NBT at Work, coaching, financial education, savings

What is Cybercrime?

Cybercrime are criminal activities carried out by means of computers or the internet. Cybercriminals use computers for illegal use to commit fraud, stealing identities or violating privacy.

Cybercrime Security Statistics

Did you know?

  • 95% of cybersecurity breaches are caused by human error - Cybint Security 2020
  • 165 Million compromised sensitive credentials are exposed - Statistica
  • 52% of consumers report they use the same password for multiple accounts - 2019 Google Security Report
  • Average cost per stolen record is $242 - 2019 IBM/Penemon Institute Study
  • 48% of malware is delivered by email - Symantic 2020 Threat Report

Cybercriminals use several scams to target unsuspecting people

Scams can happen on the phone, through email, the mail or over the internet. And they can occur in person, at home or at a business.

Common Types of Fraud

Ransomware is a type of malware (malicious software) that denies access to your system and personal information, usually by encrypting it, and demands a payment (ransom) to get your access back. -Sources: Crowdstrike, NBT.

Business Email Compromise, or BEC, is a cyberattack in which criminals send and email message that appears to come from a known source making a legimate request. The attacker attempts to impersonate someone you know by taking over their email account or spoofing your email domain with the goal of stealing money from you or your customer. -Sources: FBI, NBT

Credential Stuffing is a cyberattack in which credentials obtained from a data breach on one service are used to attempt to log in to another unrelated service. Credential Stuffing relies on the fact the many people reuse the same password across accounts. -Sources: Cloudflare, NBT.

Drive by Download attacks specifically refer to malicious programs that install to your devices — without your consent. The download is unintentional and does not require you to press download, click or open an attachment. -Source: Kaspersky

Tech support scammers want you to believe you have a serious problem with your computer, like a virus. They want you to pay for tech support services you don't need, to fix a problem that doesn’t exist. They often ask you to pay by wiring money, putting money on a gift card, prepaid card or cash reload card, or using a money transfer app because they know those types of payments can be hard to reverse. -Source: FTC

Remote access scams are related to tech support scams in that the scammer may call you to report a computer or internet problem that they can help you with. Their goal is to get you to provide remote access to your computer via a legitimate remote access tool such as TeamViewer, LogMeIn, Go-To-Meeting, or a similar remote desktop software. Once given permission to take over the computer, the scammer attempts to steal personal and financial information which can later be used to defraud the victim. -Sources: Biocatch, Anydes

Phishing is the practice of sending emails purporting to be from reputable companies to induce individuals to reveal personal information, such as passwords and credit card numbers. Most cyber incidents start with malicious emails.

What to Do if You Encounter a Phishing Attack:


  • Report to any party or individual.
  • Do not forward the email on.
  • Delete the email.


  • Use the Report as Phishing button in your email application.
  • Contact information security at your company.
  • Do not forward the email on to others.

Protect yourself from Fraud and Online Scams

  • Be careful of the information you share online and who you share it with. Don’t share numbers or passwords for accounts, credit cards or Social Security.
  • Never pay upfront for a promised prize. If you must pay fees upfront to receive a prize or windfall funds, it is a scam.
  • Too good to be true? If it is too good to be true, it probably is.
  • Do not provide personal confidential or banking information to anyone you meet online.
  • Report fraudulent activity.
  • Do not allow anyone access to your mobile banking or to make any transactions on your behalf.

Privacy & Security Risks of Social Media Networks

Six Ways to Stay Safe

  1. Secure each account with secure passwords.
  2. Be mindful of what you share.
  3. Check your privacy settings.
  4. Secure your accounts with two factor authentication.
  5. Think twice before clicking on links and installing apps.
  6. Never accept unknown connections or friend requests.

Close up view of person holding cell phone

What is Identity Theft?

Identity theft is the crime of obtaining the personal or financial information of another person for the sole purpose of assuming that person's name or identity to make transactions or purchases.

What to do if you are a Victim of Identity Theft?

  • Don't Panic
  • Contact Credit Card Bureaus
  • Monitor credit report -Review your credit report to ensure the information is accurate. Look for inquires you did not make; accounts you did not open and wrong amounts on current credit open.
  • Monitor bank accounts/ statements – Look closely for charges you did not make.
  • Pay attention to information received in the mail.
  • Report any fraudulent activity.

Did you know?

Did you know?

Did you know that it is important to check your credit report on a regular basis to ensure your information is accurate and rule out any possible fraud?

You can get a free annual credit report from all three major credit bureaus at

Prevent Identity Theft

  • Check your credit report regularly.
  • Shred unsolicited credit card applications.
  • Monitor your account statements for unauthorized transactions.
  • Follow up with creditors if your bills are missing.
  • Keep your Social Security cards and number in a safe location.
  • Do not respond to spam emails.

Best Practices

  • Build your cybersecurity awareness.
  • Report stolen or lost cards immediately.
  • Monitor your bank accounts daily.
  • Do not click on links.
  • Do change your passwords frequently.