What are Cybercrime Investigations?

Identity theft and cybercrimes are a persistent and prevalent problem in the U.S., and throughout the world. The Bureau of Justice Statistics (BJS) reported that, in 2012, identity theft cost Americans $24.7 billion, which is $10 billion more than all other property crimes combined. Household burglary, motor vehicle theft, and property theft totaled just $14 billion during that time.

Total losses for identity theft included both direct losses (money acquired by using a victim’s personal information or account information) and indirect losses (other costs associated with identity theft, such as bounced checks and legal fees). The BJS reported that about 85 percent of all incidences of identity theft involve the fraudulent use of existing accounts.

Identity theft and other cybercrime cases continue to increase in frequency, thereby spurring the need for comprehensive and well-established cybercrime and identify theft investigative units/divisions within state, city and county police departments.

Identity theft investigative units are often organized at the state level, with these units coordinating efforts with similar units at the local level. Although many police departments have cybercrime units, these are typically task forces that serve under state and federal law enforcement agencies.

Investigating Cybercrimes

Cybercrimes investigative units perform a number of functions:

  • Computer forensics
  • Child exploitation investigations
  • Fraud investigations
  • Internet Service Provider complaints

Cybercrimes investigation units also conduct complex analyses and retrieval of evidentiary information from digital sources that are seized during investigations of everything from fraud to homicide crimes. They also conduct child exploitation investigations, which are often times organized through interagency national/state task forces.

Fraud investigations may encompass an array of crimes, including:

  • Unauthorized access
  • Pornography
  • Intellectual property theft or misuse of information
  • Theft of services
  • Forgery
  • Invasion of privacy
  • Denial of services
  • Viruses
  • Sabotage
  • Embezzlement
  • Espionage
  • Terrorism

Investigating Identity Fraud

Identity theft and identity fraud are general terms for all types of crime in which individuals obtain and use a victim’s personal data for fraud or deception. Identity theft is most commonly done for economic or financial gain.

Identity theft criminal investigators are often responsible for conducting investigations into a wide array of identity theft crimes, including:

  • False applications for loans and credit cards
  • Fraudulent withdrawals from bank accounts
  • Fraudulent use of telephone calling cards
  • Obtaining goods or privileges using another name

The Investigative Process

Identity Theft – The majority of identity theft investigations are performed in more than one jurisdiction. The detective begins the investigative process by completing a number of steps:

  • Obtaining all relevant information from the victim, including their date of birth, Social Security number, email address, a copy of their credit report, account numbers, when and how the fraud was discovered, and a chronological log of the victim’s actions since discovering the fraud
  • Determining the motive through a detailed interview with the victim
  • Examining all financial and credit bureau documents
  • Contacting all appropriate federal, state and local agencies, including:

    • Federal Bureau of Investigation
    • Postal Inspection Service
    • Social Security Administration
    • Bureau of Immigration and Customs Enforcement
  • Developing informants from potential suspects during the investigation
  • Seeking state and federal RICO statute investigations
  • Obtaining federal cooperation and funds
  • Using forfeiture statutes to gain access to financial records

Cybercrime – Cybercrime investigations involve a number of coordinated efforts, with the Federal Bureau of Investigation leading the charge. The FBI investigates any number of computer-based high-tech crimes, including cyber-based terrorism, espionage, computer intrusions, and major cyber fraud.

State Attorney General Offices, which also typically have large cybercrime investigation operations in place, are responsible for investigating and prosecuting complex criminal cases involving digital evidence and the forensic examination of digital evidence. These state-led efforts also develop shared training resources and encourage collaborative efforts between law enforcement agencies.

There are many city police departments who also employ their own team of computer forensics experts and experienced investigators to go after cyber criminals.

The process of investigating cybercrimes includes:

  • Taking a citizen complaint
  • Locating the IP address of the suspect
  • Gaining access to the IP address of the Internet service provider through warrant, subpoena, or court order
  • Contacting the appropriate authorities to handle the suspect outside of the jurisdiction
  • Seizing the suspect’s computer and hard drives, which are then used by computer forensic specialists to conduct a forensic examination

Training Requirements for Identity Theft and Cybercrimes Investigative Jobs

Workshops and training programs focused on identity theft and cybercrimes, which are often organized at the state level, are commonplace requirements for law enforcement personnel. For example, training in identity theft usually involves providing investigators with the newest investigative techniques, resources, and victim-related issues.

Topics within identity theft training programs include:

  • Legal issues involving identity theft
  • Law enforcement response to identity theft
  • Seizing digital evidence in identity theft investigations
  • Victim-witness issues and resources

Cybercrime training provides investigators with an in-depth understanding of the sophisticated challenges facing law enforcement and provides them with the latest information regarding tools available to police and forensic investigators. Training programs therefore often include topics such as:

  • Basic evidence recovery
  • Basic forensic analysis of computers involved in investigations
  • Cybercrime response
  • E-commerce crimes
  • Hacker behavior
  • Storage forensics

Back to Top