We use cookies on this website. By using this site, you agree that we may store and access cookies on your device.

Cyber crime


The below details are correct at time of publishing, and are provided as guidance only. Seek legal advice from your solicitor where necessary.

The Internet has increasingly become a vehicle for people to post abusive and defamatory comments and material about others with little thought for the personal affect such material has on their intended victim. The anonymity provided by online social networking and file sharing forums removes social restrictions around saying or publishing without fear of consequence.

There is little restriction in Irish law around posting comments to social media unless the comments or their contents amount to harassment. In most cases comments that are offensive or hurtful are defamatory and not criminal in nature. In such cases the complainant should consult with a solicitor about any civil action that may be available to them.

Most social media services offer their users a method of lodging complaints about content Posted to their forums. This can be by using an abuse or a complaint email. Others have a reporting mechanism where the posting can be individually reported.

For postings to Facebook consult their help forum which contains a full list on how to report messages, threats or offensive material. The page can be found at https://www.facebook.com/help/181495968648557?helpref=faq_content

Google and YouTube have a similar facility which is explained and available at www.google.com/support/go/legal - all removal of material requests from all Google platforms.

All other requests for the removal of material and fake profiles from social media networks should be submitted to the network using their online reporting or complaints processes. This is not a definitive guide and is merely intended as assistance where complaints concerning abusive or false material on social networking platforms are received.

Where you believe you have been the victim of an online scam or fraud you should report it to your local Garda Station, and also use the online reporting service of the website or forum on which you were scammed. When reporting to your local Gardaí, bring copied of all emails, account details, copies of the advertisement of online posting and any other relevant information you may have.

Most users of the Internet will have fallen victim or encountered an online scam in which attackers attempt to obtain personal information such as logon profiles or banking details. In addition, users may have received emails offering them the change to share in a secret fortune or to claim their lottery win or tax refunds. These are some of the scams that circulate on the Internet and about which online users should be aware.

Complaints of online crime or those involving computers should first be made to your local Garda Station. The Garda Cyber Crime Bureau can also be contacted on 01 6663708.

It’s very likely you are experiencing a Ransomware attack. As a result of opening an infected email or an infected website, a virus or malware is downloaded to your computer which then encrypts the contents or locks the computer and prevents it from starting up. The computer then displays a message which demands payment of Bitcoins, an online currency, in order to obtain a release code to gain access to the computer again. Be careful about the sites that you connect to and if you don’t recognise the sender of an email, don’t open the attachment. Make sure you have up to date anti-virus and anti-malware protection installed and running on your computer.

This is a lottery scam and you should ignore it. If you didn’t buy a ticket then you didn’t win so don’t get caught. The email will say you just need to send a processors fee to an account or via western Union to receive your prize.

This is what is known as a ‘419 letter’. An email in broken or poor English is received and it states that the sender is the wife or representative of a decease foreign dignitary such as a President of a country or a company. He has left millions of Euros or Dollars in a bank account and the money is now frozen. The sender of the email asks for help is releasing the funds and tells their target that they were identified as a helpful and honourable person. They are offered a bonus for helping and a draft is sent which they are asked to lodge and send back a processors fee using Western Union or some other money transfer service. However the draft is forged or fake and the fee is lost.  

Advertisements for goods on sale or auction sites are often cloned after the original sale is complete. Details of the merchandise, photos and seller details are faked and offers to purchase are invited from other users of the site. When a person tries to purchase the goods from the ‘seller’ they are asked to complete the sale using a money transfer service instead of a secure payment service such as PayPal. Always use a secure payment service where refunds are guaranteed in the event of fraud and only purchase from reputable sellers. If unsure, walk away.

Call your friend to confirm they are in trouble or check with other friends. It is possibly a 'Help Me' email which typically involves a victim receiving an urgent message from a relative or friend saying they have been mugged on holidays and need urgent help. All their money and cards, as well as passport and mobile phone, have been stolen and they need urgent financial assistance until they get home. You are asked to send money using a money transfer service and they will repay you. You agree and the fraudster calls to an office of the service pretending to be your friend using fake ID purchased over the internet and withdraws the money.

This sounds like what’s known as ‘second change sales’. It happens when you are bidding on a product on an online auction or sale site but are unsuccessful. However you then receive an email from the person who states they are the seller and they have another similar item which they will sell you privately. You complete the process and transfer money to an account or using PayPal. However the seller is false and they have just noticed that you were bidding on the goods. Only purchase from legitimate adverts and don’t respond to communications which are off site or are unsolicited by you first.

You could be the target of a fake buyer. You advertise a product online on an auction site or similar and receive an offer from another user of the site. They are extremely interested in the goods. They are the winning offer and during the negotiations by email you receive a message from ‘PayPal’ or a similar service stating that the purchaser has lodged the required payment. You are asked to confirm you have sent the product but you soon realise the email is forged. PayPal never confirm payment by email.

This could be a phishing email. In this scam you receive a call from someone saying they are from Microsoft or they represent Microsoft and they are calling about problems with your computer. They ask you to go online and connect to a site or a link they give you. When you do they take control of your computer and clean the ‘problems’. However they are only deleting logs of everyday issues that exist on most computers or normal records. They then ask you for payment for doing nothing and may continue to take other payments from your card or account without your knowledge. In addition, they have access to your computer and its contents. Don’t respond and don’t entertain such calls.

You could be the victim of a card security breach. They will ask you to confirm your card details or your bank and then pretend to hang up. You dial your bank's number but the fraudster is still on the line and pretends to be from your bank. They ask you to confirm your account details and the PIN code for your card. If you do they now have all your details and proceed to use the card online. Ignore the call and report it to your local Garda station.

This is a CEO frauds/redirection mail online scam. A company finance officer receives an email which appears to be from the Chief Executive Officer saying that he is closing an important deal with a supplier and he needs a payment processed immediately. The deal is hush-hush and he is not able to discuss it but will reveal all when his meeting ends. He is not available but wants an immediate confirmation that the payment has been made. However the supplier has a new bank account into which the payment should be made. He supplies the account details of the new account. The tone of the email or the person’s position within the company suggests that the finance officer shouldn’t argue so the payment is processed. However the email is fake and the account has nothing to do with the supplier. By the time the fraud is noticed the money has been transferred out of the account. Always check email addresses for subtle differences such as Michael@domaine.com instead of Micheal@domaine.com and have an authentication process in place for changes in payment processes. If in doubt call the executive or wait.

A substantial increase in your telephone bill is an indication your company couldbe the victim of Private Automatic Branch Exchange (PABX) fraud. Detailed billing will assist in identifying any potential unauthorised calls, usually International calls but they can also be National telephone calls. Another indicator is where customers trying to dial, in or employees trying to dial out, find that the lines are always busy.

A PABX is a computerised system that manages an internal telephone extensions network.

It is a highly flexible system as it can provide access to telephone services by dialing into the system from outside the PABX network. This service is called DISA (Direct Inwards System Access) and if enabled it permits employees to route national and international calls through the PABX with the cost of these calls being billed to the owner of the PABX. Access to this service requires the use of a PIN. This can however be abused and may result in unauthorised calls costing thousands of Euro. Most PABXs have engineering and maintenance access codes. If this access code is compromised the attacker will have total control of the system.

If your PABX has voicemail and is DISA-enabled then it is susceptible to this form of fraud. To protect your PABX from this type of fraud, if DISA is not required ensure that it is disabled. If DISA is required, contact your PABX supplier or maintenance company, who can help you in configuring DISA properly.

  • Toll Fraud Audit - this service is provided by your PABX supplier or maintenance company.
  • Enable automatic logging of calls if available. This may help in identifying the extension number that is being used to compromise the PABX and it may also identify the source of the external call.
  • Regularly check the log records for repeated short duration calls to the same number. This could be an indication of an attempt to attack your system.
  • Activate PINs for voicemail, DISA and engineering access (if enabled) and change regularly.
  • If possible, remote engineering access should only be permitted on a ‘call back’ basis. This will prevent unauthorised access to this privileged account.

PABX Fraud is a criminal offence and in addition to reporting the incident to An Garda Síochána we would recommend that you contact your telecoms provider and your PABX supplier who will assist.

While this is not an exhaustive list there are some basic steps that can be taken to protect a company from online attacks and potential frauds. Ensure that your system is properly protected by Antivirus and Anti-Malware software and that they are up to date. Discuss needs with a system administrator or an external security company.

Ensure robust processes are in place for payment authorisations, in particular those involving any change to payee bank account details. This could include two step authorisation where a second member of staff must sign off on any change or confirm the request. Or it could require the person processing the payment to check with the CEO or other senior executive that the payment and change is authorised.

If large sums of money are being regularly transferred from company accounts, an account manager with your Bank may take a proactive role where changes are requested to payee account details.

All complaints of CEO or Business Email Compromise frauds should be reported to your local Garda Station. You should include copies of the emails, including header information, details of the new fraudulent accounts and confirmation that the change in account and emails were not authorised or legitimate.

The Garda Cyber Crime Bureau (GCCB) is the national Garda unit tasked with the forensic examination of computer media seized during the course of any criminal investigations. The unit also conducts investigations into criminal offences of a significant or complex nature including network intrusions, criminal damage to data and websites belonging to Government departments, institutions and corporate entities; and online crime including frauds, harassment or child exploitation.  The unit is part of the Special Crime Operations section of An Garda Síochána and is staffed by civilian personnel and Garda members of various ranks up to Detective Superintendent. Members of the unit undergo intensive training in the area of forensic computing and cybercrime investigations, and give expert witness testimony in all types of investigations and prosecutions in court.

The primary responsibilities of the bureau are:

• Investigate or assist other Garda units or members with the investigation of cybercrime or online offences. 

• The forensic retrieval and examination of digital evidence stored on computer storage media.

• Advise and assist investigators who encounter computer networks, including the internet, during the course of their enquiries.

• Provide training and crime prevention advice to law enforcement and associated personnel and government agencies concerning cybercrime and cyber-security.

• Liaise with international law enforcement, academic and industry partners in the area of cyber forensics, cybercrime and training.

• Provide public information on current cybercrime trends and online crime prevention advice.

The bureau also operates as the liaison for international cybercrime investigations in conjunction with partners including Europol, Interpol, the FBI and other law enforcement agencies. Bureau personnel maintains a representation at European level on a number of cybercrime expert groups and conduct training forums for local, national and international partners in conjunction with UCD, Europol and other agencies.