Cybercrime can be defined as “any crime that is facilitated or committed using a computer, network, or hardware device”. – Gordon, S. & Ford, R. (2006) “On the definition and classification of cybercrime”, Journal in Computer Virology (2006)2, pp. 13-20. Since this definition is rather broad, we tend to recognize two types of cybercrime: cyber-dependent crime (phishing) and cyber-enabled crime (online child sexual abuse, etc.). However, most forms of cybercrime consist of a combination of the two types (cyberstalking).
According to the European Commission, cybercrime consists of criminal acts that are committed online by using electronic communications networks and information systems. It is a borderless problem that is classified by the Commission in three broad definitions:
- Crimes specific to the Internet. Attacks against information systems or phishing (fake bank websites request passwords to access to victims’ bank accounts).
- Online fraud and forgery. Large-scale fraud can be committed online by identity theft, phishing, spam, and malicious coding, etc.
- Illegal online content. Child sexual abuse material, incitement to racial hatred, incitement to terrorist acts and glorification of violence, terrorism, racism, and xenophobia.
Victims’ rights in the EU are established under The Victim’s Rights Directive https://ec.europa.eu/info/policies/justice-and-fundamental-rights/criminal-justice/protecting-victims-rights_en. The directive sets out the 6 key rights available to all victims of all types of crime that take place in any member state. The following link will allow you to familiarize yourself with your rights as a victim of crime https://ec.europa.eu/newsroom/document.cfm?doc_id=43139
Laws on cybercrime differ from one country to another. To find out more about the legislation concerning cybercrime in your country, contact your local victim support service: https://victimsupport.eu/help-for-victims/find-help/.
EU legislation on cybercrime corresponds to the rules set out in the Council of Europe Convention on Cybercrime. Since cybercrime covers a range of topics, the EU has produced several Directives concerning the crimes that fall under the term cybercrime. These include combating the online sexual exploitation of children and child pornography, attacks against information systems, non-cash means of payment, and facilitating cross-border access to electronic evidence for criminal investigations.
The European Cybercrime Centre (EC3) was set up by Europol in 2013 to strengthen law enforcement response to cybercrime in the EU, to help protect European citizens, businesses, and governments from online crime. EC3 targets cybercrimes:
- Committed by organised crime groups, such as online fraud;
- Which cause serous harms to their victims, such as online child sexual exploitation; and
- Affecting critical infrastructure and information systems in the EU (attacks designed to make targeted websites unusable).
EC3 has to date made a significant contribution in the fight against cybercrime: it has been involved in high-profile operations and on-the-spot operational-support deployments resulting in hundreds of arrests, and has analysed hundreds of thousands of files, the vast majority of which have been proven to be malicious. More information can be found on:
Member states each have their own legal code that will apply to cybercrime. Punishment, whether custodial or financial, will depend on the severity of the crime and on the outcome of any court case. All victims of crime in Europe are entitled to compensation and restitution under the Victim’s Rights Directive. However, the Directive on combating sexual abuse and sexual exploitation of children and child pornography does oblige Member States to investigate and prosecute offenders. To facilitate prosecution, the Directive:
- Criminalises a wide range of situations of sexual abuse and exploitation;
- Introduces increased levels of penalties;
- Extends the statute of limitation after the victim has reached adult status;
- Removes confidentiality obstacles to reporting by professionals working with children;
- Allows criminals to be prosecuted in their home country crimes they commit abroad;
- Requires obstacles to prosecuting crimes committed abroad are removed;
- Ensures that effective investigative tools are available to the police, such as those used against organised and serious crime, and special units must be set up to identify victims of child pornography.
Additionally, the Directive on attacks against information systems introduces new rules and penalties for offences directed against information systems. Member States must ensure these offences are punished by effective, proportionate, and dissuasive criminal penalties.
What can you do to protect yourself against cybercrime? Here are some basic precautions you can take against cyber-dependent crime:
- Use strong complex passwords. Don’t repeat your passwords on different sites and change your passwords regularly.
- Keep your software up to date. This is important for your operating systems and internet security software. Cybercriminals frequently exploit flaws in your software to gain access to your system.
- Manage your social media settings. Keep your personal and private information locked. Cybercriminals can find and use your personal information, so the less you share publicly, the better. For instance, don’t post your pet’s name or reveal your mother’s maiden name, as these are often answers to two common security questions.
- Keep up to date on major security breaches. If you do business with a merchant or have an account on a website that’s been impacted by a security breach, find out what information the hackers accessed and change your password immediately.
- Take measures to protect yourself against identity theft. Identity theft occurs when someone obtains your personal data in a way that involves fraud or deception, for economic gain. How? You might be tricked into giving personal information over the internet, or a thief might hack your email to access account information. It’s important to guard your personal data! A VPN – short for virtual private network – can also help to protect the data you send and receive online, especially when accessing the internet on public Wi-Fi.
- Know that identity theft can happen anywhere. Protect your identity even when traveling by keeping your travel plans off social media and using a VPN when accessing the internet over your hotel’s Wi-Fi network.
- Do not click on links in emails; hover over the link with your mouse to see the URL it will take you to. Your bank will never send you an email with a link to their login page.
To protect yourself and your family from falling victim to cyber-enabled crimes:
- Talk to your children about the internet. Teach your kids about using the internet without shutting down communication channels. Encourage them to talk to you about any kind of online harassment, stalking, or bullying they may experience. Help protect them against identity theft. Identity thieves often target children for their ‘clean’ social security number and credit histories. Be careful when sharing your child’s personal information and be aware of how to check if your child’s identity has been compromised.
- Do not send sexual images to someone you have never met in real life, even if you have known them online for a long time. If you do share such images, make sure you can’t be recognised (no visible scars, tattoos, or moles). If you are under 18 years old, don’t share any sexual images of yourself, this could be viewed as distributing child pornography.
- Do not give money to someone you have never met in real life; even if you have known them online for a long time.
Being a victim of online hate speech or other cybercrime is an emotional experience, you will be stressed and worried about your personal safety. It is important to reach out for help: there are many organizations ready to support you when you are ready to ask for assistance. Victim Support offers free, confidential advice and help to all crime victims and its staff will work with you in the aftermath of your attack.
If you believe you’ve become a victim of cybercrime, you need to alert the local police even if the crime seems minor. Your report may assist authorities in their investigations or may help to thwart criminals from taking advantage of other people in the future. If you think cybercriminals have stolen your identity, these are among the steps you should consider:
- Contact the companies and banks where you know fraud occurred;
- Place fraud alerts and get your credit reports;
- Report identity theft to your local police.
Many victims of cybercrime are put off officially reporting cybercrime, as they feel the police will not take them seriously, or that prosecution is unlikely. However, it is more important than ever to report cybercrime, as this is an important means to ensuring this crime is made a police priority.
You can report online hate speech to the platform on which your received it. Find out here how to report it on YouTube: https://www.youtube.com/watch?v=fND10UFF5lc&feature=emb_logo. Find out how Facebook deals with online hate speech here: https://www.youtube.com/watch?v=Rbx-it8O9uQ&feature=emb_logo.
If you have fallen victim to cybercrime, visit Europol’s website to discover how to report the crime online in your country. Reporting mechanisms vary from one country to another. In Member States which do not have a dedicated online option in place, you are advised to go to your local police station to lodge a complaint.
If you’ve been affected by cybercrime, there are a number of ways you can contact support services to get assistance or information.
- Get support locally. Contact your nearest Victim Support team.
- Call 116 006, the telephone number for helplines for victim support. This number is available in Austria, Croatia, Czech Republic, Denmark, Estonia, Finland, France, Germany, Ireland, Latvia, the Netherlands, Portugal, and Sweden.
The 116 006 helps victims of crime by informing them of their rights and how to use these, offering emotional support, while also referring victims to relevant organisations. As a single access point, it will provide information about local police and criminal justice proceedings, possibilities for compensation and insurance matters, and other sources of help for victims of crime.
- Overview of types of cybercrime by Europol
- The European Commission’s work on cybercrime
- The Council of Europe’s approach to cybercrime
- On cybercrime victimisation
- How to protect yourself from cybercrime, by the European Parliament
- Wikipedia page on cybercrime
- The prevalence of cybercrime across Europe