Cybercrime links and resources

By region

Global

  • CERT Coordination Center

    • CERT/CC, the Computer Emergency Response Team Coordination Center, is operated by the Software Engineering Institute of Carnegie Mellon University, in Pittsburg USA, and provides a central co-ordination center for the global network of Computer Incident Response Teams (CSIRTs). CERT also carries out research, gathers data on software vulnerabilities and security issues, and provides information and resources for security researchers, administrators and educators.

  • FIRST

    • The Forum of Incident Response and Security Teams is a global association of CSIRT and CERT bodies aimed at promoting international co-operation. As well as providing online services and best practice documents, FIRST runs an annual conference and other meetings around the world, bringing security experts in contact to foster information sharing.

  • Inhope - International Association of Internet Hotlines

    • Primarily focused on illegal content, particularly child pornography, Inhope provides links to a number of regional reporting hotlines around the world, here.

  • Interpol

    • The international organization of police forces provides some information on high-tech crime here, but currently offers no centralized reporting system for the public.

  • eConsumer.gov

    • A cross-border project combining the efforts of consumer protection agencies from 21 countries, eConsumer.gov provides links to consumer protection systems in its member countries, as well as a centralized reporting system connected to the US Federal Trade Commission (FTC).

  • Organisation for Economic Co-operation and Development (OECD)

    • The global economic forum provides guidelines for consumer protection online here.

  • Scambusters

    • Site providing information, resources and tips for avoiding online scams and fraud.

  • Virtual Global Taskforce

    • An association of global law enforcement agencies working together to fight online child abuse.

Africa & Middle East

  Tunisia

  • CERT-TCC

    • The Tunisian CSIRT, CERT-Tcc is operated by the National Agency for Computer Security (ANSI), and provides the usual CSIRT services of incident alerting, vulnerability research and reporting, and educational resources. The organization's reporting system is here.

Americas

  • High Tech Crime Investigation Association

    • The International High Tech Crime Investigation Association (HTCIA) is an association fostering sharing of information and knowledge related to online crime, with membership including law enforcement officers, prosecutors and senior security staff within private industry. The association runs local chapters throughout the US and Canada, with some worldwide representation.

  Argentina

  • ArCERT

    • The Argentinean CERT provides information and services for security needs, including a free firewall for Federal institutions, alongside centralized incident reporting and data gathering.

  Brazil

  • Computer Emergency Response Team Brazil

    • Maintained by Brazil's NIC/Internet Steering Committee, Brazilian CERT co-ordinates and supports local CSIRTs and provides centralized information, resources and alerting systems.

  Canada

  • Cybertip

    • Operated by the Canadian Centre for Child Protection, Cybertip is a national tipline for reporting online exploitation of children. They provide a reporting system here.

  • Industry Canada

    • Industry Canada's Office of Consumer Affairs provides some information on spam, scams and fraud here.

  • Public Safety Canada - CIRCC

    • Canada's CSIRT, hosted by the government's Public Safety department, is the Canadian Cyber Incident Response Centre (CCIRC). The Centre provides vulnerability and outbreak alerts, information and resources for maintaining security of critical infrastructure, and a contact page for major incidents here. The general public is encouraged to report minor incidents to local police or the RCMP.

  • The Royal Canadian Mounted Police (RCMP, aka Gendarmerie Royale du Canada)

    • The RCMP provides detailed information on various types of fraud and identity theft, here, and runs a fraud-reporting system dubbed RECOL (or SEDDE in French), with a website here. RECOL accepts reports of any form of economic crime including online fraud and crime, and offers an online reporting system, which requires site registration.

  Chile

  • CLCERT

    • The Chilean CERT organization provides the usual data-gathering, alerting and training services, as well as a humour page on its website.

  Mexico

  • UNAM-CERT

      • Mexico's CERT is based in a national university, offering research and education resources, reporting systems and alerts.

      US

    • Department of Justice Computer Crime and Intellectual Property Section (CCIPS)

      • The DOJ runs a website featuring information on cybercrime, with reports of recent cases, analysis of internet use ethics, and information and advice for law enforcement and prosecutors.

      Its also provides a categorized list, here, of whom to contact in the event of various types of cybercrime, in most cases a local FBI office, the US Secret Service or ic3.gov (see below).

    • Electronic Crimes Task Force

      • The US Secret Service operates a number of regional task forces, with a central online presence at ectaskforce.org. The network of task forces interact with academia, local law enforcement and private industry to share resources and knowledge to help combat electronic crime and fraud.

    • Federal Bureau of Investigation (FBI)

      • The FBI's site carries some information on internet fraud here. Contact details for local FBI branch offices can be found here, and complaints can be filed online via the Internet Crime Complaint Center (see below).

    • Federal Trade Commission (FTC)

      • The FTC has achieved some success in prosecuting spammers, phishers and other online criminals.

      Spam can be forwarded directly to spam@uce.gov. Alternatively, a secure form for filing a complaint about spam can be found here. A similar form for filing complaints relating to identity theft is here, with a microsite dedicated to ID theft here.

      The FTC also accepts complaints of cross-border internet crime, via another form here on eConsumer.gov.

    • ForensicExams.Org

      • ForensicExams.Org is a website providing information on computer forensics, contact lists for forensics experts and forums for sharing insight and information on many areas of forensics.

    • Forensic Focus

      • Resources, forums and email newsletters for the computer forensics community.

    • Internet Crime Complaint Center (IC3)

      • The Internet Crime Complaint Center (IC3) is a joint initiative between the FBI and the National White Collar Crime Center, designed to serve as a central reporting system for cybercrime, redirecting complaints to the appropriate body or agency.

      IC3's online complaint-filing system starts here.

    • National Association of Attorney Generals (NAAG)

      • The National Association of Attorney Generals (NAAG) maintains a web page here providing information on legal aspects of cybercrime, with training and advice including a regular newsletter aimed at prosecutors involved in cybercrime-related cases. A list of cybercrime contacts is also available here.

    • National Consumers League Alliance Against Fraud

      • Supported by the non-governmental, non-profit consumer organization NCL, Fraud.org offers information and advice on online fraud and scams and an online reporting system here.

    • StaySafeOnline

      • Primarily an advice site, StaySafeOnline offers tips and FAQs for avoiding online fraud and malware attacks.

    • US-CERT

      • The United States Computer Emergency Readiness Team (US-CERT) is a partnership between the Department of Homeland Security and the public and private sectors, designed to protect internet infrastructures and respond to cyber attacks.

      A secure form, here, allows reporting of unauthorized system or data access, denial of service etc. Reporting guidelines for representatives of federal agencies are here.

      Phishing reports can be sent by email to phishing-report@us-cert.gov - detailed instructions on the information required can be found here.

      Information on software vulnerabilities can be sent to cert@cert.org (cc to soc@us-cert.gov).

    Asia-Pacific

    • Asia Pacific Computer Emergency Response Team (APCERT)

      • The Asia Pacific Computer Emergency Response Team (APCERT), a network of regional CSIRT and CERT bodies as well as other security experts, fosters co-operation and information sharing within the region and with other global bodies, and provides support in cases of major attacks affecting the region as a whole.

      Australia

    • AusCERT

      • AusCERT, Australia's Computer Emergency Response Team, provides the usual information and alerts on emerging attacks and threats, and offers an online incident-reporting system here, including details of how and what to submit. AusCERT accepts both reports of attacks targeting networks within Australia and reports of attacks coming from networks within the country.

    • Australian Federal Police (AFP)

      • The AFP, the pan-Australian law enforcement agency, provides some advice on various types of online crime, along with links to the agencies best placed to deal with each type, here.

    • Australian High Tech Crime Centre (AHTCC)

      • The Australian High Tech Crime Centre (AHTCC) supervises and co-ordinates law enforcement on high-tech issues, including liaising with local police units and international contacts. The AHTCC's website provides a range of information for both law enforcement representatives and the public, and has reporting systems for computer intrusions and DDoS attacks, here, and suspected incidents of malware creation, here.

    • NetAlert

      • NetAlert is a government-run initiative fostering a safer internet for children and families. The website offers advice and information as well as free content filters.

    • SCAMwatch

      • A joint operation between the Australian Competition and Consumer Commission (ACCC) and the Australasian Consumer Fraud Taskforce (ACFT), the SCAMwatch website provides advice and a list of resources for reporting online scams and fraud, generally directing victims to local consumer rights bodies in the case of scams, and to local police in reference to fraud and theft. A contact list is here.

      China

    • CNCERT/CC

      • Run by the Chinese Information Industry Ministry's Internet Emergency Response Co-ordination Office, the Chinese CSIRT control centre provides all the usual incident and vulnerability reporting and alerting services, along with other data-gathering and sharing functions, providing training and educational resources etc. An annual conference is also held, providing a forum for information sharing between security experts from government, industry and academia. An English-language version of the website is here.

      India

    • CERT-IN

      • The Indian Computer Emergency Response Team provides incident and vulnerability reporting and alerting services, along with other data-gathering and sharing functions, providing training and educational resources etc. CERT-IN maintains an incident-reporting system here and vulnerability reporting here.

      Japan

    • Internet Hotline Center Japan (English version here)

      • Japan's Internet Hotline system provides a centralized reporting system for all online issues. Public reports are accepted on any matter relating to computer abuse, and forwarded to police forces in criminal cases, to ISPs if sites need removing, to blacklist systems to provide filtering of content, and to agencies such as INHope for global illegal content matters. The website provides various means of contacting the Internet Hotline, including a form for use on mobile devices.

    • JPCERT

      • Japan's CSIRT carries out the full range of research, education, co-ordination, and alerting activities. English-language details of their reporting requirements are here, with a form for Japanese speakers here.

    • National Police Agency

      • The central Japanese police force urges all victims of phishing to contact their local police force, via telephone or email, and also provides an email address to contact them directly in cases of online fraud - netfraud@npa.go.jp.

      New Zealand

    • Centre for Critical Infrastructure Protection (CCIP)

      • The Centre for Critical Infrastructure Protection (CCIP) is New Zealand's CSIRT. Although focused on incidents affecting important systems, the community is encouraged to report all incidents of network attack, intrusion, hacking and data theft as well as software vulnerabilities. Details of report formats and a contact email address are here.

    • NetSafe

      • NetSafe is an internet safety group that provides information and education on cyber safety for all New Zealanders including children and businesses. As well as covering legal and safety aspects, NetSafe provides a brochure with advice on different types of online incidents and where they can be reported.

    • New Zealand Police

      • The New Zealand Police provides a range of information and advice on online crime here, and on spam and online scams here. A detailed guide aimed at victims of cybercrime is provided here, to help ensure that adequate data is gathered on web-based attacks and fraud.

    • ScamWatch

      • Run by the Ministry of Consumer Affairs, ScamWatch is an online service providing information on known scams, with tips and advice for avoiding fraud and theft online. An online form for reporting scams targeting New Zealand citizens is provided here.

      South Korea

    • KRCERT

      • The South Korean CERT provides research, monitoring and alerting on security incidents and software vulnerabilities. Its website, with English and Japanese versions available, provides a range of resources including FAQs, links to useful tools, and legal information. It provides a dedicated contact address for phishing reports, phishing@certcc.or.kr.

    Europe

    • InSafe - SaferInternet.org

      • A European Union-funded site linked to Inhope, providing advice and information for safe internet use with a focus on children.

    • TF-CSIRT

      • TF-CSIRT is a cross-Europe task force bringing together regional CSIRT and CERT bodies to foster debate and information sharing, also providing resources for setting up new local CSIRT bodies.

      Denmark

    • DK-CERT

      • The Danish CSIRT provides central reporting, alerts and information, support and resources related to computer security incidents, vulnerabilities and network penetrations.

      Finland

    • CERT-FI

      • The Finnish CSIRT organization aims to 'promote security in the information society by preventing, observing, and solving information security incidents and disseminating information on threats to information security'. CERT-FI welcomes reports from public and private organizations and individuals on security incidents and threats, and expects telecommunications bodies to report all such incidents. The site is also available in Swedish and English.

      France

      Germany

    • CERT-Bund

      • Germany's CSIRT organization is maintained by the federal information security ministry, which provides a number of security functions including product certification and penetration testing, alongside central research and reporting systems.

      Hungary

    • CERT-Hungary

      • CERT-Hungary is a government-run security centre providing support to public, business and civil sectors and acting as a knowledgebase for both IT professionals and the public. It operates the usual range of reporting and alerting services, educational resources etc.

      Netherlands

    • GOV-CERT.nl

      • The Dutch government CERT operates a series of knowledge-exchange systems, providing support, advice and a central reporting point for IT security and malware issues, as well as running an annual symposium.

      Norway

    • NorCERT

      • NorCERT is Norway's central CERT body, providing co-ordination and information-pooling services for information security matters and incidents.

      Spain

    • IRIS-CERT

      • IRIS-CERT is the security arm of RedIRIS, the Spanish National Research Network. It is aimed at the early detection of security incidents, as well as co-ordinating incident handling.

      Switzerland

    • Reporting and Analysis Centre for Information Assurance - MELANI

      • MELANI is a coordinated effort between GovCERT.ch, the Service for Analysis and Prevention of the Federal Office for Police Matters (FOP) and the Federal Strategy Unit for Information Technology (FSUIT). MELANI provides information on online threats and protection measures and an online form for reporting cybercrime. Site available in German, French, Italian and English.

      UK

    • BankSafeOnline

      • BankSafeOnline provides information and advice to minimize risk involved with online banking, including spotting common types of phish. Phishing mails can be forwarded to reports@banksafeonline.org.uk - details of how to report are here. Advice can be requested from this address: advice@banksafeonline.org.uk.

    • Centre for the Protection of National Infrastructure (CPNI)

      • The UK's CSIRT body, the CPNI, provides resources and information on serious computer security threats. For serious cases involving terrorism or threats to critical infrastructure, the online presence of the CPNI is here.

    • Consumer Direct

      • Consumer Direct is an initiative funded by the UK government's Office of Fair Trading, offering information and advice on consumer issues. A scam-reporting system is provided here.

    • CrimeStoppers

      • CrimeStoppers is an anonymous crime-reporting system. No online reporting is offered in order to ensure anonymity, but a phone number is provided on the website. The organization does not have a specific cybercrime focus, but accepts reports of all forms of crime.

    • GetSafeOnline

      • GetSafeOnline is primarily an advice site, offering tips and FAQs for avoiding online fraud and malware attacks.

    • Home Office Identity Fraud Steering Committee

      • The Home Office provides a website with advice on identity theft for both the public and businesses.

    • Office of Fair Trading (OFT)

      • The OFT provides some information and guides on recognizing and avoiding various types of scams here.

    • New Scotland Yard/Metropolitan Police

      • The police force mainly responsible for London provides information on cybercrime here. Reports of illegal online content (of a specifically obscene or racist nature) are referred to the Internet Watch Foundation (IWF) here. The Met also offers a fraud contact address for possible fraud victims and investigators - details are here, email fraud.alert@met.police.uk. In most cases visitors, including victims of internet auction fraud, are directed to report initially to local police forces. Virus reports are referred to private security companies (links are provided).

    Quick Links

    Poll
    The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
    Yes
    No
    I don't know
    Leave a comment
    View 11 comments

    99 Subscription Promo

    Malware Prevalence
    Autorun |#######|
    Encrypted/Obfuscated |#####|
    Heuristic/generic |#####|
    Sality |####|
    Zbot |####|
     View this month's full report

    Virus Bulletin currently has 224,238 registered users.