Cybercrime statistics

As more of our lives become digital, the chances of falling victim to online crimes grow every year. And while cybercrimes are dangerous, they are rarely random. Aside from being careless online, most people fall victim to these crimes because their data gets leaked by companies and institutions around the world. They give malicious actors the necessary information to target their victims with phishing, fraud attempts, and other scams.

That’s why it’s important to see the entire online crime picture. Below we have cybercrime data - updated with 2021 data - from yearly breaches and density to cybercrime impacts, costs, and commonly targeted individuals by age group.

Countries were sorted into 6 groups according to the breached email accounts per 100 users (breach density). The data breach map does not include countries with less than 0.5M internet users or internet usage penetration lower than 10%.

Looking at the total breaches in 2021, we see that 71.7% of our analyzed countries have lower than the global average breach density (16.5 leaked emails per 100 internet users). This shows that hackers target some countries more than others.

In 6% of all analyzed countries, breach rates are higher than 50%. To put this into perspective, more than half of the internet users in countries such as the U.S., Iran, Israel, U.A.E. and Qatar got breached in 2021.

In general, we see that hackers target developing countries a lot less often:

• On a continental level, the lowest breached email address rates are in Africa with 4 and Asia with 12 breached accounts per 100 internet users.
• North America has the highest breach rates: 1 in 2 internet users got breached in 2021. This number is 3 times higher than the global average. Oceania comes second with 2 out of 5 breached internet users.

In this graph, you can see ten countries that reported the most cybercrimes to the FBI in 2021 and 2020. They were ranked according to cybercrime density (the number of cybercrime victims per 1M internet users).

Second year in a row, the U.K. tops the cybercrime density list with 4,783 victims (a 40% growth compared to 2020). Canada saw an increase of 7%, whereas the U.S. ranked second according to the crime density - 13% decrease in cybercrime victims since 2020. The highest year-over-year increase in cybercrimes was registered in the Netherlands with a 50% growth.

There is a great disparity in types of cybercrimes that commonly affect people. For example, phishing continues to be the most common cybercrime for the third year in a row. In 2021, there were a total of 323,972 phishing victims. Or in other words, every second individual that fell for an online crime fell for a phishing attack.

However, each cybercrime comes at a different cost. Phishing victims on average lost the least amount of money ($136 per victim), while people that fell victim to investment fraud lost the most ($70,811 on average).

The least impactful online crime in 2021 was the Denial of Service (DoS) attacks. In 2021, only around 1.1K victims reported this crime with an average loss of $197. Malware and ransomware attacks are becoming more exclusive to businesses, they only claimed around 4.5K victims in 2021. Compared to phishing, that is more than 70 times fewer victims.

Cybercrime is on constant rise. Since 2001, the online crime victim count increased by 17 times (from 6 victims to 97 victims every hour) and financial losses grew almost 400 times (from $2,000 to $788,000 losses per hour). In total, cybercrime claimed at least 6,502,323 victims and $26,116,000,000 in losses over the 21 year period.

We also see that cybercrime rates go in tandem with global events:

• 2009, the year after the Great Recession, resulted in a 115% increase in financial losses (from $260M in 2008 to $560M in 2009 per year) to cybercrimes.
• In 2020, the first year of the COVID-19 pandemic, the cybercrime victim count grew by 69% compared to 2019 (from 467K to 792K cybercrime victims per year). This was the highest cybercrime victim growth recorded since 2001.

Historically, the group most resilient to cybercrimes was always people under 20 years old. Up until 2019, only around 10,000 people under 20 fell victim to cybercrime every year. However, this number increased by more than 100% after the students switched to online studying due to COVID-19. In 2021, this number decreased by 36%, but it is still 51% higher than the pre-Covid-19 average.

The age group most resistant to the COVID cybercrime spikes was seniors (55% increase in cybercrime victims). But while seniors were affected by the pandemic the least, they were generally the most vulnerable age group to cybercrime since 2016 (55K victims) with over 92K yearly victims in 2021.

Compared to 2020, two age groups (50-59 and seniors) saw more than a 10% decrease in 2021. The cybercrime rates among the people from the age groups (20-49), that are most likely to have a possibility to work remotely, stayed roughly at the same level.