Damages from global cybercrime will reach $10.5 trillion annually by 2025. It will be difficult to not get caught up in the landslide. To protect your company, you need to get the right information and act quickly. 

Cybercrime statistics show that a minimum of 422 million individuals became impacted by cybercrime in 2022. The FBI recorded 800,944 complaints regarding cyber-attacks.

In comparison, nearly 33 billion accounts will endure a breach by the end of 2023. The cost of such breaches will reach $8 trillion.

The best way to make sure you don’t fall victim to cyber criminals is to understand the cybercrime landscape. That’s why we’ve compiled over 90 cyber crime statistics to help you familiarize yourself with this treacherous landscape.

• Cybercrime Statistics for 2019-2022

• The Cost of Cybercrime

• Cyber Crime Trends

  • Phishing Scams

  • BEC Attacks

  • Social Media Scams

  • DDoS Attacks 

  • Ransomware Attacks

• The Future of Cybercrime

• Conclusion

The best way to move forward is to analyze our past mistakes so they don't happen again. The threat landscape is always changing. That's why it’s important to understand how cyber attacks evolve and which security controls and types of training work.

• There were 153 million new malware samples from March 2021 to February 2022 

• This is a nearly 5% increase on the previous year which saw 145.8 million.

• In 2019, 93.6% of malware observed was polymorphic.

• This means it can constantly change its code to evade detection.

• Almost 50% of business PCs that got infected once were re-infected within the same year

• 86.2% of surveyed organizations endured a successful cyberattack

• Colombia was the hardest-hit country by cyberattacks in 2019, 

• 93.9% of all surveyed companies endured a compromised system at least once that year

The cybercrime statistics above are just the tip of the iceberg.

The more we understand cybercrime, the more unnerving it becomes. On the bright side, we understand cybersecurity and cyberattacks more than ever, and thanks to detailed cybersecurity reports, we can protect ourselves more effectively.

Why do we want to avoid cyberattacks? Why not let cyber criminals into our business networks? The short answer is theft and cost.

Hackers want to make money off of other people’s hard work. They steal information, try to sell it on the dark web, or use the stolen information to hack individuals and liquidate their bank accounts.

Cybercrime is costly. It is less expensive to implement good safety measures than deal with the aftermath of a breach. But just how costly is it to get hacked?

• The cost of cybercrime in 2021 was $6 trillion. 

• There was a $4.2 billion loss for victims due to internet crimes in 2020. 

• The average cost of a ransomware attack is $1.85 million. 

• Global cybercrime damages per second cost around $190,000.

• The average cost of cybercrime for organizations is around $13 million. 

• 47% of cybercrime victims lose money as a result of the attack.

• Tech support fraud amounted to over $146 million.,

• This is a 171% increase in losses from 2019.

• Victims of compromised personal and business email accounts experienced a loss of $1.86 billion in 2021.

• The average ransom paid by mid-sized organizations is $170,404.

• The difference in cost between largely compliant companies and those that are non-compliant was around $2.3 million. 

• The average cost of a data breach during the pandemic was $1 million higher than the pre-pandemic scenario. 

• Organizations that did not change their IT security to cope with the pandemic faced a breach that cost an average of $5.01 million. 

Phishing scams are a form of social engineering attack. Their purpose is to retrieve data from unsuspecting users through the impersonation of reputable websites, authorities to whom victims might reveal information or trusted friends.

• For the last three years, phishing continues to be a common form of cybercrime.

• 2021 saw a total of 323,972 phishing victims.

• Phishing victims lost the least amount of money at $136 per victim when compared to other types of attacks.

• Employees open nearly 30% of phishing emails, increasing the chances of opening or downloading malware from malicious links.

• 10% of hackers say that their motivation for phishing is to disrupt site services.

• 6% said it was for financial gains.

• 88% of healthcare workers opened a phishing email.

• In 2021, there was a 75% increase in phishing attacks.

• A HIMSS survey revealed that 36% of non-acute care organization representatives claimed that their organization did not conduct phishing tests.

• Nearly 24% of health employees in the U.S. have not received any cybersecurity awareness training to help identify phishing scams.

Hackers and scammers are getting craftier. They continually improve their phishing emails to trick even the most cautious users. Data shows that this is a constant cause of concern. There is no sign of hackers slowing down in terms of effectiveness.

BEC stands for Business Email Compromise Attacks. They are email blasts that look or mimic authenticated websites and services. In reality, they are phishing mail targeted to make individuals reveal personal information.

• Companies filed 1,153 cyber insurance claims in 2022 concerning business email compromise scams. 

• 57% of these BEC attacks occurred in 2020 and 2021. 

• Business email compromises were responsible for 10% of the total cybercrime costs in 2022. 

• Nearly 1.2% of all emails sent are malicious.

• This translates to 3.4 billion phishing emails a day. 

• Compromised emails are one of the most expensive types of phishing attacks for businesses.

• 19,369 complaints said they lost at least $1.8 billion

• The most commonly used words in phishing emails are…

• Important (5.4%)

• Attention (2.3%)

• Urgent (8%)

• Important updates (8%).

• Nearly 60% of hospital representatives and healthcare IT professionals said that emails were the most common cause of data compromise. 

• Healthcare email frauds saw a growth pattern of 473%. 

• Hackers send healthcare organizations an average of 96 fraudulent emails every quarter.

• Hackers sent 70% of the fraud emails to healthcare institutions during office timings between 7 A.M. and 1 P.M.

Attacks through social media platforms like Instagram and Facebook are another trend to look at. This happens when hackers contact people through messaging applications, leading to account takeovers.

• Nearly 8% of social media cyberattacks occur through phishing. 

• LinkedIn phishing messages account for 47% of all social media phishing attempts.

• In 2019, Facebook breaches were responsible for 849 million leaked records. 

• Hackers sold more than 50,000 Zoom account details on the dark web for as little as $0.0020 per account. 

• 70% of online fraud is now accomplished through mobile applications.

There are billions of social media users. Everyday usage is skyrocketing. That's why social media platforms became a goldmine for cybercriminals and scammers.

Attitudes regarding social media seem to be changing. That said, behaviors aren’t following suit, This leaves bad actors with plenty of opportunities to steal data and defraud users across the globe.

DDoS attacks can devastate even the largest websites. They do this by overloading a server with a maximum number of junk requests.

• DDoS attacks are the 5th leading cause of cyber threats at 3.63/5. 

• There were more than 10 million DDoS attacks in 2020.

• 2021 saw upwards of 9.84 million DDoS attacks, 

• 73% targeting education, finance, government, and healthcare companies

• In Q4 of 2021, the number of DDoS attacks increased more than 4.5 times compared to Q4 of 2020.

• This followed a 10% increase in DDoS attacks from Q4 2019 to Q4 2020.

• 71% of organizations experienced an extortion or ransom DDoS threat.

• The number of multi-vector attacks (those using 15+ vectors) increased by 116% from 2019 to 2020 

• It increased a further 10% from 2020 to 2021

• The duration of attacks increased to around 50 minutes in the first half of 2021, 

• This is an increase of 31%.

Cybercriminals are taking full advantage of the processing power of unsecured devices connecting to the internet. Once recruited into botnets, cybercriminals harness the collective power of these unsecured devices to launch powerful attacks. Such attacks are barely survivable for companies.

Ransomware is a form of malicious malware. Its designed to deny access to a computer system or data file until the organization pays a ransom. Ransomware is mainly spread through phishing emails.

• Over 37,700 ransomware attacks happen every hour globally. 

• That is about 578 ransomware attacks each minute.

• Malware and ransomware claimed over 4,500 victims in 2021. 

• Ransomware has some sort of involvement in around 17% of malware security incidents.

• This is down from 27% in 2020.

• Ransomware attacks in the U.S. cost an estimated $623.7 million in 2021.

• 495 million ransomware attacks occurred in the first nine months of 2021 

• This is a 148% increase compared to the previous year.

• 55% of the 1500 claims from 2019 to 2021 occurred due to ransomware. 

• 2,123 claims in 2022 were due to ransomware.

• 45% of these occurred in 2020 and 2021.

• 74% of ransomware attacks targeted hospitals.

• 26% of ransomware attacks targeted secondary institutions like dental services and nursing homes. 

• The number of healthcare breaches in the first five months of 2022 almost doubled when compared to the same period in 2021.

• 88% of ransomware attacks attempted to infect backup repositories 

• 75% of those attempts were successful

• 2020 saw nearly 560 healthcare facilities fall victim to ransomware attacks. 

• 8% of healthcare data breach claims happened because of ransomware attacks.

• 20% of Americans have dealt with ransomware attacks.

According to Kaspersky, companies successfully blocked 14.46 million ransomware attacks in Q2 2021. This was a marginal increase over the 14.2 million blocked in Q2 2020.

Ransomware infection rates are declining. However, companies continuously choose to pay the ransom. 57% of organizations hit by ransomware pay to get their data unlocked. This further fuels cyber criminal activities.

Experts estimate that in 2023, hackers will breach 33 billion accounts. That converts to 2328 breaches a day and 97 breaches an hour.

From 2001 to 2021, cybercrime attacked at least 6.5 million victims. The estimated loss from these attacks is nearly $26 billion over those 20 years.

What does cybercrime look like in 2023 and beyond?

• Experts predict the global annual cost of cybercrime will reach $8 trillion annually by the end of 2023.

• By 2025, there will be a 15% increase in cybercrime costs, reaching $10.5 trillion.

• 80% of reported cyber crimes have some correlation to a phishing attack within the technology sector. 

• 16% of cyber-attacks are somehow related to phishing

• This is the second most common reason for data breaches

• It is the costliest type of breach, averaging $ 4.91 million in breach costs.

• 24% of all BEC phishing scams in 2021 aimed to try and divert employee payroll deposits.

• The average BEC attacks that involved a demand for a wire transfer increased from $71,000 to $106,000 from 2020 to 2021

• Ransomware will cost its victims around $265 billion annually by 2031.

• Crypto crime will cost the world $30 billion annually by 2025.

As you can see from the cybercrime statistics above, hackers are adept at stealing information and making money off of illegal activity.

You must protect your organization and your assets from these criminals. The better you understand the world of cybersecurity, the better prepared you can be to deal with cyber attacks.