What is cybercrime?

Hacking

An attacker (hacker) breaks into a computer system and accesses information that was meant to be private. The hacker may gain entry by stealing someone's password or take advantage of weaknesses in the system's security defences.

Ransomware

A type of software virus that locks or encrypts all or part of what is on your computer. The attacker then demands a sum of money (ransom) from the computer's user. The attacker often demands that the ransom be paid in a form of digital currency like Bitcoin, which is difficult to trace.

Distributed denial-of-service (DDoS)

A type of massive online attack intended to make a service unavailable to ordinary users. The attacker can block the service itself or the resources on one or more systems leading to the service. By flooding the target system with large numbers of requests, the attacker stops it being able to work properly. Eventually, the target system crashes completely.

Read more about different types of fraud on the ØKOKRIM website, including CEO fraud, invoice fraud and dating fraud. You will also find advice on how to protect yourself.

It is important to report any incidents of cybercrime to your local police. The police will decide whether to investigate the case. Cybercrime is difficult to investigate. But although your case may be shelved quite quickly, it could still be reopened at some point in the future. That is why we think it is important to register all cases of cybercrime along with all the supporting documents you can provide.

  • Individual cases could become part of a larger investigation in the future – in Norway or abroad.
  • Taken together, separate cases could provide important information that might help put a stop to the criminal activity.

Computer technology and the internet play an important part in almost all criminal activity. They have provided both new opportunities for crime and new tools to carry it out. But computer technology and the internet have also provided new sources of evidence to secure a conviction.

Technology as the scene of crime

Some criminal acts are directed at a person or organisation's technology, infrastructure or internet use. This includes hacking, software viruses and denial-of-service attacks. When it comes to cybercrime, the technology has become the scene of crime.

Technology as the criminal's toolkit

Some criminal acts are carried out using the internet or computer systems. This includes the sale of narcotics, the distribution of child sexual abuse images, as well as online harassment and threats.

Technology as a source of evidence

In some cases, the internet and computer systems are not used to carry out a crime, but to solve it. This includes investigations into theft and violence. The police must often search for clues and evidence online. They might be able to find communications between criminals on social media, for example. Or they could find a log of online searches, which shows that a suspect planned someone's murder in advance.

Report cybercrime

Do you want to report the crime? Report to the local police. The form beneath can be used as a guide before contacting the police.

Contact your local police force

Your position
  1. Your position
1 Results are available. Use keyboard or swipe to navigate.

Guidance form

Attach documentation

It is important that relevant documentation in the form of logs, emails, images etc. are submitted with the case. Deliver the guidance form and the documentation to your local police force when you report the crime.

How to avoid becoming a victim of cybercrime

The very most important piece of advice we can give you is that you should not open unexpected attachments. If you receive an attachment, read the email again. And again! Is it in broken Norwegian/English? Does the sender have a plausible reason for sending it? Above all, do not try to find out what it is about by opening the attachment, since the very act of doing so may trigger the installation of malware on your computer.

The police hear about many emails that appear to come from the postal service, DHL, the tax authorities or the like. The contents may vary, but the actual information is often scant and you are asked to open the attachment to learn more. In such cases, the sender is posing as a respectable company in order to tempt you to open the attachment.

Another way to trick you is to send you an email asking you to click a link. The mail might appear to come from your bank, telling you to renew your password. If you open the link and enter your password, you are actually giving your password to the criminal who sent you the fake email. No respectable bank will ever send you such a message unless you asked it to.

If you are uncertain about an email or an attachment, the safest thing to do is to ignore it. No damage is done if you fail to open the attachment or click the link. Alternatively, you could get in touch with the company in question to ask whether it sent the email.

On the website www.phishingquiz.withgoogle.com you can test how good you are at detecting whether the email you have received is authentic or a scam. Google has taken part in designing the test. The test is hard, and it shows how smart criminals can be.

Many of you have received phone calls from people claiming to represent Microsoft or some other major company, telling you that your computer is in trouble and offering to help. All he or she needs in order to do so is your password and access to the computer. Ten out of ten times, this is a scam and nothing but a scam. Somebody wants to steal information from your computer. No respectable company will ever ask for your password, or for access to your computer.

Is there something odd going on when you try to log in to your bank? Are you getting an error message telling you to wait a few minutes and try again? If so, an attempt is probably being made to trick you. Call your bank to find out what is going on and ask whether you have been directed to a fraudulent website trying to steal your user name and password. Do not wait to call! Every minute could matter.

Use good passwords and different passwords on important sites. If you have unique passwords everywhere, they will become impossible to remember

Nettvett.no shows you how to make strong passwords that are easy to remember: www.nettvett.no/passord

Make sure your computer is updated at all times. Update your operating system, usually Windows, macOS, iOS or Android. Use antivirus software and keep it up to date. There are plenty of good, free antivirus programs that you can download. You might also ask whether your employer provides antivirus software.

Keep backups of files you do not want to lose, such as photos and important documents. Store copies of them with a cloud service or on an external hard disk.

Free networks (Wi-Fi) that do not require passwords in public areas such as airports or cafés require caution. Setting up a fake network is easy and whoever does so can monitor the websites you visit, the content of emails or messages you send, and information about your mobile phone and other devices.

You should therefore avoid logging into websites and services to which you have passwords when you are using a public WiFi. Be particularly cautious if you use the same password for many sites.

Mobile data/4G is safer than public Wi-FIs.

If you receive an email which tells you something that is too good to be true, it is just that: untrue. Money is never for free. You will not have won on a lottery ticket you never purchased. Job offers promising a lot of money for doing very little are only attempts to trick you, even if they seem convincing.

Have you received an email informing you of video footage of you visiting a web site with adult content? The sender has maybe threatened to send it to your family and friends unless you pay (for instance in bitcoins). Maybe the email even includes a password you have used, and the email may even appear to be sent from your own address. All of this is just a trick! The email has been sent to hundreds and thousands of randomly chosen addresses. This is nothing but spam that you can safely ignore.