Cybercrime

Cybercrime motif image
Cybercrime
The internet and social media have become an integral part of our private and business lives. We have never communicated and done as much online as we do today. A target for criminals. On this website, the Recklinghausen Police Headquarters provides information about forms of cybercrime, gives tips on how you can protect yourself and what to do if you have become a victim online.

Computer crime - cybercrime - is directed against the assets of the potential victim or against the person themselves. Forms of computer crime include the distribution of malware, often with the aim of stealing data, online violence, sexualized violence, online fraud and digital blackmail.

In addition to commercial enterprises, private individuals are also the focus of cyber criminals. Children, young people and the elderly are particularly at risk because they are highly vulnerable.

Vulnerabilities due to security gaps in the computer system and personal online usage behavior are the main points of attack for criminals. The weakest link in the security chain is usually the internet user themselves.

 

Malware/data theft

Malware such as viruses or Trojans are transmitted via...

Drive-by download

The unconscious/unintentional downloading of malware by accessing prepared websites,

Drive-by exploits

The automated exploitation of security gaps such as vulnerabilities in the web browser or operating system without user interaction,
email download (opening infected attachments in the email) or

spear infection

targeted contact via personally addressed phishing or infection emails for the purpose of data theft.

Online violence

Online violence describes forms of digital violence in which the victim is deliberately belittled, blackmailed and threatened or attacked. These can be acts of violence that are recorded using a cell phone camera and published and disseminated via various (social media) channels.

Cyberbullying

Cyberbullying is the insulting, exposing, threatening or harassing of a person using a computer or smartphone over a longer period of time. Cyberbullying can include various criminal offenses - such as insult, defamation, slander, breach of confidentiality, stalking, coercion, blackmail and violation of the right to one's own image.

Cyberstalking

Cyberstalking is the continuous harassment and stalking in virtual space against the will of another person. This also includes sexual harassment.

Sexualized violence

Cyber grooming

Cyber grooming is the targeted initiation of sexual contact with minors via the internet. The perpetrators pretend to be children or young people of the same age in chats or online communities in order to initially gain the trust of the minors and then manipulate them. Their aim is usually to meet the underage victims in the "real" world and abuse them. The perpetrators can often persuade the minors to send them revealing self-portraits beforehand. These are then used in a blackmailing manner as a means of putting pressure on the minors to perform further acts.

Sexting (sex & texting)

The writing and sending as well as recording and sending of erotic/pornographic images or videos via digital media. Unauthorized forwarding of images with sexual content is sexual abuse and can be a criminal offence.

Child abuse

The spread of depictions of sexualized violence against children via chats, messengers and social networks has increased in recent years. Children and young people themselves also carelessly share such images and videos. Many are not aware that they are forwarding child pornography content. Others do not know how to react. The fact is: child pornography shows sexual violence against children. The dissemination of depictions of abuse is a crime. It is crucial to consistently report content. Every report helps to protect those affected. The "Soundswrong" campaign by the Police Crime Prevention Unit provides more information on this. See link under "More on this topic" on this page.

More protection for children online

Children and young people also use the internet every day to chat with friends or play games. However, children can also encounter content on the internet that disturbs or traumatizes them, such as depictions of violence or pornography. And there are other dangers. Among other things, paedophiles exploit the anonymity of the World Wide Web to make contact with boys and girls, particularly via social media, chat portals and video platforms. They have discovered the internet as a way to abuse child victims in front of the screen for their sexual fantasies of violence or arrange a meeting to then carry out this abuse in the real world.

Adolescents are sometimes completely unprepared for the strategies of the perpetrators.

Tips for parents:

  • Be a role model and help your child to navigate the world of the Internet safely.
  • Show an interest in your child's Internet activities and don't leave them alone with the Internet. Younger children in particular need adults to help them discover the Internet safely.
  • Familiarize yourself together with the technical handling and applications on the Internet.
  • Set rules for using the Internet, in terms of time and content, and make sure they are adhered to.
  • Inquire about your child's online friends, whether they are on social networks or in chat forums - take an interest in their virtual friends too.
  • Prepare your child for a possible confrontation with content that is harmful to minors, such as violence, pornography or racism, and agree with them to click away from such sites immediately.
  • Use the latest filter programs. These will help you to protect your child from content that is harmful to minors.
  • But also show them good children's sites and offers.


The following can indicate online dangers:

  • Your child meets people they have met on the internet.
  • Your child discloses personal data (telephone numbers, address, etc.) via the Internet.
  • Your child is in telephone contact with people you do not know.
  • Your child spends a lot of time online - especially at night.
  • Your child receives emails, gifts or packages from a person you do not know.
  • Your child switches off the computer or changes the program - whenever you come into the room.
  • You find pornographic images on your child's computer.
  • Your child withdraws from the family.
  • Your child uses Internet access that belongs to someone else.

You can find more information on this HERE.

In urgent cases, do not hesitate to call the emergency number (110)!
 

Online fraud

Phishing

The sending of fictitious emails or text messages as a supposedly trustworthy person or company with the aim of tapping into personal data (passwords, bank details, etc.) and carrying out criminal activities.

Smishing

Smishing is a form of phishing in which convincing phishing SMS/text messages are used to trick a potential victim into clicking on a link and sending private information to the attacker or downloading malware onto their cell phone.

Fake shops

Fake stores can also be used by online retailers to defraud online shoppers with so-called fake stores (fake internet sales platforms). The operators only offer their goods against prepayment, but do not deliver a product after payment or offer inferior goods at an inflated price.

Skimming

The English term "skimming" means "skimming" or "skimming off" and
refers to a method of illegally spying out electronic data from payment cards (debit and credit cards). This is done by manipulating cash machines, among other things.

Romance scamming

In so-called romance scamming, fraudsters seek contact with both women and men via the internet and pretend to be in a romantic relationship with them. In reality, they only gain the trust of their victims in order to get them to pay money in the end.

Cyber trading fraud

In cyber trading fraud, fraudsters lure potential investors online for supposedly lucrative investment transactions and trick them into paying money. Contact is primarily made via internet advertisements, social networks, calls from specially created call centers or mass emails. The money paid is not invested as promised, but disappears into the criminal network.

CEO fraud

In the "CEO fraud" scam, perpetrators try to manipulate people with decision-making powers in companies so that they transfer large sums of money abroad. The perpetrators pretend that the order comes directly from the head of the company (managing director or board member = Chief Executive Officer = CEO). This is a variant of so-called social engineering, in which the "human vulnerability" is exploited. The perpetrators usually proceed very cleverly by first obtaining as much information as possible about the company and its structures.

Investment fraud

Dream returns are promised in the shortest possible time - but there is often a rude awakening. Investment fraud is on the increase in the age of the internet. The damage runs into the millions. 

To avoid falling victim to these scams:

  • Don't be fooled by promises of high profits. A potentially high profit (return) is always associated with a high risk.
  • Do not allow yourself to be pressured into signing a contract.
  • Pay attention to the company headquarters. Dubious providers of investment products like to choose their registered office abroad, especially in overseas tax havens.
  • Read the general terms and conditions and ask specifically if anything is unclear. Also ask about asset protection.

How does the perfidious scam of online investment fraud work?

The first contact takes place when potential customers look for information about investment opportunities on relevant websites. Some websites are already fake and are only used by fraudsters to obtain user data and money. If investors then find a site they trust, signing up is just a small matter. To verify the customer data, the operators of the site then ask for photos of the identity card and the last heating bill, for example. The process appears to be legitimate, which is why potential customers comply with the request. Shortly afterwards, they receive a call from a supposed broker - often with a number from England. The broker also creates additional trust because he sounds like a professional. The effect is hardly surprising, because the alleged broker is trained in the field of capital investment. He talks shop with the investor and gets him to connect to his computer. The investor is shown a few tricks on their home screen - but at the same time, they open the door to fraudsters. Access to personal data from outside is now possible without restriction as long as the computer is connected to the network.

Customers are now deceived in various ways: While the fraudsters use the customer data to secretly acquire Bitcoins, which they store in anonymous wallets ("electronic purses"), investors transfer the first money that the brokers are supposed to work with - convinced by the investment strategy presented to them. It is not uncommon for only small amounts of money of perhaps 250 euros to be transferred at the beginning. Many investors are still unsure at first and only venture forward with great care, as their own capital is precious.

The fake brokers then contact the investors again and again. The fraudsters even show them on their home screen how the money they have invested has tripled after just a few days. However, this is a pure illusion. This money no longer exists in reality. And the illusion is maintained by further actions. Intoxicated by the initial increase in profits, some investors demand a partial payout, which in some cases is even granted. In this way, the fraudsters create further trust, as the procedure appears to be legitimate. Nobody is thinking about fraud at this time. Why should investors be paid out money if they are to be defrauded? The answer is simple: because they want more money from you. And unfortunately, many of those defrauded fall for it.

The seemingly serious nature, constant contact and apparent professionalism displayed by investment fraudsters tempt their victims to invest even more. This is what the fraudsters are waiting for - what they have been working towards all along. It is not uncommon for investors to transfer tens of thousands or even hundreds of thousands of euros in further steps. This also explains the high total loss caused by investment fraud, which often reaches a seven-figure figure.

Investigations are difficult in cases of investment fraud. The internet is fast-moving, and so are the fraudsters. Websites are quickly closed and can no longer be found. The known telephone numbers are usually issued to false personalities and therefore rarely offer a good investigative approach. At the same time, the fraudsters set up new websites and continue their perfidious scam.

Unfortunately, the supposed successes spread faster than the lost capital. New investors advertise their initial successes by word of mouth, sharing and recommending them to their friends, family and acquaintances. However, the shame they feel when they realize that they have lost everything prevents many from being open about it. Instead of warning others or contacting the police, they prefer to say nothing and keep a low profile. This is not unusual, it is human behavior. Nevertheless, we would like to encourage those affected to contact the police. Help us to prevent others from making the same mistakes.

The police advise:

  • Always be careful, with a certain amount of suspicion! The scams used by fraudsters are varied. Not every case is always the same. Fraudsters are also very inventive here. They also like to use a combination of familiar variants, such as the "shock call" and the "fake police officer". Similar combinations can also be found when it comes to investment fraud. For example, some fake a relationship or romance ("love scamming"), which is ultimately intended to persuade those involved to transfer or invest money. If those affected follow the suggestion, one thing is certain: the money is gone!


Further help on the subject of credit and investment scams can be found here: https://www.polizei-beratung.de/themen-und-tipps/betrug/kredit-und-anlagebetrug/

Credit fraud

Private credit brokers and dubious investment advisors are luring unsuspecting customers with false promises of easy loans without a credit report or investments with high returns.

In order to obtain a loan, false information is provided to the bank and, for example, income figures are embellished.

"Instant loan without Schufa", "even in difficult cases" or "without a credit check" - private credit brokers use these promises to attract customers. The problem is that loan brokers also have to contact a bank with your loan application. The bank will then decide whether to grant the loan on the basis of a Schufa report. If the Schufa information is negative, there is no loan. If the bank grants a loan despite a negative Schufa entry, it will cover the increased risk of default with correspondingly high interest rates.

Despite this, the credit broker naturally also charges fees: He is only entitled to remuneration if a loan has actually been approved and paid out as a result of his efforts.

Credit brokers may only demand reimbursement of so-called "expenses" if these were actually incurred and necessary in connection with the brokerage activity. This does not include costs for a home visit.

Tips from the police:

  • Be careful with offers from private credit brokers.
  • If in doubt, contact your consumer advice center.
  • Use the services of debt counseling centers if you have financial difficulties. These are available in every major city.

Find out more: https://www.polizei-beratung.de/themen-und-tipps/betrug/kredit-und-anlagebetrug/

Fraud attempt by telephone

Criminals are inventive in their choice of scams and are often rhetorically clever, highly manipulative and intimidating.

See also our article "False police officers and other scammers", which is linked on this page. It deals with scams that particularly target older people.

Fake Microsoft support scam

A caller pretends to be Microsoft support (or a representative of another company) and claims that your computer is infected with malware. He asks you to carry out actions on your computer, ultimately with the aim of gaining access to sensitive data.

Fake bank employee scam

An alleged bank employee calls and explains that unknown perpetrators have allegedly tried to transfer a large sum of money abroad from the victim's account, apparently without authorization. This process can be stopped as soon as possible. This requires "verification TANs" (transaction numbers), which the victim then receives by text message on their cell phone, among other things. The victim transmits the TAN verbally to the caller, who can then make transfers using access data to the victim's online banking account that has previously been spied on or purchased on the darknet.

Fraud scam "... Press 1"

Fraud scam by telephone in which the callers repeatedly pretend to be BKA employees (Federal Criminal Police Office). An introductory sentence is followed by instructions such as "Press 1" to provide ID card details in order to supposedly avoid a fine. In addition to being redirected to chargeable numbers, there is another danger: If citizens disclose personal data from their ID card, the perpetrators could use this data to order goods or commit other crimes using the victim's name and address. Do not follow the instructions. Hang up!

Call ID spoofing

Call ID spoofing is a fraud method in which a specific number appears on the caller's display - for example the actual number of a bank. This is intended to build trust with the potential victim. 
 

Digital blackmail

Ransomware

This is where malware gets onto the victim's computer and encrypts files and documents using cryptic processes. A ransom is then demanded, e.g. in the form of bitcoins. Access to the data should only be possible again once the ransom has been paid.

Sextortion

The term "sextortion" is made up of the words "sex" and "extortion". Sextortion is about sexual blackmail and is the threat to publish intimate information about the victim unless the victim pays the perpetrator money. The scammers get their victims to undress in front of the webcam and perform sexual acts on themselves. They then blackmail their gullible chat partners. The information can include excerpts from sexual text messages (sexts), intimate photos and even videos.

Have you been a victim of cybercrime?

Save evidence, e.g. by taking screenshots.

Report the incident to the nearest police station.

What should I do if criminals have access to my computer?

Close your connection to the Internet.

Clean your system. Use anti-virus software.

Avoid using logins on your computer until you are sure whether malware has been installed.

Change your passwords (see link to the "Make your password strong" campaign on this page).

If in doubt, reinstall the software.

Inform your bank or credit institution immediately. If necessary, have the credit card blocked.

File a report with the police.

Basic rules for safe Internet use

Make sure that the operating system, browser version and virus protection of your devices are always up to date. Update the software. Make sure your router settings are secure.

Carry out regular data backups on your system. Store these backups on external data carriers.

Only open attachments and follow links if they come from trustworthy sources.

Do not access websites from dubious providers and do not click on any advertising banners.

Be as careful (sparing) as possible with personal data on the internet and in social networks.

Be critical when making contact via social networks - even if this is supposedly from a friend's account. If in doubt, ask your "real" friends.

A certain degree of caution and mistrust is always required, for example in the case of "unwanted" contact from other people/institutions.

Lock your devices and user accounts for outsiders by consistently using effective passwords. The police's "Make your password strong" campaign explains how to create secure passwords that you can remember. The link to the campaign can be found on this page under "More on the topic".

When carrying out bank transactions, use two-fact authentication.

 

Keyword "hoax"

Trust your common sense and question the seriousness of the content and sender of emails that ask you to forward them or take other actions.
For hoax emails and chain letters: it is best to delete them immediately and never forward them.

Attempted fraud by telephone:

If you receive a call from a supposed employee of a computer service, software provider or bank employee asking you to take action on your computer or smartphone, simply hang up. Don't be intimidated by dubious calls.

See also our article "False police officers and other scammers", which is linked on this page. It deals with attempts to defraud older people in particular.

  • Do not be intimidated
  • Do not install any software that you are told to
  • Do not disclose sensitive bank details (e.g. transaction numbers - TAN) under any circumstances
  • If necessary, block your online banking account and change your access data

Take precautions at the bank:

  • Set up a block for international transfers
  • Set up a transfer limit from e.g. e.g. 1,000 euros per day

Further Information

Translated with DeepL.com (API Version)
In urgent cases: Police emergency number 110