert you to possible threats.

Smartphone/PDA threats are also on the rise. People are using smartphones for an increasing number of activities and often store sensitive data, such as email, calendars, contact information, and passwords, on the devices. Many users fail to enable the security software that comes with their phones, and they believe that surfing the internet on their phones is as safe as or safer than surfing on their computers. Limit the personal information on your smartphone, activate or use an anti-virus program, and avoid public Wi-Fi use when possible.

Tips to Businesses: 

The business community must act now to implement and follow better information-handling processes. The following areas need to be considered when measuring your information handling security.

• Information acquisition - Do you need the information? Are you acquiring it in a safely?
• Storage - What computer security measures have you placed around personal data storage systems? It should considered highly classified and not common access.
• Access - Who has access? Is it on a need-to-know basis and is access audited? Is there password control over systems? Is a cafeteria worker asking a child for their SSN prior to receiving lunch? Did you do a background check on those who have access to the personal information of employees and customers? Do temps have access to secure info?
• Passwords - Is there a minimum number of characters required? Must a mix of special characters, uppercase and lower case letters exist? Do you force employees to change their passwords regularly? Do you use two-factor authentication methods to access the network?
• Antivirus software – Does your company utilize an antivirus software on all its devices? Do you keep the definitions updated daily? Do you employ an internet safety software to warn employees of fraudulent websites or limit internet surfing?
• Updates – Do you have an Update process that regularly downloads and distributes patches to your software packages?
• Backups – Do you have a System Backup plan in place? Do you have an Emergency Operation Plan in place to restore your business?

What should I do if I become a victim of Cybercrime?

The first thing you should do if you suspect you have become a victim is not touch the device you believe was the source of the intrusion. Do not turn it off/on; leave it as is. If this is a financial incident, obtain copies of your credit report from all three agencies and ask that a fraud alert be placed on file with each of them or your bank statements that show when the funds were stolen. Next, you should contact the Westport Police Department at 203-341-6000 and report what has occurred. A police officer will either respond to your home or business, or you may come to the police department directly. We also ask that you go to the Federal Bureau of Investigation - Internet Crime Complaint Center (IC3) to report the issue to the Federal Government for isolated incidents. Businesses should allow trained members of the Police Department to determine what resources will be necessary to investigate the intrusion.

Resources:

The Federal Government has several resources available to the public regarding cybercrimes. We've made some of them available here:

• Federal Bureau of Investigation - Internet Crime Complaint Center (IC3)
• Cyber Incident Reporting
• Cyber Threats to Mobile Phones
• Cybersecurity and Infrastructure Security Agency (CISA)