Cybercrime Prevention, Reporting, & Recovery

This page is your go-to resource for tackling the multifaceted challenges of cybercrime. With the digital world becoming increasingly integrated to everyday lives and business operations, understanding how to prevent, recognize, report, and recover from cyber threats is critical. This comprehensive page is structured into four essential sections encompassing the continuum of cybercrime remediation. Each section includes a curated list of cybersecurity tools tailored for everyday users, individuals requiring enhanced security, and organizations.

Prevent Whether you are an everyday user or in charge of an organization's IT apparatus, implementing cybercrime prevention tools is a no-brainer. For Everyday Cybersecurity this includes using strong passwords, being careful about what information you share online, and being aware of common cybercrime scams. However sometimes a more structured approach, or Enhanced Protection, is needed for small businesses or individuals requiring heightened security. For large organizations Advanced Security is required, including sophisticated Intrusion Prevention Systems (IPS), security simulations, and strict access control.	Realize Cybercrimes can often go undetected but it is important to catch them before they cause further damage. Luckily, along with a number of resources for learning to spot cybercrimes, there are a multitude of automated software tools that intelligently detect anomalies. Cybercrime Types & Containment Methods
Report If you are the victim of a cybercrime, it is important to report it to the authorities. This will help them to investigate the crime and track down the perpetrators. Cybercrimes are dramatically underreported, people are sometimes embarrassed, or they don’t think anyone will do anything. The truth is that authorities are investing more money in cybersecurity every year. Cybercrime Reporting Resources	Recover Once you have reported a cybercrime, there are steps you can take to recover from it. A lot of the time these steps occur before the crime happens, like keeping a backup of your data or having a disaster recovery plan. Otherwise, it may include things like changing your passwords, monitoring your credit report, and filing insurance claims. Cybersecurity Tools Passwords Password Managers Two-Factor & Multi-Factor Authentication Backup & Restoration of Data Cloud storage Data recovery Offline storage Insurance & Recovering Your Losses no subcategories Sensitive Data Account Authentication Data Constituent Information Customer Information Data Sharing Donor Information Employee Information Encryption Keys Financial Data Intellectual Property Partner Information Secure File Storage Supplier Information Volunteer Information

Cybercrime Reporting Resources

Types of Cybercrimes and Containment Methods


Type of Cybercrime	Signals of Attack	Methods of Containment
Data breach - The unauthorized access and theft of sensitive data.	Unusual system activity, such as spikes in traffic or login attempts from unusual locations Missing files or data Unauthorized changes to system configurations or permissions	Isolate affected systems from the network Change all passwords and security credentials Notify affected individuals and credit bureaus Restore data from backups
Malware attack - The unauthorized installation of malicious software on a computer system.	Slow computer performance Unusual system activity, such as high CPU usage or network traffic Unexpected pop-up windows or messages New software or files that appear on the computer without the user's knowledge	Run a full system scan with antivirus and anti-malware software Remove any infected files Restore data from backups
Phishing attack - A fraudulent attempt to obtain sensitive information, such as passwords or credit card numbers, by disguising oneself as a trustworthy entity in an electronic communication.	Emails or text messages that appear to be from a legitimate source, such as a bank or credit card company, but contain suspicious links or attachments Emails or text messages that ask for personal or sensitive information, such as passwords or credit card numbers	Do not click on links or open attachments in emails or text messages from unknown senders Verify the legitimacy of any email or text message before providing any personal or sensitive information
Denial-of-service (DoS) attack - An attempt to make a computer system or network unavailable to its intended users by flooding it with traffic or exploiting vulnerabilities in software or hardware.	Slow website or application performance Unresponsive website or application Unexpected error messages	Contact your internet service provider (ISP) or web hosting provider Implement DDoS mitigation strategies, such as firewalls and load balancers
Man-in-the-middle (MitM) attack - An attack where the attacker secretly relays and possibly alters the communication between two parties who believe they are communicating directly to each other.	Unexpected redirects to unfamiliar websites Unexpected changes to website content Unexpected security warnings	Use a VPN when connecting to public Wi-Fi networks Keep your software and operating system up to date Use strong passwords and two-factor authentication
Social engineering attack - An attack that manipulates people into performing actions or divulging confidential information.	Phone calls, emails, or text messages that ask for personal or sensitive information Requests for help with technical problems Offers of free products or services	Be suspicious of any unsolicited contact Do not provide personal or sensitive information to anyone you do not know and trust Verify the legitimacy of any request before taking any action
Ransomware attack - A type of malware that encrypts the victim's data and demands a ransom payment in exchange for the decryption key)	Files that are encrypted and cannot be accessed A ransom message demanding payment in exchange for the decryption key	Isolate affected systems from the network Do not pay the ransom Restore data from backups
Cryptojacking - The unauthorized use of a computer's processing power to mine cryptocurrency.	Slow computer performance High CPU usage Unexpected network traffic	Install a cryptocurrency miner blocker Keep your software and operating system up to date Use strong passwords and two-factor authentication
Insider threat - A cyberattack carried out by an individual who has authorized access to an organization's computer systems or data.	Unusual system activity, such as spikes in traffic or login attempts from unusual locations Unauthorized changes to system configurations or permissions Missing files or data	Monitor system activity for suspicious behavior Implement security controls to prevent unauthorized access to systems and data Conduct regular security audits
Supply chain attack - A cyberattack that targets an organization's suppliers or third-party vendors.	Vulnerabilities in software or hardware used by suppliers or third-party vendors Unusual system activity, such as spikes in traffic or login attempts from unusual locations Unauthorized changes to system configurations or permissions	Update all software and hardware to the latest versions Implement security controls to prevent unauthorized access to systems and data Monitor supplier and vendor activity for suspicious behavior

Cybercrime Prevention, Reporting, & Recovery

Navigation menu

Page actions

Page actions

Personal tools

Navigation

Search

Tools