1. Home
  2. Emergency Planning
  3. Disaster-Specific
  4. Cybercrime

Recognizing and Preventing Cyber Threats

Cybercrime includes any criminal activity involving computers or networks, from phishing emails and account takeovers to major attacks that shut down organizations. Because so much of our personal and professional lives now happens online, cyber threats are no longer rare - they’re part of the modern landscape. Cybersecurity is about staying one step ahead: recognizing warning signs, securing your accounts and devices, and knowing how to respond if something goes wrong.

A cyber hacker is nothing more than a bank robber using another weapon. His motivation is robbery and theft.” - Auth Shield
Disaster Planning
The Destructive Nature of Cybercrime
computer code with the words cyber attack included

Large Scale Effects

Threats to life

endanger safety by targeting critical infrastructure like hospitals, power plants, and water systems.

Disruption of daily activities

can affect the normal functioning of society and economy by disrupting essential services such as communications, transportation, or education.

Emotional distress

anxiety, fear, and depression felt when victims are part of a massive data breach.

Individual Loss

Identity theft

can steal your personal information to commit fraud or other illegal activities in your name.

Financial loss

can drain your bank accounts, make purchases, or open new credit accounts in your name.

Loss of personal data

such as photos, videos, documents, and emails, which can be difficult or impossible to recover.

someone commiting a cyberattack
Disaster Planning
Cyber Theft: Targets and Scamming Methods

Cyber theft is a type of cybercrime and is one of the fastest-growing crime in the United States. Everyone with a smart phone or computer is vulnerable. Millions of everyday citizens are impacted yearly.

Cyber Theft Targets

Cybercriminals often target the following types of personal information:

  • personally identifiable information: full name, DOB, address, Social Security number, etc.
  • financial data: bank account numbers, debit card numbers, credit card numbers, and other financial data.
  • healthcare & insurance info: medical records, insurance policy details, and other health-related information.
  • usernames & passwords: login credentials for various online accounts.
  • work logins: includes credentials to access work-related systems and potentially sensitive information.
  • photos & videos: even cloud servers can be hacked.

Scamming Methods

There are several ways people can be scammed online and over the phone. Here are some common methods used by scammers:

  • spoofing: falsify data on caller ID to disguise identity.
  • phishing: emails, calls, or texts asking for money or personal information.
  • fake online profiles & photos: to lend an air of legitimacy.
  • fake entities: phony businesses, charities, political action committees, etc.
  • fake claims: all part of the act.
  • fake identity: like name, credential, badge number, etc.
Disaster Planning
Before a Cybercrime Happens

We can’t do much to protect ourselves from mass data breaches or attacks on infrastructure. Protection at this scale falls at the feet of government and private industry. But what we can do is protect ourselves from personal cybersecurity threats that can be extremely destructive to those who fall victim.

How to Protect Yourself

passwords | phone safety | computer safety & protection | wi-fi network protection | personal information | suspicious activity | scammers | latest scams

Here are some steps you can take to protect your digital assets and financial resources. While no measure can provide 100% security, taking these steps can significantly reduce your risk of falling victim to a cyberattack.

How to Protect Yourself

Here are some steps you can take to protect your digital assets and financial resources. While no measure can provide 100% security, taking these steps can significantly reduce your risk of falling victim to a cyberattack.

Password Best Practices

Complying with best password practices is a fundamental step in safeguarding one’s digital identity and assets from cyber threats and provides a robust first line of defense.

  • Create strong passwords that are 12 characters or longer, using upper and lowercase letters, numbers, and special characters.
  • Change all passwords periodically.
  • Use two-factor authentication.
  • Think about using a password manager to store and generate secure passwords.

Mobile Phone Safety

Properly configured privacy settings on your mobile phone are crucial in protecting your personal information from being exploited. They help control what data is shared, with whom, and when, thereby reducing the risk of sensitive information falling into the wrong hands.

  • Review your privacy settings on your phone apps and change when necessary. Learn more about iPhone settings. Learn more about Android settings.

  • Disable or limit location features on apps that do not require them to function properly.
  • Keep software applications and operating systems up to date.
  • If you can avoid it, do not use your cell phone to make purchases. If you do, ensure that mobile purchases are conducted over secure networks and use trusted payment apps.

Computer Safety & Protection

Setting up your computer with safety and protection in mind is a crucial step in mitigating the risk of cyber threats as it helps safeguard your personal data from unauthorized access.

  • Keep software and operating systems up to date.
  • Use antivirus and antimalware software.
  • Use a firewall. If your antivirus software doesn’t include a firewall, make sure you have your firewall ‘activated’.
  • Consider using a Virtual Private Network (VPN) that creates a more secure connection between your device and the internet.

Wi-Fi Network Protection

Securing your Wi-Fi network serves as the gateway to all your connected devices and online activities. A well-protected Wi-Fi network prevents unauthorized access and potential misuse of your internet connection.

  • Use a secure Internet connection and Wi-Fi network.
  • Use a strong and unique password for your Wi-Fi network and change them regularly.
  • When configuring your router, change the default password, and choose the Wi-Fi Protected Access 2 (WPA2) Advanced Encryption Standard (AES) setting, the strongest encryption option.
  • Consider using a network security key.
  • Don't use public Wi-Fi. If you must, avoid accessing sensitive info when connected.

Personal Information

Your personal information forms the basis of your digital identity. Ensuring its confidentiality helps to prevent potential identity theft and financial fraud.

  • Limit the personal information you share on social media.
  • Set your social media settings to private.
  • Don’t share PINs, passwords, or any other personal information to unsolicited callers, text-messages, or emails.
  • Be cautious about sharing your debit card number, credit card number, bank account number, or Social Security number.

Look for Suspicious Activity

If you are paying attention, you may see signs that something is amiss. Here are things to look for.

  • Be cautious if you are pressured to act immediately, if an offer seems too good to be true, or if you are repeatedly asked for personal information.
  • You see unrecognizable charges on your credit card and bank statements.
  • You see new accounts or loans you didn’t open on your credit report.
  • You are sent a denial of your credit or debit card.

Don’t Fall for the Scams

Many scammers operate as part of organized criminal networks, while others work individually. They are becoming increasingly sophisticated, often exploiting the latest news or trends to make their scams seem more believable.

  • Scammers can create fake links to dubious websites. Be wary of unsolicited emails – don’t open attachments or click on links from unknown sources.
  • Scammers may try to take advantage of financial fears by calling with work-from-home opportunities, debt consolidation offers, and student loan repayment plans.
  • The government will not call, text, or contact you via social media about owing money. This is a common scam.
  • A legitimate company will not call you and ask for control of your computer to “fix” it. This is a common scam.

  • If you have been a victim of a scam, report it.

Learn More About the Latest Scams

  • Federal Trade Commission: The FTC publishes official consumer alerts and annual scam reports, including the top scams of the year.
  • Forbes Advisor: Offers easy to understand guides on common online scams and how to protect yourself.
  • Norton: Shares regularly updated scam alerts, including phishing, tech support scams, and AI driven impersonation schemes.
  • McAfee: Publishes consumer friendly explanations of new scam trends and how to avoid them.
  • Malwarebytes: Offers clear, beginner-friendly guides on how scams work and what red flags to watch for.
  • Security.org: Provides research-based scam prevention advice, including insights into fake job offers, charity scams, and identity theft.
  • Kaspersky: Provides detailed breakdowns of trending online scams and cybersecurity threats.
  • Heimdal Security: Covers emerging fraud tactics and digital safety best practices.
Disaster Planning
If You Suspect a Cyberattack

What to Do When You Suspect

quick actions to take

If you notice unusual or unauthorized activity, act quickly. You may be able to mitigate the damage that has been done or, better yet, stop the crime right in its tracks. Here are some actions you can take.

What to Do When You Suspect

If you notice unusual or unauthorized activity, act quickly. You may be able to mitigate the damage that has been done or, better yet, stop the crime right in its tracks. Here are some actions you can take.

Quick Actions to Take

  • If you notice any irregular charges to your accounts in your name that you did not open, or other type of activity, call your bank and any financial institution involved immediately.
  • If you find a problem, disconnect your device from the Internet and perform a full system restore.
  • Consider turning off the device. Take it to a professional to scan for potential viruses and remove any that they find.
  • Run a security scan on your device to make sure your system is not infected or acting more slowly or inefficiently.
  • Let work, school, or other system owners know. Information Technology (IT) departments may need to warn others and upgrade systems.
Disaster Planning
If You Are a Victim of a Cybercrime

What to Do After

contacts to make | reports to file | how to report a scam

Let the proper federal, state, and local authorities know if you believe you have been a cyberattack victim. This will document the occurrence and may help prevent further damage or loss of data or revenue.

What to Do After

Let the proper federal, state, and local authorities know if you believe you have been a cyberattack victim. This will document the occurrence and may help prevent further damage or loss of data or revenue.

Contacts to Make

  • Contact banks, credit card companies, and other financial services companies where you hold accounts and report that someone may be using your identity.

  • You may need to place holds on accounts that have been attacked or close them.

  • Contact the Federal Trade Commission (FTC) if you receive messages from anyone claiming to be a government agent.

  • Contact the Social Security Administration (1-800-269- 0271) if your Social Security number was compromised.

  • Contact your local Department of Motor Vehicles if your driver's license or car registration has been stolen.

Reports to File

locally
  • File a report with the local police so there is an official record of the incident.
    • Federally

  • Federal Trade Commission: Handles reports of identity theft, including misuse of your Social Security number. The FTC provides recovery steps and helps you create a personalized plan to secure your identity.

  • FBI Internet Crime Complaint Center (IC3): Accepts complaints about online fraud, scams, and cybercrime. IC3 reviews your report and forwards it to the appropriate federal, state, or local agency for investigation.

  • United States Secret Service Field Office: Investigates cyber enabled financial crimes such as online fraud, account takeovers, and digital payment scams. Local field offices host Cyber Fraud Task Forces (CFTFs) that handle these cases.

How to Report a Scam

There are several ways you can report a scam.

  • Federal Trade Commission: They track complaints and take legal action against companies.

  • USA.gov: This site provides a scam reporting tool to help you find the right government agency or consumer organization to report the scam.

  • Consumer Protection Agency: You can report scam websites to your state’s Consumer Protection office.

  • Report Fraud: If you’re in England, Wales, or Northern Ireland, you can report scams, fraud, and cybercrime to Report Fraud, the national reporting centre operated by the City of London Police.

  • Police Scotland: If you’re in Scotland, you can report scams, fraud, and cybercrime by calling 101 or using Police Scotland’s online reporting form for non‑urgent matters. This page explains how to report online crime but does not take reports.

Outside the United States and United Kingdom: If you live in another country, report scams, fraud, and cybercrime through your national police or government cybercrime reporting service. Most countries list their official reporting channels on their primary government website. Search for your country name along with terms like “report fraud,” “report cybercrime,” or “online scam reporting” to find the correct authority.