Cybercrime Investigation: Making the Internet Safer


The internet is a vast and largely unprotected space. You can easily access information and connect with people all over the world with just the click of button. However, this same ease of access also makes the internet a prime target for criminals. In response, organizations have dedicated resources to investigating cybercrime and are working to make the internet a safer space.

As the widespread use of the internet increases with advancements in technology, sophistication of cybercriminals is also on the rise. They are constantly devising new ways to exploit vulnerabilities in systems and target weaknesses in people and organizations to steal identities, money and classified information.

Organizations and individuals must be constantly vigilant in protecting themselves against these threats by having managed IT services to help secure their networks, keep up to date on security advisories and understand the proper procedures to follow in the event of a cybercrime. Aside from just having antivirus software and a firewall in place, it’s also important to have a comprehensive understanding of cybercrime and its various manifestations.

As a professional in the field of technology, you need to continually update your skills as the world of cybersecurity evolves to keep up with the latest threats. You can familiarize yourself with these skills by enrolling at St. Bonaventure University in a cyber security master’s program online to stay ahead of the curve. In this program, you will cover topics such as data security, network security and cryptography, among others. Most interestingly, the program offers the benefit of studying on your own schedule and at your own pace. Additionally, you will have better access to the latest technologies and resources as you network with other professionals.

What is a cybercrime?

The term cybercrime covers a wide range of criminal activities carried out using computers and the internet. It can encompass anything from stealing someone’s identity online to committing international fraud or hacking into a government system. In any cybercrime fraud, perpetrators will use technology to deceive someone else or misrepresent themselves in a bid to gain valuable information. For example, they may create a fake website or social media profile in order to steal someone’s personal information or money.

Cybercriminals commit crimes every day using the internet in order to make a profit or as part of a political agenda, but most cybercrime is financially motivated.

Here are the different types of cybercrimes:


This occurs when a cybercriminal tricks someone into revealing their personal information. The victim may mistakenly believe that they are visiting a trusted website, and will be asked to enter passwords or credit card numbers. This could allow the criminal to gain access to bank accounts, email addresses or passwords. If the criminals obtain this information, they can use it in a variety of ways to extort money or sell the information to other cybercriminals.

These attackers often impersonate trusted entities such as banks or trusted websites to steal sensitive information such as credit card numbers or login information. The attacks are relatively easy to carry out but can be very effective and carry significant consequences.

As cybercriminals become more common and sophisticated, phishing attacks are becoming increasingly difficult to spot. It’s important to be aware of the signs of a phishing email so that you can protect yourself and your money from these scams.

If copyrighted material is distributed online without permission, it is a form of copyright infringement. This mostly involves someone uploading copyrighted music or videos to a file-sharing site or downloading copyrighted material without paying for it. It could also involve the unauthorized use of creative works for another purpose. For example, if you download a movie or song from the internet without paying for it, you are infringing on an author’s copyright.

Computer hacking

Hackers use sophisticated software to hack into many different types of computers. They may also use computer viruses or worms to infect a device to create chaos and havoc while stealing valuable information. This can include sending out spam email messages or using another person’s computer indefinitely without permission. In either instance, the hacker can use their victims’ computers to send out spam, which generates ad revenues for the criminal.


This is essentially a form of cyber harassment with the intent to instill fear in the victim. The perpetrator may monitor email accounts, social media activity and other online activities to collect information about the victim.

In this type of crime, perpetrators use the information they obtain illegally on social networking sites to create false profiles and email addresses. They then use these profiles to send harassing messages. This can include sending threatening emails, posting pictures of the victim that the perpetrator thinks will cause problems, or actually following them using the internet and showing up at their home or place of work.

Identity theft

Identity theft involves gaining access to personal information, such as identity, address and financial information, and using it without the owner’s consent. This can include stealing someone’s identity on the internet and opening new accounts in their name. Using this information, cybercriminals can file a fake tax return to collect a tax refund. Perpetrators may also collect your social security number without your knowledge and use this information to open credit card accounts that they don’t intend to pay back.


Fraud is any intentionally deceptive act intended to make a profit or avoid prosecution. This can include:

  • Credit card fraud–  A criminal may use someone’s credit card number without their permission to make purchases or run up a large amount of debt in the victim’s name.
  • Online auction fraud– This includes bidding for items on an internet auction and then never paying for them or sending counterfeit funds.
  • Online scams– While most people know not to respond to emails from strangers, many people do and end up losing money. This is called email scamming and can include a variety of scams.
  • Investment fraud–  Scammers may make a fraudulent investment offer to get your money or gather information about you for future scams.
  • Pharma fraud–  Cybercriminals may send out misleading emails or post fake online advertisements for medications and distribute illegal or fake medicines.
  • Cyber extortion– This involves someone threatening to publish sensitive information on the internet if they are not paid a sum of money. They may threaten to post embarrassing videos, intimate photos or private information if they are not paid.

Cybercrime investigation

A cybercrime investigation is largely about finding evidence regarding a crime and convicting the perpetrator. This may include identifying the tools used, gathering relevant data from each device, relaying data between devices and potentially even tracking IP addresses. Depending on the crime committed, information may be collected from deleted files and computer storage media to determine exactly what happened.

The investigation may involve interviewing witnesses, the suspected perpetrator, victims and any witnesses to the crime. The investigator is responsible for gathering information that will be useful in court and tracking down those who committed or facilitated the crime. In some cases, investigators may need to obtain search warrants to access computers or other devices that may contain evidence of the crime.

There are many tools available for investigating cybercrimes. Software tools are used to preserve digital evidence such as pictures, emails and chat logs. These tools can also help track people who use false identities to commit a cybercrime:

Computer forensics

Computer forensics is the process used to obtain information from a network or computer to locate evidence of a crime. It involves gathering evidence from electronic devices such as computers or mobile devices or any type of communication device. In order to remove any evidence that has been deleted, investigators will use software tools to recover deleted data.

Network forensics

Network forensics involves obtaining information regarding the traffic that passes through a network of computers. It involves the investigation and analysis of all traffic generated by devices that have been added to the network. This includes gathering information from the internet or from any computers that are sharing the network. Investigators will use software tools and techniques to collect this data, but one tool that has proven very useful in cybercrime investigations is the Elcomsoft Sleuth Kit (ESK). ESK allows investigators to recover deleted data and examine files that have been encrypted using encryption tools.

Reverse engineering

Reverse engineering involves examining computer programs to discover how they function and how they are vulnerable to unauthorized access. It can also involve finding vulnerabilities in operating systems and helps in finding and identifying the vulnerabilities that criminals use to access networks, computers and other devices. The ability of investigators to examine programs that were written by criminals is often very useful when they seek to prosecute a case.

Cybercrime investigation techniques

The investigation of cybercrime requires the use of a range of skills and methods. The most common investigative techniques include:

Analyzing data storage systems

Data storage systems are used to allow computers to store and retrieve information. They are often used to store and manage email, databases and other types of files. These systems vary in size and complexity. Data can be stored in many ways, including on hard drives and removable storage media. Data that is deleted from this media may be recovered by using a software tool such as Forensic Toolkit (FTK), Forensic Tool Kit for Windows (FTK) or Command Deleted File Recovery (CDFR).

Network analysis

Network analysis is the process of examining the communication channels that exist between computers. Investigators may need to find evidence being sent between computers and networks, or they could be looking for evidence being sent to specific addresses or computers. Network analysis can provide key information by showing which files are being shared and where they are stored. This type of evidence is often called cyberspace activity.

Analyzing computer equipment

Investigators may need to analyze both hardware and software. Hardware may include hard drives, CD-ROMs, hard disks and cell phones that have been added to the network. Investigators may need to analyze the operating systems of these devices to find evidence of an active computer that is being used by the perpetrator. The software on these devices can also reveal evidence of a crime.

Detailed examination of mobile devices

Mobile devices can be used to send and store information that is being used in a crime. These devices are often handled by the perpetrator during the crime, so investigators need to have access to them in order to interrogate them. Investigators will often examine or retrieve information from mobile devices that contain evidence of a crime.

How to prevent cybercrime

As cybercrime is an important issue facing a large and diverse group of individuals. Several initiatives have been implemented by governments to increase the security of the internet and help prevent cybercrime. Attacks can happen to anyone, anytime and anywhere.

There is no guaranteed way of preventing cybercrime, but precautions can be put in place to reduce risk, such as:

Physical and digital security methods

There are some very effective measures you can use to prevent cybercrime. These include using physical security methods such as limiting access to spaces where data is stored, in addition to digital security methods such as anti-virus software, firewalls, malware protection and encrypting files. Encrypted files and folders are protected by passwords or by biometrics, which means that only authorized users can access the information. Encrypted digital folders also allow you to store your important information in one place instead of having it spread out throughout your computer hard drive.

Update software regularly

Another way to reduce the likelihood of cybercrime is to keep your software updated. Newer versions of operating systems and security applications are often designed to correct bugs and vulnerabilities that are present in earlier versions. This will protect you from viruses and malware that have been detected by antivirus companies. Updates also make your computer and other devices more secure by providing security through a layered defense that includes anti-malware and data encryption.

Follow cybersecurity guidelines and best practices

The number one rule for preventing cybercrime is to follow cybersecurity best practices and guidelines. This includes taking care of your devices by updating them, making sure your devices are secure and backing up your data. A secure password for any online platform should be at least eight characters long and should include a combination of numbers, uppercase letters, lowercase letters and symbols. Passwords should also be changed regularly and stored in an encrypted file to protect the sensitive information on your computer’s hard drive. Its also important to avoid using the same password for multiple purposes. Using unique passwords for various purposes helps protect your information in the event that your password for a particular site is compromised.

Manage your social media settings

You should manage your social media settings so you know what type of information is being shared with the public. This means that you should review which types of information are being posted to your wall or status. It is important to avoid oversharing on social media as cybercriminals frequently utilize personal information obtained in this way in their attacks.

Use two-factor authentication

Two-factor authentication (2FA) is an added layer of security that has been designed to prevent cybercrime. It requires the user to provide information from two separate sources in order to gain access. This method is recommended for users who want to add an extra layer of security to their online accounts. It can be used for social media accounts, email accounts, cloud accounts and is now frequently required to access online banking. With this type of security, cybercriminals will not be able to gain access to your account without the physical device that the code is sent to.

Don’t install software from unsolicited emails

Some malware is delivered in unsolicited emails, avoid installing software from unsolicited emails especially if it has been sent from a suspicious source such as an unfamiliar email address or website. Suspicious emails can include malware and viruses that can infect your computer and steal sensitive information. These emails will often look as if they are from a legitimate company.

Fighting cybercrime is everyone’s responsibility

Cybercrime costs billions each year and has grown significantly in the last 20 years. According to Statista, it is estimated that the cost of cybercrime could reach $20tn in the next five years. Cybercriminals are often looking for ways to exploit vulnerabilities in computer software or hardware in order to steal data. There is no sure way to prevent all cybercrime, but by using cybersecurity best practices, you can reduce your risk of becoming a victim of cybercrime.

Cybercrime has caused wide-ranging problems, as criminals have learned how to take advantage of new technologies and exploit them to their advantage. Cybersecurity experts will need to continue looking for ways to improve cybercrime prevention in the coming years. Enjoy the benefits of this increasingly in-demand career by enrolling in a course on cybersecurity that will help you learn what steps you should take to keep both your own devices safe and those belonging to other organizations.