“Identity thieves can use a variety of platforms to commit their crimes, including many online platforms. This crime creates not only short-term effects for victims during the time they are remediating their cases – it creates long-term effects as well,” said ITRC President/CEO Eva Velasquez. “When we look at the sheer volume of identity theft it is easy to get lost in the number; we must not forget that behind each percentage and incident we count, there is a person whose life is being affected. This in turn affects families, communities, regions and our country as a whole.”
In recent months, ransomware attacks – the “digital kidnapping” of valuable data in which malware accesses victims’ files, locks and encrypts them, and then forces victims to pay ransom to get the files back – have grown more sophisticated and prevalent. The FBI has warned that these attacks are on the rise4, and according to Kaspersky Lab, the number of individuals attacked by crypto-ransomware increased 5.5 times from 2014/2015 (131,000) to 2015/2016 (718,000).5 These threats can be especially damaging to businesses, which may store critical organizational data, intellectual property and consumer information. “Having a backup that can restore the impacted system is a key defense that can help organizations restore normal operations quickly after being impacted by ransomware,” said Kaiser.
NCSA’s STOP. THINK. CONNECT.™ campaign recommends that both consumer and business audiences take the following steps to prevent and recover from cybercrime such as scams, identity theft and ransomware attacks:
- Lock down your login: Fortify your online accounts by enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device. Your usernames and passwords are not enough to protect key accounts like email, banking and social media.
- Keep all machines clean: Having the latest security software, web browser and operating system is the best defense against viruses, malware and other threats. If you have experienced cybercrime, immediately update all software on every internet-connected device. All critical software, including PCs and mobile operating systems, security software and other frequently used programs and apps, should be running the most current versions. Use security software to scan any USBs or external devices.
- Back it up: Make sure you have a recent and securely stored backup of all critical data.
- Make better passwords: A strong password is a sentence that is at least 12 characters long. Focus on positive sentences or phrases that you like to think about and are easy to remember.
- When in doubt, throw it out: Links in email, tweets, posts and online advertising are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete it.
- Help the authorities fight cybercrime: Report stolen finances or identities and other cybercrime to the FBI Internet Crime Complaint Center (IC3), the ITRC, the Federal Trade Commission (FTC) and/or your local law enforcement or state attorney general as appropriate.
There are phishers and criminals everywhere
While many cybercrime discussions focus on identity theft and scams, cybercrime can also include online domestic violence, stalking and harassment. The National Center for Victims of Crime and the U.S. Department of Justice’s Office for Victims of Crime have resources for victims of domestic violence, stalking, sexual assault, financial crimes and other offenses. Additionally, see NCSA’s pages on cyberbullying and harassment and identity theft and fraud for more resources and information.