Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cyber Investigations

Our goal is to protect the nation’s financial infrastructure and maintain a safe environment for the American people to conduct financial transactions. Our mission is to investigate complex cyber-enabled financial crimes.

 

Combating the illicit use of digital assets

USSS Stars

The Secret Service is responsible for detecting, investigating, and arresting any person who violates certain laws related to financial systems. In recent years digital assets have increasingly been used to facilitate a growing range of crimes, including various fraud schemes and the use of ransomware. 

Learn more

The Secret Service is responsible for detecting, investigating, and arresting any person who violates certain laws related to financial systems. In recent years digital assets have increasingly been used to facilitate a growing range of crimes, including various fraud schemes and the use of ransomware.

 

Our primary investigative mission is to protect the financial infrastructure of the United States by investigating complex, often cyber-enabled financial crimes.

Cyber Fraud Task Forces

USSS Stars

Cyber Fraud Task Forces (CFTFs), the focal point of our cyber investigative efforts, are a partnership between the Secret Service, other law enforcement agencies, prosecutors, private industry, and academia. The strategically located CFTFs combat cybercrime through prevention, detection, mitigation, and investigation.

 

Global Investigative Operations Center

USSS Stars

An integrated mission center, monitoring, coordinating, and supporting strategic domestic and international investigations with potential impact on the integrity of the financial infrastructure. The Global Investigative Operations Center (GIOC) conducts analysis of non-traditional data sources and works with our CFTFs on combating transnational organized criminal organizations.

The Global Investigative Operations Center (GIOC) conducts analysis of non-traditional data sources and works with our CFTFs on combating transnational organized criminal organizations.

 

We maintain a cyber workforce possessing the capacity to respond and investigate large scale network intrusions, access device fraud, bank fraud, money laundering, skimming and other cybercrimes.

Highly-Skilled Cyber Workforce

USSS Stars

Our network intrusion responders are at the frontlines of large scale network intrusions and malware attacks. Our investigators, analysts, and forensic examiners have contributed to the apprehension of transnational cyber criminals responsible for large-scale data breaches, online criminal hosting services, and the trafficking of stolen financial data and other cybercrimes.

 

 

Preparing for a Cyber Incident

USSS Stars

Effective cybersecurity requires a holistic approach in order for an organization to be more resilient against cyber attacks. The Secret Service developed a series of cyber incident response planning guides to assist organizations in preparing, preventing, and responding to cyber attacks.

The Secret Service developed a series of cyber incident response planning guides to assist organizations in preparing, preventing, and responding to cyber attacks.

 

Types of Cybercrimes We Investigate


 

Access Device Fraud

An elicit transferring of funds that involves credit and debit cards, or other types of account access devices.
 

Network Intrusions

Unauthorized access to computers or networks, using a variety of methods, including malware and bots.

Point-of-Sale System Compromise

Unauthorized access to checkout or cashier systems that process the electronic transfer of payments for goods and services.
 

Illicit Financing Operations and Money Laundering

Investing illicit proceeds into the financial system, while attempting to disguise them as legitimate transactions.

ATM Attacks

Involves access device manipulation and network intrusion.
 

Identity Theft and Use

Theft of Personally Identifiable Information to illicit financial gain.

Ransomware

Type of malicious software designed to block access to computers or networks until a sum of money is paid.
 

Business Email Compromise

Type of payment fraud that involves the compromise of legitimate business email accounts for the purpose of conducting unauthorized wire transfers.

 

 

The Secret Service has cultivated mutually beneficial partnerships with law enforcement agencies around the globe, leading to successfully extraditing criminal suspects residing overseas to face prosecution in the United States.

We continue to forge new international partnerships in furtherance of our mission to pursue and apprehend cybercriminals globally.

Secret Service representatives partner with public and private organizations worldwide, including:

  • U.S. Department of Justice
  • U.S. Department of the Treasury
  • National Cyber Investigative Joint Task Force (NCIJTF)
  • Financial Crimes Enforcement Network (FinCEN)
  • Homeland Security Investigations (HSI)
  • Federal Bureau of Investigation (FBI) and the Internet Crime Complaint Center (IC3)
  • Cybersecurity and Infrastructure Security Agency (CISA)
  • Europol
  • INTERPOL
  • Computer Emergency Response Team (CERT) in coordination with Carnegie Mellon University
  • University of Tulsa
  • University of San Antonio
  • National Cyber Forensics and Training Alliance (NCFTA)
  • Financial Services Information Sharing and Analysis Center (FS-ISAC)

The mission of the U.S. Secret Service Cyber Fraud Task Forces (CFTF) is to prevent, detect, and mitigate complex cyber-enabled financial crimes, with the ultimate goal of arresting and convicting the most harmful perpetrators. Through a partnership with private industry, state, local, tribal, and territorial (SLTT) and federal law enforcement agencies, federal and state prosecutors, and academia, the CFTFs effectively leverage the collective expertise of a range of key stakeholders necessary to combat cybercrime. The CFTFs are staffed with special agents, technical experts, forensic analysts operating in the CFTF Digital Evidence Forensic Labs (DEFL), and SLTT task force officers trained through the Secret Service National Computer Forensic Institute (NCFI).

In 1995, the Secret Service New York Field Office (NYC) established the first Electronic Crimes Task Force (ECTF). The task force was substantially modeled on the existing Secret Service-led Financial Crimes Task Forces (FCTFs), which were established in 1984, following the enactment of the Comprehensive Crime Control Act and the resultant criminal authorities Congress provided to our agency. Leveraging state and local law enforcement partners, in addition to prosecutor offices, private sector industry groups, and academia, the ECTF concept led to increased investigative successes in the emerging field of cyber-enabled criminal activity.

In 2001, in the aftermath of 9/11, the USA PATRIOT (Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism) Act mandated the Secret Service to expand the New York ECTF concept nationally for the “purpose of preventing, detecting, and investigating various forms of electronic crimes, including potential terrorist attacks against critical infrastructure and financial payment systems.” Since that time, 39 additional ECTFs, including two overseas, have been created for this purpose.

In 2018, the Secret Service began evaluating strategic options to improve the organization of Secret Service task forces by combining existing ECTFs and FCTFs. These combined 44 task forces - CFTF - resulted in better coordination with task force partners, consolidation of investigative and technical skillsets during operations.

Secret Service Announces the Creation of the Cyber Fraud Task Force

Locate a CFTF.

 

Resources

Verizon Data Breach Investigations Report


Our experts contributed to this report, which provides actionable insight into how data breaches occur.

Train at the National Computer Forensics Institute


Register for cyber incident response, investigation, and forensic examination training.

Internet Crime Complaint Center (IC3)


Submit an internet crime complaint to federal law enforcement.