Cyber Crimes Unit
The Cyber Crimes Unit (CCU) is composed of State Police enlisted detectives and civilian personnel. The unit has two squads that conduct and assist with cyber-related investigations and focus on providing technical investigative assistance, e.g. computer forensics. Listed below are the responsibilities of the Cyber Crimes Unit.
Contact the Cyber Crimes Unit: (609) 584-5051 ext. 5664
Cyber Crimes Unit Responsibilities
The mission of the Cyber Crimes Unit is to conduct and assist in investigations where computers, networks, telecommunication devices, and other technological instruments are the vehicle or target for the commission of criminal acts against network resources critical to the function of corporate or government entities. These vehicle or target intrusions lead the unit to specialize in the investigations of:
- Suspicious Network Traffic
- Computer Intrusions
- Data Theft
- Online ID Theft
- Unlawful Access
- Account Hijacking
- Cyber Terrorism
- Cyber Stalking
- Internal Compromises
- Social Networking/Email Account Intrusions
- Romance Scams
- Business Email Compromise
- Cryptocurrency
Training is provided for State Police enlisted and civilian personnel, and other law enforcement agencies throughout the state regarding network intrusion-related crimes and their impact on government and business. Additionally, training is provided to civic, business, and educational organizations regarding computers and safety on the Internet.
Corporate outreach services are provided to educate and inform corporate entities, as well as institutions of higher education within the State, of the dangers and vulnerabilities of wired and wireless networks. A state cyber-crimes response group has been established and maintained for incident response statewide, in the event of significant network intrusion. A positive and fruitful working relationship with the New Jersey Office of Information Technology 
allows the unit to address cyber vulnerabilities and respond.
With the growing popularity and use of computers, the unit has seen a significant increase in conducting and assisting with investigations where computers are being utilized for the commission of fraud and identify theft. Furthermore, the unit collaborates with and assists federal, state, and local law enforcement in enforcing federal, state, and local criminal laws relating to computer-related crime through the forensic collection, recovery, processing, preservation, analysis, storage, maintenance, and presentation of digital evidence.
Training and education are provided for federal, state, and local law enforcement personnel and prosecutors regarding the forensic examination of digital evidence as it relates to the investigation and prosecution of computer-related or technology-facilitated crime.
Important Cyber Crime Information Links
- https://www.ic3.gov/default.aspx
- https://cyber.nj.gov/
- https://www.ftc.gov/bcp/edu/microsites/idtheft/
- https://www.justice.gov/criminal/ fraud/websites/idtheft.html
- https://www.antiphishing.org/
- https://www.ftc.gov/sentinel/
- https://www.us-cert.gov/
- New Jersey Computer Crime Statutes - [pdf]
- https://www.identitytheft.gov/
Identity Theft
Identity theft is a serious problem affecting millions of people each year. It involves acquiring key pieces of someone's identifying information, 
such as name, address, date of birth, social security number and mother's maiden name, to impersonate them. This information enables the identity thief to commit numerous forms of fraud which include, but are not limited to, taking over the victim's financial accounts, opening new bank accounts, purchasing automobiles, applying for loans, credit cards and social security benefits, renting apartments, and establishing services with utility and phone companies.
Read more information on our identity theft victim's reference guide.
Businesses Reporting a Breach of Security
The Identity Theft Prevention Act, effective January 1, 2006, requires businesses that operate, or have clients in New Jersey, disclose a breach of security to customers. However, the act requires these businesses to report the breach to the Division of State Police for investigation or handling, prior to disclosure to the customer. The Data Breach Notification Procedures link provides the proper procedure for reporting a loss of personal identification.
Please follow the link below to view information about:
For questions concerning potential criminal acts resulting in data breaches in New Jersey, contact the State Police Cyber Crime Unit at:
(609) 584-5051 x5664
For questions concerning the Data Breach Notification Procedure please call the New Jersey Cybersecurity & Communications Integration Cell at:
(609) 963-6900 x7865
Romance Scams
A romance scam is when scammers create fake profiles on dating apps or social media sites with the intention of building relationships with you through talking for extended periods of time. Then, the scammer may generate a story as to why they need money in hopes of having you send it to them. In 2021, $547 million dollars were lost to romance scams which is an 80% increase from reports in 2020.
Some steps can be taken to avoid being a victim of romance scammers. It is essential to check in on those most vulnerable such as older loved ones, those living alone, and those grieving the loss of a partner.
You should limit what is shared online and avoid oversharing personal information. Do your research on the person you are talking to. Search their name in a general Google search and see if anything suspicious comes up. Ask many questions and be wary if they have excuses for not meeting with you in person. Take warning in those who seem too perfect or ask you to leave a dating platform to communicate directly. These scammers are known for attempting to isolate you from those you are close to and may request inappropriate photos or financial information. Never send money to anyone you have only communicated with online or over the phone.
If you think you are a victim of a romance scam, you should stop talking to the person immediately and talk with someone you trust to describe the situation. It is important to report the incident to your local law enforcement and submit a fraud complaint to the Federal Trade Commission.
Business Email Compromise
Business email compromise (BEC) exploits the reliance upon usage of emailing as a quick and easy form of communication especially between vendors and employees. The scam begins es an individual creates a spoof website or email that looks familiar to the victim, usually done by changing one or two characters of the real address to appear as if they were the trusted source. Then, the criminal will convince the victim to reveal confidential information such as company accounts or data or potentially provide them access to calendars and passwords. The victim will typically provide this information because they assume they are talking to someone within the company like a fellow employee or CEO, or a trusted vendor. This process of deception is referred to as "phishing". The other way a criminal can complete BEC is by using a software that infiltrates authentic email threads concerning billing which allows them to send messages about finances that don't seem suspicious to the receiver.
The goal of the criminal is to gain information and wire funds to their organization by penetrating and manipulating businesses and their employees.
According to the IC3, between October 2013 and December 2021 there had been 116,401 victims of BEC in the United States and a total of $14,762,978,290 exposed dollar loss.
Ways to protect yourself end your company against BEC:
- Utilize two-factor authentication and implement layers of technical defense.
- Ensure the email address and or URL match the individual or business that it is coming from.
- Refrain from providing login credentials or any other personal/confidential information via email.
- Monitor financial accounts regularly to avoid missing irregularities such as missing deposits.
- Train employees on common BEC attacks.
- False sense of urgency
- Trick domain name
- Impersonation of vendor
- The backbone of Bitcoin is the public ledger called the"blockchain," which contains every transaction ever processed.
Cryptocurrency Scam Intake Questionnaire
Cryptocurrency
- Bitcoin is the most common type of cryptocurrency:
- Purchased through online dealers and traders, or in person.
- Exchanged through the sale of goods or services.
- Earned through "mining"-which rewards users for processing transactions
- Users must set up a Bitcoin wallet:
- Multitude of platforms such as software and applications on a computer or device can be used to manage Bitcoin funds.
- A user’s identity is not tied directly to the Bitcoin wallet or address.
- Three (3) different type(s) of Bitcoin Wallet addresses:
- P2PKH or Legacy (Addresses start with "1" )
- P2SH or Compatibility ( Addresses start with "3" )
- Bech32 or Segwit ( Addresses start with "bc1" ) - Most common
- How does Bitcoin work?
- The backbone of Bitcoin is the public ledger called the "Blockchain," which contains every transaction ever processed.
- Wikipedia: A blockchain consists of blocks that hold timestamped batches of valid transactions. Each block includes the hash of the prior block in the blockchain, linking the two. The linked blocks form a chain, with only one (successor) block allowed to link to one another(predecessor) block thus giving the database type its name.
- **Please reference the Law Enforcement Cyber Primer for definitions and details on Virtual Currency/Cryptocurrencies**
- ** If you are a victim of a Cryptocurrency Scam, Contact New Jersey State Police Cyber Crimes unit and fill out the following : Cryptocurrency Scam Intake Questionnaire
Cyber Primer Reference Guide to Commonly Encountered Cyber Terms and Concepts
