We have often issued alerts about pieces of malware being spread via email and many times readers have asked us where and how they can report such cybercriminal operations. The folks from Sophos have made an interesting advisory for those interested in filing official complaints.
A typical scenario starts with an innocent-looking email that’s designed to trick users into opening an attachment.
The bait can be anything, including an allegedly outrageous video, ticket reservations, or package delivery notifications.
The attached file is not what it looks like. Instead, it’s a piece of malware, often one that’s detected by commercial antivirus solutions only a few days after the malicious campaign begins.
The cybercriminals’ motives for sending such emails can vary. They might be trying to steal information or utilize the compromised computers for other purposes, such as launching distributed denial-of-service (DDOS) attacks.
Another noteworthy aspect is that in most cases, the cybercriminals who launch such attacks don’t have a particular victim in mind. Instead, they hope to trick as many users as possible.
Legally speaking, the cybercriminal performs an unauthorized act in relation to a computer. He knows that his activity is unauthorized.
Furthermore, he intends to impair the operation on the victim’s computer by defeating security mechanisms in order to install a backdoor.
In this case, in the UK, his crimes would fall under the Computer Misuse Act 1990, the Communications Act 2003, or the Fraud Act 2006.
In the United States, the offence is covered by Title 18 of the United States Code (USC) Section 1030.
In Canada, such crimes are contained in sections of the Criminal Code of Canada under “unauthorized use of a computer,” “possession of device to obtain computer service,” “mischief in relation to data,” and “identity theft and identity fraud.”
In Australia, the pieces of legislation that cover cybercrime are the Summary Offences Act, 1953 (SOA) and the Criminal Law Consolidation Act, 1935 (CLCA).
Before cleaning up his computer by using an antivirus application (which is usually able to detect any new threats after a few hours/days) and before he files a report with law enforcement, the victim must preserve the evidence.
This means that the original email must be preserved, along with the antivirus log or alert that was generated as a result of the infection.
So, now that we know what laws have been violated, let’s see where the complaints can be filed.
Those who live in the United Kingdom can file a report with their local police. They’ll forward the investigation to the Police Central e-crime Unit – PceU which handles such investigations.
Alternatively, such malware attacks can be reported to Action Fraud, the UK’s national fraud and Internet crime reporting center.
US citizens can file complaints at their local FBI office, the US Secret Service, the Internet Crime Complaint Center (IC3) or by accessing the reporting page specially set up on the website of the Department of Justice.
In Canada, the Royal Canadian Mounted Police (RCMP) is responsible for investigating serious cybercrime offences, but reports must be filed at local police services.
The Australian State or the Territory Police is where cybercrimes can be reported in Australia. A guide on where to report is provided on the Federal Police’s (AFP) website.
Experts highlight the fact that even if authorities don’t launch an investigation into the matter, users contribute to building crime intelligence by filing complaints against such mischief.