Join the 7/21 live chat & demo: How to turn KYB & KYC into your competitive advantage

Industry

Cybercrime statistics worldwide

Cybercrime is more common than ever. Learn about the most common types of cybercrimes, most attacked industries, and more.

Table of contents
Share this post
Copied
⚡ Key takeaways

A cyberattack occurs when an individual or outside organization obtains unauthorized access to computer systems, computers, or networks with the intent to cause harm or damage. The main objective of cybercrimes is to immobilize, interrupt, or control computer systems to modify, delete, manipulate, or steal confidential data.

These attacks are executed by cybercriminals — often referred to as threat actors. Threat actors can include individuals working independently or a group of criminals working together to discover and exploit vulnerabilities in computer systems or networks.

What are the most common types of cybercrimes?

Cybercrimes are often classified into two categories: computer as a target and computer as a tool. “Computer as a target” crime is typically carried out by a group of individuals, as it requires intricate technical skills. Essentially, these crimes use computer viruses, malware, and service attack denials to acquire confidential information or damage operating programs.

On the other hand, “computer as a tool” cybercrimes don't require as much technical knowledge, which means they can be carried out by individuals and cybercriminal groups alike. This type of crime often exploits human vulnerabilities and includes offenses such as identity theft, scams, and harassment.

According to the FBI’s 2020 Internet Crime Report, the most common types of cybercrimes include phishing, vishing, and smishing attacks. The same report also highlights that non-payment/non-delivery, extortion, personal data breaches, identity theft, spoofing, misrepresentation, and confidence/romance fraud were also common sources of cybercrimes in recent years.

What is the #1 most attacked industry?

Although all industries are vulnerable to cyberattacks, the financial technology industry is most susceptible to online threat actors. In fact, a study by ImmuniWeb revealed that around 98% of the global 100 fintech startups are at risk for encountering a cyberattack.

Fintech has seen some significant transformations in the past few years, such as the use of AI and blockchain technology. The industry has grown fast, but data protection regulations failed to follow suit, thereby making businesses in this sector a prime target for cyberattacks. Malware, data breaches, and cloud environment vulnerabilities are the most common cyberattacks in the fintech sector.

Top worldwide cybercrime statistics to note

Cybercrime is more common than ever. COVID-19 also spiked the rate of phishing attacks by 600%, making it easier for threat actors to pose as renowned institutions, such as the World Health Organization (WHO), and gain unauthorized access to confidential data.

Here's a look into the latest cybercrime statistics.

Frequently asked questions

What are the most common cybercrime statistics?

Some of the most common cybercrime statistics include:

  • Data breaches cost $4.24 million on average.
  • Falling victim to cybercrime can also be costly for businesses. GDPR fines reached €1,065,071,470 in 2021 alone.
  • 36% of data breaches involve phishing.
  • 1.86 billion credentials were exposed in 2021.

How many people are affected by cybercrimes?

Research shows that approximately 330 million people spread across ten countries fell victim to cybercrimes in 2020 alone. This was primarily attributed to the increasing reliance on digital mediums for work, education, entertainment, and socialization due to COVID-19.

What comes under the banner of cybercrimes?

Any illegal activity carried out using a computer or computer network is deemed a cybercrime. This includes stealing personal data, identity theft, privacy violations, child pornography, fraud, and crimes related to intellectual properties.

Who is most at risk from a cyber attack?

Small businesses, fintech, healthcare, government agencies, educational institutions, and energy and utility firms are most vulnerable to cyberattacks.

What is the federal Computer Fraud and Abuse Act?

The Computer Fraud and Abuse Act (CFAA) was initially created in 1986 but revised and amended over the years to align with the sophistication in privacy and security standards. The Act points out a list of regulations that internet users must follow. It also elaborated on the penalties for compliance failures. The Computer Fraud and Abuse Act penalizes individuals who:

  • Gain access to information on national security
  • Gain unauthorized access to an information system
  • Trespass a government computer
  • Access a computer to defraud or gather information
  • Access a computer to cause damage
  • Are involved in password trafficking
  • Are involved in extortion
  • Attempt and conspire to commit the acts as mentioned earlier.

Table of contents

A cyberattack occurs when an individual or outside organization obtains unauthorized access to computer systems, computers, or networks with the intent to cause harm or damage. The main objective of cybercrimes is to immobilize, interrupt, or control computer systems to modify, delete, manipulate, or steal confidential data.

These attacks are executed by cybercriminals — often referred to as threat actors. Threat actors can include individuals working independently or a group of criminals working together to discover and exploit vulnerabilities in computer systems or networks.

What are the most common types of cybercrimes?

Cybercrimes are often classified into two categories: computer as a target and computer as a tool. “Computer as a target” crime is typically carried out by a group of individuals, as it requires intricate technical skills. Essentially, these crimes use computer viruses, malware, and service attack denials to acquire confidential information or damage operating programs.

On the other hand, “computer as a tool” cybercrimes don't require as much technical knowledge, which means they can be carried out by individuals and cybercriminal groups alike. This type of crime often exploits human vulnerabilities and includes offenses such as identity theft, scams, and harassment.

According to the FBI’s 2020 Internet Crime Report, the most common types of cybercrimes include phishing, vishing, and smishing attacks. The same report also highlights that non-payment/non-delivery, extortion, personal data breaches, identity theft, spoofing, misrepresentation, and confidence/romance fraud were also common sources of cybercrimes in recent years.

What is the #1 most attacked industry?

Although all industries are vulnerable to cyberattacks, the financial technology industry is most susceptible to online threat actors. In fact, a study by ImmuniWeb revealed that around 98% of the global 100 fintech startups are at risk for encountering a cyberattack.

Fintech has seen some significant transformations in the past few years, such as the use of AI and blockchain technology. The industry has grown fast, but data protection regulations failed to follow suit, thereby making businesses in this sector a prime target for cyberattacks. Malware, data breaches, and cloud environment vulnerabilities are the most common cyberattacks in the fintech sector.

Top worldwide cybercrime statistics to note

Cybercrime is more common than ever. COVID-19 also spiked the rate of phishing attacks by 600%, making it easier for threat actors to pose as renowned institutions, such as the World Health Organization (WHO), and gain unauthorized access to confidential data.

Here's a look into the latest cybercrime statistics.

Continue reading

Continue reading

Persona named one of the best authentication solutions by Cybernews
Industry

Persona named one of the best authentication solutions by Cybernews

See what sets Persona apart from other solutions.

What are suspicious activity reports (SARs)?
Industry

What are suspicious activity reports (SARs)?

Financial institutions must use suspicious activity reports (SARs) to report questionable activity to the appropriate body for legal investigation

CDD vs EDD: What’s the difference?
Industry

CDD vs EDD: What’s the difference?

Explore how CDD and EDD work and learn when each is necessary.

Ready to get started?

Get in touch or start exploring Persona today.