416-222-8477 (TIPS)
Be advised, if your intent is to use our reporting platform as an avenue to threaten or cause harm to any person, place or thing; or for any other illegal purpose other than to legitimately report a crime you will not be protected by Crime Stoppers privilege.

Cyber Tips

SecureDrop
February 2019

Toronto Crime Stoppers is committed to assisting law enforcement address the problem of cybercrime by providing inside cyber tipsters with the most secure and anonymous means to submit information through the SecureDrop encrypted submission system.

Cybercrime is one of the fastest growing areas of crime. Criminal hacker networks are exploiting the Internet’s speed, reach and anonymity to commit a diverse range of criminal activities including data and identity-theft activities targeting everything and everyone from financial institutions to individuals.

New cybercrime trends emerge daily with billions in losses across the globe to the point cybercrime has surpassed drug trafficking as a criminal source of revenue. Despite is breadth, cybercrime can generally be broken into two categories:

  • computer network and device hacking such as viruses and denial-of-service (DoS) attacks; and
  • vulnerability attacks which exploit computer networks to advance diverse criminal activities including crimes against children, financial crimes and even terrorism.

The SecureDrop Platform set up by Toronto Crime Stoppers uses the Tor anonymity software to protect your identity, location and the information you send us. We do not ask for or require any identifiable information, nor do we track or log information surrounding our communication.

How to Use Secure Drop

We strongly recommend that tips be sent using a public Wi-Fi network and that the computer you use is free of malware.

If the computer is compromised, communications using SecureDrop may be compromised as well. The steps below outline best practices for use of SecureDrop, as well as the steps that we take to protect your privacy.

We strongly recommend that tips be sent using a public Wi-Fi network, and that the computer you use is free of malware. If the computer is compromised, communications using SecureDrop may be compromised as well. The steps below outline best practices for use of SecureDrop, as well as the steps that we take to protect your privacy.

  • Download and install the Tor browser from https://www.torproject.org. The Tor browser allows access to our SecureDrop page, which operates as a Tor “hidden service.”
  • Open the Tor browser and wait for the page that says a connection has been established, then copy and paste the following into the address bar we will provide you when we officially launch Secure Drop in February 2019.
  • Follow the instructions to send us information. Users will be given a codename that can be used to log back in and check for responses from Toronto Crime Stoppers.
  • For added security, consider using the Tails operating system instead of the Tor Browser.

Privacy Information

The SecureDrop servers are under the physical control of Toronto Crime Stoppers.

The information you send us is stored on our SecureDrop servers in an encrypted format. We will decrypt your submission on a computer that has never been connected to the internet and remove any metadata associated with it. After it has been stripped of metadata, and, if possible, known source information, tips and submitted documents will be accessible to us.

We will not know the source of tips submitted through SecureDrop: If your name or other identifiers are included in the tip itself, it may not be redacted from the information. If this is a serious concern, we encourage you not to include identifying information within your submission.

If you wish to log back in to check for responses from Toronto Crime Stoppers, we recommend that you delete each message as soon as you have read it. The message will then also be securely deleted from our servers. SecureDrop is regularly audited by independent security experts. Like all software, it could have security bugs that are exploitable. Ultimately, you use the service at your own risk.