How Do Cybercriminals Get Caught?

A family at home reading about cybercriminals.

Cybercriminals use sophisticated tactics to commit crimes. It takes a village to catch a cybercriminal since the method of how they commit these crimes is so complicated. Law enforcement usually has to coordinate with government agencies, international partners, and private corporations.


Try Norton 360 FREE 30-Day Trial* - Includes Norton Secure VPN

30 days of FREE* comprehensive antivirus, device security and online privacy with Norton Secure VPN.

Join today. Cancel anytime.
*Terms Apply

October is National Cyber Security Awareness month. Just exactly how do the bad guys get caught? This is part 18 in a series of blog posts we will be publishing on various topics aimed at educating you on how to stay protected on today’s Internet landscape.

On the surface, cybercrime seems like it would be a fairly open and shut case-a cybercriminal commits a crime, law enforcement steps in, catches the bad guy and then the is case closed. However, due to the sophisticated tactics these criminals use, it makes it extremely difficult for law enforcement alone to collect evidence, capture the suspect and prosecute them.

It Takes a Village To Catch A Cybercriminal

Since the method of how they commit these crimes is so complicated, law enforcement usually has to coordinate with government agencies, international partners, and private corporations. Oftentimes, cybercriminals use secure software to remain anonymous which are proxy servers that hide their location and route their communications through multiple countries in order to evade direct detection, and commit the crimes in other countries where they cannot be prosecuted. In addition to these partnerships, they use a combination of traditional investigative and complicated digital forensics tactics.

Traditionally, cybercriminals have been lone wolves until recent years, where most cybercriminal activity is compromised of computer "gangs". The most popular types of attacks implemented by these gangs are phishing scams, ransomware, botnets and malware, such as Remote Access Trojans (RATs). Their motivation behind these attacks is often monetary and informational gain such as cyberespionage, identity fraud, online extortion, credit card fraud and even international money laundering operations.

In 2013, the Internet Crime Complaint Center (IC3), which is a partnership between the Federal Bureau of Investigation (FBI) and National White Collar Crime Center (NW3C), released their annual Internet Crime Report stating thatthe IC3 received 262,813 complaints of Internet crimes. Those crimes totaled $781,841,611 dollars in loss. This was a 48% increase in complaints since 2012, and surprisingly, the FBI estimates that the IC3 only receives complaints for about 10% of all crimes on the Internet. The IC3 was founded in 2000, and houses the nation’s largest archive of reported Internet crimes worldwide. Despite being a worldwide service, 90% of their complaints come from the United States.

The IC3 collects the data from these complaints and then forwards this data to the appropriate law enforcement agency. In addition to the NW3C working with the FBI to form the IC3, they offer a multitude of services to individual law enforcement agencies, including computer forensics, analytical research, and preparing materials and evidence for use in court. In addition to lending their investigative support to law enforcement cases, they also train thousands of officers yearly in computer forensics, cyber and financial crime investigations, and intelligence analysis. In 2013, the NW3C helped law enforcement gain 5.25 million dollars in criminal restitution, 4.81 million dollars in criminal fines and 452 months of sentences ordered.

Malware botnet

How Does It All Come Together?

In order to bring a case to a successful conclusion, it takes thousands of hours in research and cyber forensic analysis, which includes identifying, preserving, retrieving, analyzing and presenting data as a form of evidence. In order for this evidence to be admissible in court, the police need to obtain a warrant to seize the machines that are used in the crimes. In addition to all of this research, there are special technical skills that are needed when obtaining and analyzing the evidence, such as the ability to decrypt encrypted files, recover deleted files, crack passwords and more. For these more technically complicated tasks, specialized cybercrime units are assembled, which are groups of officers trained in these skills. For law enforcement agencies alone, this would be an extremely tall order, even with the specialized task forces assisting, and that is where the efforts of the FBI and NW3C come into play.

If convicted, the sentencing and penalties vary. Hacking is considered a Federal offense since it is a form of fraud. The penalty can range anywhere from paying a small a fine to serving up to 20 years in prison, depending on the severity of the crime. Spam carries a minimum punishment of a fine up to $11,000. Additional fines can be added if the spammer violates policies and uses automated bots to collect email addresses. Jail time can even apply if the information collected is used to commit acts of fraud. Identity Theft can earn a sentence up to 5 years, and that time can be increased if the identities collected are used for acts of terrorism.

No Target Too Small

Cybercriminals have no preference in whom their targets are, as long as someone takes the bait. Usually the mainstream media only reports these threats when there are massive data breaches involving prominent companies, but these attacks target everyone, including general computer users. Utilize the following tips to help lessen your chances of becoming prey for these cybercriminals.

How To Stay Safe:

Use extreme caution when receiving unsolicited communications from individuals from out of the country, generally emails from another country use poor grammar and spelling, indicating that the sender is not a native English speaker. Be suspicious of emails from unknown senders requesting personal information.

Don’t open, respond to, download attachments or click on links from unknown emails. Emails that come in the form of a help desk support ticket, a message from your bank, or from someone soliciting money via a 419 scam are usually phishing scams. If an opportunity seems too good to be true, such as a monetary windfall, it probably is. Make sure you’re using secure websites when entering in payment information. You can verify this by making sure the website’s URL begins with HTTPS.”

​Add an extra layer of protection to your computer using a comprehensive security software program such as Norton Security.

This is part 18 of a series of blogs for National Cyber Security Awareness Month.

For more information on various topics, check out:

Week 1

5 Ways You Didn't Know You Could Get a Virus, Malware, or Your Social Account Hacked
How To Choose a Secure Password
How To Avoid Identity Theft Online
How To Protect Yourself From Phishing Scams
How To Protect Yourself From Cyberstalkers

Week 2

Mobile Scams: How-to Identify Them and Protect Yourself
Exactly How Free Is That Free App?
BYOD And Protecting Your Mobile Workforce
Cyber Security Concerns and Smartphones

Week 3

Keeping Your Mobile Fitness Data Secure
Security Concerns and the Connected Car
The Connected Home- Just How Safe Is Convenience?

Week 4

Securing Employee Technology, Step by Step
Are Your Vendors Putting Your Company’s Data at Risk?
Four Mobile Threats that May Surprise You
Theft-Proof Your Mobile Data
Traveling? Don’t Let Your Mobile Data Stray

Try Norton 360 FREE 30-Day Trial* - Includes Norton Secure VPN

30 days of FREE* comprehensive antivirus, device security and online privacy with Norton Secure VPN.

Join today. Cancel anytime.
*Terms Apply

Norton logo
  • Norton
Norton empowers people and families around the world to feel safer in their digital lives

Editorial note: Our articles provide educational information for you. Our offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about Cyber Safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses. The Norton and LifeLock brands are part of Gen Digital Inc. 


    Want more?

    Follow us for all the latest news, tips and updates.