3.6 Crimes relating to social engineering - Recommendations
- Law enforcement should focus on targeting botnets spreading spam, taking them down where possible in close cooperation with the private sector. Take-downs result in disrupting core infrastructure used to conduct a variety of cybercrimes, denying sources of income and further growth for the whole cybercrime community.
- Law enforcement should develop working relationships with both global and national webmail providers and social media with a view to exchanging relevant information, considering using EC3’s relationships with these entities to the full extent.
- Law enforcement should decide whether and how to record high volume yet extremely under reported crimes such as spam or phishing. The Anti-Phishing Working Group (APWG) could be consulted in relation to technical aspects of the reporting model for these types of crimes.
- As law enforcement cannot cope with the volume of internet scams , it is advisable to prioritise the use of scarce resources in conjunction with EC3 to tackle high impact criminal campaigns.
- Law enforcement should establish relationships and two-way communication with the national organisation(s) running national anti-scam or anti-phishing campaigns or create such initiatives if no such organisation exists.
- Law enforcement should use available communication platforms including social media to highlight the latest threats and scams to the general public. This will not only enable the quick dissemination of information but also interaction with the public, and has the potential to strengthen community relations.