Owed in part to the pandemic-induced increased shift from offline to online, cyber attacks have become a lucrative avenue for criminals in recent years. Statista experts estimate global losses of $7.1 trillion in 2022 compared to 2019's $1.2 trillion, with crypto exchange and protocol hacks by prolific groups like the state-affiliated North Korean hacking team Lazarus dramatically increasing in the years 2021 and 2022 according to Chainalysis. While the number of hacks and the damage caused has been on a constant uptick, the types of cyber attacks have shifted dramatically in the past five years.
In 2017, roughly 42 percent of recorded cyber crimes were connected to non-payment or non-delivery. This category includes purchases made via fraudulent online stores that never materialize and promised payments never arriving. Personal data breaches and phishing scams constituted an additional 28 percent, while identity theft, credit card fraud and other cyber attacks had a relatively low share in all reported cyber crimes.
Five years later, phishing has become the most prevalent cyber attack. This past year, more than half of criminal online activity was connected to this long-running type of cyber crime. While phishing via e-mail has been around since the advent of the internet, hackers have since come up with specialized versions of phishing tailored to the corresponding channels. Spear phishing, for example, is aimed at a specific group or role at a company, often utilizing more sophisticated wording and jargon to fool would-be victims, while whaling targets the C-suite. Other types of phishing unrelated to e-mail are smishing (text messages) or vishing (voice calls).