Latest Cyber Crime Statistics from the UK
Have you ever searched for "UK cyber crime statistics"? We have. It's not great. The same old tired cyber crime statistics, disorganised and from the same regurgitated sources, with very poor references to the data behind them.
Today, all that changes.
🙌
We've compiled the UK's reported cyber-enabled crime data from Action Fraud to give you all much clearer cyber crime statistics from the UK.
We measured it between June 2022 to May 2023 to give a clearer picture of the impact that cyber crime is having in this country over a 12 month period.
To provide even greater insight, we've looked deeper into the regions within the UK, breaking it down further into individual and organisational differences.
So, what are you waiting for?
Let's get started:
Contents
- Headline cyber crime stats for the UK
- Cyber crime stats from London
- Cyber crime stats from the South East
- Cyber crime stats from the South West
- Cyber crime stats from the North West
- Cyber crime stats from the North East
- Cyber crime stats from the East
- Cyber crime stats from the East Midlands
- Cyber crime stats from the West Midlands
- Cyber crime stats from Yorkshire & Humber
- Cyber crime stats from Scotland
- Cyber crime stats from Wales
- Cyber crime stats from Northern Ireland
- Cyber crime trends in 2023
- Frequently Asked Questions (FAQs)
- Final thoughts
Headline cyber crime statistics for the UK
Let's take a look at the cyber crime statistics in the UK:
-
There were 214k reports of cyber-enabled crime in the UK.
-
Resulting in £1.7B of reported financial losses.
-
£7.8k was the average reported financial loss per report of cyber-enabled crime in the UK overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 106k, which equated to 49.5% of all reports.
-
£758M of reported financial losses came directly from Banking fraud, equating to 45.6% of the total losses.
-
Investment fraud had the highest average reported financial loss per report at £30.5k.
Cyber attacks for individuals
For individuals, there were:
-
200k reports of cyber-enabled crime from individuals in the UK.
-
Resulting in £890M of reported financial losses.
-
£4.5k was the average reported financial loss per report of cyber-enabled crime for individuals in the UK.
-
50.5% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £197M in reported losses. 17.9% were for Advance Fee fraud, resulting in £73M in losses. 11.1% were for Banking fraud, resulting in £155M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £459M. Investment fraud accounted for 7.9% of all reports but 51.6% of reported financial losses, making it the highest average reported financial loss per individual at £28.9k.
-
The highest number of reports based on age came from 20-29 year olds at 20.4%.
-
They also had the highest financial losses at £161M (18.1%).
-
70-79 year olds had the highest average reported financial loss per report at £10k.
Cyber attacks for organisations
For organisations, this was:
-
14.6k reports of cyber-enabled crime from organisations in the UK.
-
Resulting in £773M of reported financial losses.
-
£52.7k was the average reported financial loss per report of cyber-enabled crime for organisations in the UK.
-
63.8% of businesses were Limited companies, followed by PLCs (12.2%).
-
43% of reported cyber-enabled crime from organisations were Banking related, resulting in £603M in reported losses. 36.5% were for Consumer fraud, resulting in £122M in losses. 2.1% were for Investment fraud, resulting in £34M in losses.
-
The highest average reported financial loss per organisation came from Investment fraud, which stood at £144k.
By Region:
Cyber crime statistics from London
Let's take a look at the cyber crime statistics in London:
-
38.3k reports of cyber-enabled crime in London.
-
Resulting in £895.2M of reported financial losses.
-
£23.4k was the average reported financial loss per report of cyber-enabled crime in London overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 18.8k, which equated to 49.1% of all reports.
-
£595.7M of reported financial losses came directly from Banking fraud, equating to 66.5% of the total losses.
-
Public Sector fraud had the highest average reported financial loss per report at £185.7k.
Individuals
The cyber crime statistics for individuals were:
-
35k (91.5%) reports of cyber-enabled crime from individuals in London.
-
Resulting in £337M (37.7%) of reported financial losses.
-
£9.6k was the average reported financial loss per report of cyber-enabled crime for individuals in London.
-
50.6% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £46.8M in reported losses. 17.3% were for Advance Fee fraud, resulting in £15.7M in losses. 11.7% were for Cyber Dependent fraud, resulting in £1.2M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £195.6M. Investment fraud accounted for 9.4% (3.3k) of all reports but 58% of reported financial losses, making it the highest average reported financial loss per individual at £59.3k.
-
The highest number of reports based on age in London came from 20-29 year olds at 26.4%.
-
The highest financial losses came from the same group, 20-29 year olds, at £120.8M (35.8%).
-
70-79 year olds had the highest average reported financial loss per report at £43k (1.5k reports).
Organisations
For organisations, this was:
-
3.3k (8.5%) reports of cyber-enabled crime from organisations in London.
-
Resulting in £558M (62.3%) of reported financial losses.
-
£171k was the average reported financial loss per report of cyber-enabled crime for organisations in London.
-
65.6% of businesses were Limited companies, followed by PLCs (18.6%).
-
48.9% of reported cyber-enabled crime from organisations were Banking related, resulting in £518.4M in reported losses. 32.4% were for Consumer fraud, resulting in £20.5M in losses. 13.6% were for Cyber Dependant fraud, resulting in £1.2M in losses.
-
The highest average reported financial loss per organisation in London came from Banking fraud, which stood at £325k.
Cyber crime statistics from the South East
Let's take a look at the cyber crime stats for the South East:
-
25.3k reports of cyber-enabled crime in the South East.
-
Resulting in £135M of reported financial losses.
-
£5.3k was the average reported financial loss per report of cyber-enabled crime in the South East overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 12.2k, which equated to 48.2% of all reports.
-
£60.5M of reported financial losses came directly from Investment fraud, equating to 44.8% of the total losses.
-
Public Sector fraud had the highest average reported financial loss per report at £40k.
Individuals
The cyber crime statistics for individuals were:
-
23.7k (93.7%) reports of cyber-enabled crime from individuals in the South East.
-
Resulting in £102M (75.3%) of reported financial losses.
-
£4.3k was the average reported financial loss per report of cyber-enabled crime for individuals in the South East.
-
49.1% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £24.3M in reported losses. 19.5% were for Advance Fee fraud, resulting in £10.7M in losses. 12.4% were for Cyber Dependent fraud, resulting in £248k in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £54.8M. Investment fraud accounted for 8.1% (1.9k) of all reports but 53.9% of reported financial losses, making it the highest average reported financial loss per individual at £28.4k.
-
The highest number of reports based on age in the South East came from 30-39 year olds at 18.1% (4.3k).
-
The highest financial losses came from 60-69 year olds, at £28.1M (27.6%).
-
They also had the highest average reported financial loss per report at £9k (3.1k reports).
Organisations
For organisations, this was:
-
1.5k (6.3%) reports of cyber-enabled crime from organisations in the South East.
-
Resulting in £33.4M (24.7%) of reported financial losses.
-
£21k was the average reported financial loss per report of cyber-enabled crime for organisations in the South East.
-
71.9% of businesses were Limited companies, followed by PLCs (7.3%).
-
46.2% of reported cyber-enabled crime from organisations were Banking related, resulting in £19.5M in reported losses. 34% were for Consumer fraud, resulting in £7.2M in losses. 15.8% were for Cyber Dependant fraud, resulting in £93k in losses.
-
The highest average reported financial loss per organisation in the South East came from Investment fraud, which stood at £219k.
Cyber crime statistics from the South West
Let's take a look at the cyber crime stats for the South West:
-
18.3k reports of cyber-enabled crime in the South West.
-
Resulting in £73.3M of reported financial losses.
-
£4k was the average reported financial loss per report of cyber-enabled crime in the South West overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 9.2k, which equated to 50.6% of all reports.
-
£26M of reported financial losses came directly from Investment fraud, equating to 35.6% of the total losses.
-
This also had the highest average reported financial loss per report at £21k.
Individuals
The cyber crime statistics for individuals were:
-
17k (94.4%) reports of cyber-enabled crime from individuals in the South West.
-
Resulting in £63M (85.9%) of reported financial losses.
-
£3.6k was the average reported financial loss per report of cyber-enabled crime for individuals in the South West.
-
51.1% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £19.1M in reported losses. 20% were for Advance Fee fraud, resulting in £7.8M in losses. 11.7% were for Cyber Dependent fraud, resulting in £194k in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £25.5M. Investment fraud accounted for 7.1% (1.2k reports) of all reports but 40.5% of reported financial losses, making it the highest average reported financial loss per individual at £20.8k.
-
The highest number of reports based on age in the South West came from 30-39 year olds at 18% (3.1k reports).
-
The highest financial losses came from 40-49 year olds, at £14M (27.6%).
-
70-79 year olds had the highest average reported financial loss per report at £5.9k (1.8k reports).
Organisations
For organisations, this was:
-
1k (5.6%) reports of cyber-enabled crime from organisations in the South West.
-
Resulting in £10.3M (14.1%) of reported financial losses.
-
£10k was the average reported financial loss per report of cyber-enabled crime for organisations in the South West.
-
64.3% of businesses were Limited companies, followed by Other (9%).
-
42.5% of reported cyber-enabled crime from organisations were Consumer related, resulting in £4.9M in reported losses. 36.4% were for Banking fraud, resulting in £4.4M in losses. 17.9% were for Cyber Dependant fraud, resulting in £13.5k in losses.
-
The highest average reported financial loss per organisation in the South West came from Investment fraud, which stood at £57.5k.
Cyber crime statistics from the North West
Let's take a look at the cyber crime statistics in the North West:
-
27.1k reports of cyber-enabled crime in the North West.
-
Resulting in £94.1M of reported financial losses.
-
£3.5k was the average reported financial loss per report of cyber-enabled crime in the North West overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 13.1k, which equated to 48.5% of all reports.
-
£34.6M of reported financial losses came directly from Investment fraud, equating to 36.8% of the total losses.
-
It also had the highest average reported financial loss per report at £19.6k.
Individuals
The cyber crime statistics for individuals were:
-
25k (92.3%) reports of cyber-enabled crime from individuals in the North West.
-
Resulting in £69M (73.3%) of reported financial losses.
-
£2.8k was the average reported financial loss per report of cyber-enabled crime for individuals in the North West.
-
48.9% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £21.7M in reported losses. 16.6% were for Advance Fee fraud, resulting in £7.8M in losses. 13.1% were for Banking fraud, resulting in £8.7M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £30.3M. Investment fraud accounted for 7% (1.7k) of all reports but 43.9% of reported financial losses, making it the highest average reported financial loss per individual at £17.3k.
-
The highest number of reports based on age in the North West came from 20-29 year olds at 20.1% (5k).
-
The highest financial losses came from 50-59 year olds, at £15.6M (22.6%).
-
90-99 year olds had the highest average reported financial loss per report at £10.5k (73 reports).
Organisations
For organisations, this was:
-
2.1k (7.7%) reports of cyber-enabled crime from organisations in the North West.
-
Resulting in £25.1M (26.7%) of reported financial losses.
-
£12.1k was the average reported financial loss per report of cyber-enabled crime for organisations in the North West.
-
59% of businesses were Limited companies, followed by PLCs (21.1%).
-
45.1% of reported cyber-enabled crime from organisations were Banking related, resulting in £15.8M in reported losses. 25.7% were for Consumer fraud, resulting in £4.7M in losses. 4.7% were for Cyber Dependant fraud, resulting in £128.7k in losses.
-
The highest average reported financial loss per organisation in the North West came from Investment fraud, which stood at £215k.
Cyber crime statistics from the North East
Let's take a look at the cyber crime stats for the North East:
-
7k reports of cyber-enabled crime in the North East.
-
Resulting in £21.1M of reported financial losses.
-
£3k was the average reported financial loss per report of cyber-enabled crime in the North East overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 3.6k, which equated to 51.6% of all reports.
-
£9.4M of reported financial losses came directly from Investment fraud, equating to 44.5% of the total losses.
-
Public Sector fraud had the highest average reported financial loss per report at £36.5k.
Individuals
The cyber crime statistics for individuals were:
-
6.5k (94.2%) reports of cyber-enabled crime from individuals in the North East.
-
Resulting in £15.8M (75%) of reported financial losses.
-
£2.4k was the average reported financial loss per report of cyber-enabled crime for individuals in the North East.
-
51.5% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £4M in reported losses. 19.2% were for Advance Fee fraud, resulting in £1.7M in losses. 12.3% were for Cyber Dependent fraud, resulting in £118k in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £8.1M. Investment fraud accounted for 6.9% (454) of all reports but 51.2% of reported financial losses, making it the highest average reported financial loss per individual at £17.8k.
-
The highest number of reports based on age in the North East came from 20-29 year olds at 19.7%.
-
The highest financial losses came from 50-59 year olds, at £3.9M (24.6%).
-
0-9 year olds had the highest average reported financial loss per report at £12.6k (17 reports).
Organisations
For organisations, this was:
-
405 (5.8%) reports of cyber-enabled crime from organisations in the North East.
-
Resulting in £5.3M (25%) of reported financial losses.
-
£13k was the average reported financial loss per report of cyber-enabled crime for organisations in the North East.
-
76.8% of businesses were Limited companies, followed by Sole traders (6.9%).
-
53.1% of reported cyber-enabled crime from organisations were Consumer related, resulting in £538k in reported losses. 25.7% were for Banking fraud, resulting in £2.7M in losses. 4.7% were for Public Sector fraud, resulting in £730k in losses.
-
The highest average reported financial loss per organisation in the North East came from Investment fraud, which stood at £186k.
Cyber crime statistics from the East
Let's take a look at the cyber crime stats for the East:
-
28.7k reports of cyber-enabled crime in the East.
-
Resulting in £183M of reported financial losses.
-
£6.4k was the average reported financial loss per report of cyber-enabled crime in the East overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 13.9k, which equated to 48.5% of all reports.
-
£98.3M of reported financial losses came directly from Consumer fraud, equating to 53.7% of the total losses.
-
Investment fraud had the highest average reported financial loss per report at £21.5k.
Individuals
The cyber crime statistics for individuals were:
-
26.9k reports of cyber-enabled crime from individuals in the East.
-
Resulting in £93.1M of reported financial losses.
-
£3.4k was the average reported financial loss per report of cyber-enabled crime for individuals in the East.
-
49.2% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £26.8M in reported losses. 18.8% were for Advance Fee fraud, resulting in £9.3M in losses. 10.7% were for Banking fraud, resulting in £11.3M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £45.1M. Investment fraud accounted for 8% of all reports but 48.4% of reported financial losses, making it the highest average reported financial loss per individual at £20.9k.
-
The highest number of reports based on age in the East came from 30-39 year olds at 19.6%.
-
The highest financial losses came from 40-49 year olds at £21.7M (23.3%).
-
90-99 year olds had the highest average reported financial loss per report at £7k.
Organisations
For organisations, this was:
-
1.7k reports of cyber-enabled crime from organisations in the East.
-
Resulting in £89.9M of reported financial losses.
-
£52.5k was the average reported financial loss per report of cyber-enabled crime for organisations in the East.
-
69.3% of businesses were Limited companies, followed by PLCs and Charities (5.7%).
-
41.8% of reported cyber-enabled crime from organisations were Banking related, resulting in £15.5M in reported losses. 38.5% were for Consumer fraud, resulting in £71.5M in losses. 3.1% were for Investment fraud, resulting in £2.3M in losses.
-
The highest average reported financial loss per organisation in the East came from Consumer fraud, which stood at £109k.
Cyber crime statistics from the East Midlands
Let's take a look at the cyber crime stats for the East Midlands:
-
16.9k reports of cyber-enabled crime in the East Midlands.
-
Resulting in £60.7M of reported financial losses.
-
£3.6k was the average reported financial loss per report of cyber-enabled crime in the East Midlands overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 8.5k, which equated to 50.3% of all reports.
-
£25M of reported financial losses came directly from Investment fraud, equating to 41.3% of the total losses.
-
Investment fraud had the highest average reported financial loss per report at £20.9k.
Individuals
The cyber crime statistics for individuals were:
-
15.9k reports of cyber-enabled crime from individuals in the East Midlands.
-
Resulting in £51M of reported financial losses.
-
£3.2k was the average reported financial loss per report of cyber-enabled crime for individuals in the East Midlands.
-
51.4% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £14M in reported losses. 18% were for Advance Fee fraud, resulting in £5.4M in losses. 11.1% were for Banking fraud, resulting in £6.4M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £24.3M. Investment fraud accounted for 7.5% of all reports but 48.1% of reported financial losses, making it the highest average reported financial loss per individual at £20.4k.
-
The highest number of reports based on age in the East Midlands came from 20-29 year olds at 19.7%.
-
The highest financial losses came from 60-69 year olds at £11.5M (22.7%).
-
70-79 year olds had the highest average reported financial loss per report at £6.8k.
Organisations
For organisations, this was:
-
1k reports of cyber-enabled crime from organisations in the East Midlands.
-
Resulting in £10.1M of reported financial losses.
-
£9.4k was the average reported financial loss per report of cyber-enabled crime for organisations in the East Midlands.
-
69.9% of businesses were Limited companies, followed by PLCs (10.3%).
-
41.3% of reported cyber-enabled crime from organisations were Banking related, resulting in £6.2M in reported losses. 34.6% were for Consumer fraud, resulting in £2.6M in losses. 2.1% were for Investment fraud, resulting in £34M in losses.
-
The highest average reported financial loss per organisation in the East Midlands came from Public Sector fraud, which stood at £125k for 1 report.
Cyber crime statistics from the West Midlands
Let's take a look at the cyber crime stats for the West Midlands:
-
19.2k reports of cyber-enabled crime in the West Midlands.
-
Resulting in £81.5M of reported financial losses.
-
£4.2k was the average reported financial loss per report of cyber-enabled crime in the West Midlands overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 9.4k, which equated to 49% of all reports.
-
£30.3M of reported financial losses came directly from Investment fraud, equating to 37.2% of the total losses.
-
Public Sector fraud had the highest average reported financial loss per report at £22.3k.
Individuals
The cyber crime statistics for individuals were:
-
18.2k (94.6%) reports of cyber-enabled crime from individuals in the West Midlands.
-
Resulting in £67.6M (83%) of reported financial losses.
-
£3.7k was the average reported financial loss per report of cyber-enabled crime for individuals in the West Midlands.
-
49.4% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £15.4M in reported losses. 17.6% were for Advance Fee fraud, resulting in £5.8M in losses. 12.2% were for Banking fraud, resulting in £15.2M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £29.7M. Investment fraud accounted for 8.1% (1.5k) of all reports but 43.9% of reported financial losses, making it the highest average reported financial loss per individual at £20.2k.
-
The highest number of reports based on age in the West Midlands came from 20-29 year olds at 21.1%.
-
The highest financial losses came from 70-79 year olds, at £16.7M (24.7%).
-
90-99 year olds had the highest average reported financial loss per report at £28.2k (39 reports).
Organisations
For organisations, this was:
-
1k (5.4%) reports of cyber-enabled crime from organisations in the West Midlands.
-
Resulting in £13.8M (17%) of reported financial losses.
-
£13.2k was the average reported financial loss per report of cyber-enabled crime for organisations in the West Midlands.
-
69.7% of businesses were Limited companies.
-
41.6% of reported cyber-enabled crime from organisations were Consumer related, resulting in £4.9M in reported losses. 41.5% were for Banking fraud, resulting in £6.1M in losses. 14.4% were for Cyber Dependant fraud, resulting in £40k in losses.
-
The highest average reported financial loss per organisation in the West Midlands came from Corporate fraud, which stood at £316.6k.
Cyber crime statistics from Yorkshire & Humber
Let's take a look at the cyber crime stats for Yorkshire & Humber:
-
17.6k reports of cyber-enabled crime in Yorkshire & Humber.
-
Resulting in £61.9M of reported financial losses.
-
£3.5k was the average reported financial loss per report of cyber-enabled crime in Yorkshire & Humber overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 8.6k, which equated to 49.1% of all reports.
-
£26.5M of reported financial losses came directly from Investment fraud, equating to 42.8% of the total losses.
-
It had the highest average reported financial loss per report at £20.6k.
Individuals
The cyber crimes statistics for individuals were:
-
16.5k (94.1%) reports of cyber-enabled crime from individuals in Yorkshire & Humber.
-
Resulting in £49M (79.2%) of reported financial losses.
-
£2.9k was the average reported financial loss per report of cyber-enabled crime for individuals in Yorkshire & Humber.
-
49.6% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £13.4M in reported losses. 17.6% were for Advance Fee fraud, resulting in £4.8M in losses. 13.1% were for Banking fraud, resulting in £7.6M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £23.1M. Investment fraud accounted for 7.6% (1.2k) of all reports but 47.1% of reported financial losses, making it the highest average reported financial loss per individual at £18.5k.
-
The highest number of reports based on age in Yorkshire & Humber came from 20-29 year olds at 20.9%.
-
The highest financial losses came from 40-49 year olds, at £10M (20.4%).
-
90-99 year olds had the highest average reported financial loss per report at £8.8k (26 reports).
Organisations
For organisations, this was:
-
1k (5.9%) reports of cyber-enabled crime from organisations in Yorkshire & Humber.
-
Resulting in £12.8M (20.8%) of reported financial losses.
-
£12.3k was the average reported financial loss per report of cyber-enabled crime for organisations in Yorkshire & Humber.
-
67.4% of businesses were Limited companies.
-
48.9% of reported cyber-enabled crime from organisations were Consumer related, resulting in £3.2M in reported losses. 32.4% were for Banking fraud, resulting in £5.1M in losses. 13.6% were for Cyber Dependant fraud, resulting in £45.8k in losses.
-
The highest average reported financial loss per organisation in Yorkshire & Humber came from Investment fraud, which stood at £94.4k.
Cyber crime statistics from Scotland
Let's take a look at the cyber crime stats for Scotland:
-
4.7k reports of cyber-enabled crime in Scotland.
-
Resulting in £18.5M of reported financial losses.
-
£4k was the average reported financial loss per report of cyber-enabled crime in Scotland overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 2.7k, which equated to 59.1% of all reports.
-
£7M of reported financial losses came directly from Investment fraud, equating to 37.7% of the total losses.
-
This also had the highest average reported financial loss per report at £21.7k.
Individuals
The cyber crime statistics for individuals were:
-
3.8k (81.8%) reports of cyber-enabled crime from individuals in Scotland.
-
Resulting in £9.3M (50.2%) of reported financial losses.
-
£2.4k was the average reported financial loss per report of cyber-enabled crime for individuals in Scotland.
-
69% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £2.6M in reported losses. 11.1% were for Advance Fee fraud, resulting in £740k in losses. 8% were for Investment fraud, resulting in £4.9M in losses.
-
Investment fraud was also the highest reported financial loss for individuals. It accounted for 8% (306k) of all reports but 52.6% of reported financial losses, making it the highest average reported financial loss per individual at £16k.
-
The highest number of reports based on age in Scotland came from 20-29 year olds at 24.4%.
-
The highest financial losses came from 50-59 year olds, at £3.4M (36.5%).
-
90-99 year olds had the highest average reported financial loss per report at £8.7k (4 reports).
Organisations
For organisations, this was:
-
848 (18.2%) reports of cyber-enabled crime from organisations in Scotland.
-
Resulting in £9.2M (49.8%) of reported financial losses.
-
£10.9k was the average reported financial loss per report of cyber-enabled crime for organisations in Scotland.
-
44.9% of businesses were listed as Other, followed by PLCs (30.9%).
-
44% of reported cyber-enabled crime from organisations were Public Sector related, resulting in £250 in reported losses. 36.7% were for Banking fraud, resulting in £5.9M in losses. 13.6% were for Consumer fraud, resulting in £1.2M in losses.
-
The highest average reported financial loss per organisation in Scotland came from Investment fraud, which stood at £131k.
Cyber crime statistics from Wales
Let's take a look at the cyber crime stats for Wales:
-
7.6k reports of cyber-enabled crime in Wales.
-
Resulting in £24.6M of reported financial losses.
-
£3.2k was the average reported financial loss per report of cyber-enabled crime in Wales overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 3.9k, which equated to 51.5% of all reports.
-
£11M of reported financial losses came directly from Investment fraud, equating to 44.9% of the total losses.
-
This also had the highest average reported financial loss per report at £20.9k.
Individuals
The cyber crime statistics for individuals were:
-
7.2k (95%) reports of cyber-enabled crime from individuals in Wales.
-
Resulting in £21.2M (86.3%) of reported financial losses.
-
£2.9k was the average reported financial loss per report of cyber-enabled crime for individuals in Wales.
-
52.2% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £5.2M in reported losses. 16.2% were for Advance Fee fraud, resulting in £1.9M in losses. 12.7% were for Banking fraud, resulting in £3M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £11M. Investment fraud accounted for 7.3% (526) of all reports but 51.8% of reported financial losses, making it the highest average reported financial loss per individual at £20.9k.
-
The highest number of reports based on age in Wales came from 30-39 year olds at 19.5%.
-
The highest financial losses came from 50-59 year olds, at £4.3M (20.3%).
-
90-99 year olds had the highest average reported financial loss per report at £25.8k (12 reports).
Organisations
For organisations, this was:
-
377 (5%) reports of cyber-enabled crime from organisations in Wales.
-
Resulting in £3.4M (13.7%) of reported financial losses.
-
£8.9k was the average reported financial loss per report of cyber-enabled crime for organisations in Wales.
-
59.2% of businesses were Limited companies.
-
47.4% of reported cyber-enabled crime from organisations were Consumer related, resulting in £1.3M in reported losses. 35.8% were for Banking fraud, resulting in £2M in losses. 3.2% were for Public Sector fraud, resulting in £23.8k in losses.
-
The highest average reported financial loss per organisation in Wales came from Investment fraud, which stood at £26.1k.
Cyber crime statistics from in Northern Ireland
Let's take a look at the stats for Northern Ireland:
-
3.6k reports of cyber-enabled crime in Northern Ireland.
-
Resulting in £13.8M of reported financial losses.
-
£3.8k was the average reported financial loss per report of cyber-enabled crime in Northern Ireland overall.
-
Consumer fraud had the highest reports of cyber-enabled crime at 2k, which equated to 54.9% of all reports.
-
£6.4M of reported financial losses came directly from Investment fraud, equating to 46.3% of the total losses.
-
It also had the highest average reported financial loss per report at £20.7k.
Individuals
The cyber crime statistics for individuals were:
-
3.4k (94.6%) reports of cyber-enabled crime from individuals in Northern Ireland.
-
Resulting in £12M (87.2%) of reported financial losses.
-
£3.5k was the average reported financial loss per report of cyber-enabled crime for individuals in Northern Ireland.
-
56.6% of reported cyber-enabled crime from individuals came from Consumer fraud, resulting in £3.3M in reported losses. 15.1% were for Advance Fee fraud, resulting in £1.1M in losses. 10% were for Banking fraud, resulting in £1.1M in losses.
-
Highest reported financial loss for individuals came from Investment fraud at £6.2M. Investment fraud accounted for 9% (307) of all reports but 51.4% of reported financial losses, making it the highest average reported financial loss per individual at £20.1k.
-
The highest number of reports based on age in Northern Ireland came from 20-29 year olds at 20.5%.
-
The highest financial losses came from 50-59 year olds, at £3.3M (27.3%).
-
70-79 year olds had the highest average reported financial loss per report at £7.1k (210 reports).
Organisations
For organisations, this was:
-
194 (5.4%) reports of cyber-enabled crime from organisations in Northern Ireland.
-
Resulting in £1.8M (12.8%) of reported financial losses.
-
£9k was the average reported financial loss per report of cyber-enabled crime for organisations in Northern Ireland.
-
58.8% of businesses were Limited companies.
-
52.1% of reported cyber-enabled crime from organisations were Banking related, resulting in £1.1M in reported losses. 25.8% were for Consumer fraud, resulting in £20.5M in losses. 1.5% were for Corporate fraud, resulting in £302k in losses.
-
The highest average reported financial loss per organisation in Northern Ireland came from Investment fraud, which stood at £205k.
About the data
Based on a rolling 12 months of data from Action Fraud.
The data is extracted from the NFIB Fraud and Cyber Crime dashboard.
Only 'cyber-enabled' fraud and cyber crime offences amounting to a crime under the Home Office Crime Recording rules are included.
Cyber-enabled crimes are traditional crimes, which can be increased in their scale or reach by use of computers, computer networks or other forms of IT.
Information reports and crimes reported directly from partner agencies and industry are not included at this time and will account for differences to Office for National Statistics figures for fraud offences in the same period.
For more information relating to different types of fraud and cyber crime please see the Action Fraud and NFIB A-Z of fraud section on the Action Fraud website.
Limitations
Data is based on victim selection during the reporting process and this has not been verified.
Losses are based on loss amounts as reported in Action Fraud recorded crimes and these have not been verified. Where possible, efforts have been made to review losses reported in excess of £500k but further investigation may be required to determine if loss amounts are a true reflection of the financial impact of the reported crime.
Extreme outliers have been removed to limit data skew.
Region breakdown
Data from the regions is produced from the following police forces:
-
London: City of London, Metropolitan
-
South East: Hampshire, Surrey, Sussex, Thames Valley
-
South West: Avon & Somerset, Devon & Cornwall, Dorset, Gloucestershire, Wilshire
-
North West: Cheshire, Cumbria, Greater Manchester, Lancashire, Merseyside, North Wales
-
North East: Cleveland, Durham, Northumbria
-
East: Bedfordshire, Cambridgeshire, Essex, Hertfordshire, Kent, Norfolk, Suffolk
-
East Midlands: Derbyshire, Leicestershire, Lincolnshire, Northamptonshire, Nottinghamshire
-
West Midlands: Staffordshire, Warwickshire, West Mercia, West Midlands
-
Yorkshire & Humber: Humberside, North Yorkshire, South Yorkshire, West Yorkshire
-
Scotland: Police Scotland
-
Wales: Dyfed Powys, Gwent, South Wales
-
Northern Ireland: PSNI
Data where the region was Unknown has not been included. Guernsey, Jersey, and the Isle of Man have not been included in the data.
Cyber crime trends in 2023
Rise of AI for cyber attacks
Artificial Intelligence (AI) is increasingly being utilised in cyber attacks, making them more sophisticated and harder to detect.
AI-driven algorithms can analyse vast amounts of data quickly to identify vulnerabilities, automate tasks like password cracking, and even adapt to counter-measures in real-time to advance cyber attacks.
It poses a particular threat in the realms of social engineering and phishing attacks, where AI can produce incredibly convincing fake profiles or communications.
For businesses, this means that traditional security measures may not be sufficient, and there's a growing need for AI-driven security solutions to counter AI-driven attacks.
Evergreen Phishing
Evergreen phishing refers to the types of phishing attacks that are continually effective cyber attacks and thus are reused in various forms over time.
Classic examples of this type of phishing attack includes fake bank emails, prize winnings, or tax scams.
The enduring nature of these phishing attacks makes them a consistent cyber threat that businesses must continuously educate their employees about.
Cyber criminals often add new twists to these evergreen techniques, making them more convincing or harder to detect, so cyber security awareness and training need to be ongoing.
Ransomware-as-a-Service (RaaS)
The RaaS model has commercialised ransomware attacks, making it easier for individuals with little to no hacking skills to carry out sophisticated ransomware attacks.
Essentially, it allows people to buy ransomware tools and services on the dark web, thereby democratising the ability to execute ransomware attacks.
This business model has the potential to increase the scale and frequency of ransomware attacks, affecting not just large organisations but also SMEs who may not have the resources for robust cyber security measures.
Â
Frequently Asked Questions (FAQs)
- What is Action Fraud?
- What is the National Fraud Intelligence Bureau (NFIB)?
- What is cyber crime?
- How much does cyber crime cost the UK?
- Why are cyber crimes increasing?
- Who are affected by cyber crimes?
- How often does cyber crime occur?
- What is eavesdropping in cyber crime?
- What are the common types of cyber crime?
Â
What is Action Fraud?
Action Fraud is the UK’s national reporting centre for fraud and cyber crime where individuals or organisations report fraud if they have been scammed, defrauded or experienced cyber crime in England, Wales and Northern Ireland.
The centre is run by the City of London Police working alongside the National Fraud Intelligence Bureau (NFIB) who are responsible for assessment of the reports and to ensure that the fraud reports reach the right place. The City of London Police is the national policing lead for economic crime.
What is the National Fraud Intelligence Bureau (NFIB)?
The National Fraud Intelligence Bureau (NFIB) sits alongside Action Fraud within the City of London Police, which is the National policing lead for economic crime.
The NFIB gets it data through three main channels:
-
Reports from individuals and small businesses (coming either directly or via a police force) made to Action Fraud on the phone or online.
-
Fraud data from industry and the public sector which includes banking, insurance, telecommunications and government departments.
-
A variety of intelligence sources including, but not limited to, national and international police crime/intelligence systems.
What is cyber crime?
Cyber crime refers to criminal activities that are carried out using computers, networks, or the internet. It involves illegal actions in the digital realm that aim to exploit individuals, organisations, or computer systems for financial gain, malicious intent, or disruption.
In simpler terms, cyber crime is like a digital version of traditional crime, where criminals leverage technology and the interconnectedness of our digital world to commit unlawful acts.
These acts can include:
-
Hacking into computer systems to steal sensitive information
-
Conducting online fraud or scams
-
Spreading malware or viruses
-
Identity theft
-
Cyberbullying
-
Launching large-scale cyber attacks on businesses or governments
Cyber crime poses significant risks as it can lead to financial loss, data breaches, reputational damage, and disruption of critical services.
It affects individuals, businesses, and society as a whole.
To combat cyber crime, it is essential to have robust cyber security measures in place, stay informed about emerging cyber threats, and adopt safe online practices to protect one's digital assets.
Additionally, law enforcement agencies, governments, and international organisations work together to investigate and prosecute cyber criminals, aiming to maintain a safe and secure digital environment for everyone.
How much does cyber crime cost the UK?
Business
According to the UK Government, the estimated economic cost of cyber crime to UK businesses is £21bn per annum.
This estimate includes:
-
£9.2bn per annum from IP theft, which is likely to have the largest impact on companies that create significant quantities of IP or those whose IP is relatively easy to exploit
-
£7.6bn per annum from industrial espionage (involving the theft and exploitation of non IP-related data), which affects companies involved in open-tendering competitions, that rely on large numbers of financial transactions or that are affected (or can be affected) by large share price movements
-
£2.2bn per annum from extortion, with large companies being targeted (Estimates are largely illustrative because it's believe this type of cyber crime goes largely unreported)
-
£1.3bn per annum from direct online theft, with cyber criminals targeting support services, financial services, the construction and materials industry, and the not-for-profit sector
-
£1bn per annum from the loss or theft of customer data, with the significant majority of the impact falling on large companies with more than 500 employees.
Many UK businesses are investing in stronger physical security, such as:
-
Segregated networks
-
Advanced intruder detection hardware
-
Training initiatives to increase their employees’ awareness
Individuals
It is estimated that the economic cost of cyber crime to UK individuals is £3.1bn per annum.
This estimate includes:
-
£1.7bn per annum for identity theft
-
£1.4bn per annum for online scams
-
£30m per annum for scareware and fake anti-virus software.
Individuals can help themselves to reduce the impact of cyber crime by ensuring that they take a number of sensible precautions to stay safe online, such as:
-
Installing a firewall
-
Regularly patching or updating software applications
-
Using legitimate anti-virus software.
They could also take out specialist insurance to protect against the impact of identity theft.
No defences are fool proof, though, and even well-prepared individuals may suffer a range of costs as a consequence of and in responding to cyber crime.
The prevalence of these types of cyber crimes means that their aggregate effect is detrimental to the UK economy.
Furthermore, this could create additional knock-on effects.
For example:
A loss of confidence in services such as online banking.
Why are cyber crimes increasing?
Cyber crimes are increasing due to:
-
Digital dependency
-
Financial incentives
-
Evolving techniques
-
Global operations
-
Lack of awareness
-
Rapid technological advancements.
These factors expand the target pool, attract criminals with financial gains, enable sophisticated attacks, complicate investigations, exploit vulnerabilities, and outpace security measures.
Mitigation requires awareness, cybersecurity measures, cooperation, and technological advancements.
Who are affected by cyber crimes?
Cyber crimes affect a wide range of individuals, organisations, and entities, including:
Individuals
Cyber crime can directly impact individuals through various forms of online fraud, identity theft, phishing attacks, cyber bullying, and other malicious activities.
Personal data breaches can lead to financial loss, damage to reputation, emotional distress, and invasion of privacy.
Businesses
Small, medium, and large businesses are all potential targets of cybercrime.
Data breaches, ransomware attacks, intellectual property theft, and business email compromise can result in financial losses, disruption of operations, compromised customer data, and harm to brand reputation.
Cyber crimes can particularly impact industries handling sensitive information like healthcare, finance, and e-commerce.
Governments
Cyber crime poses a significant threat to government agencies and public institutions.
State-sponsored cyber attacks, hacking attempts on critical infrastructure, espionage, and information warfare can undermine national security, compromise sensitive data, and disrupt essential services.
Charities
Charities are not immune to cyber threats.
They can be targeted for financial gain, activism purposes, or to compromise their operations.
Cyber attacks on non-profits can lead to financial loss, reputational damage, and hinder their ability to carry out their mission effectively.
Critical infrastructure
Cyber attacks on critical infrastructure, including power grids, transportation systems, and healthcare facilities, are some of the most severe cyber crimes. They can have severe consequences.
Disruption or manipulation of these systems can cause widespread chaos, jeopardise public safety, and impact essential services upon which society relies.
Society at large
Cyber crime impacts society as a whole by eroding trust in online platforms, compromising privacy, and creating a sense of vulnerability.
The financial burden of cyber crimes, including the costs of prevention, recovery, and legal proceedings, ultimately affects individuals and businesses, contributing to economic implications on a broader scale.
Addressing cyber crime requires collective efforts from individuals, organisations, governments, and law enforcement agencies to enhance cyber security measures, raise awareness, and develop strategies to combat cyber threats effectively.
How often does cyber crime occur?
Cyber crime occurs on a constant and pervasive basis in today's digital landscape.
The frequency of cyber crime incidents can vary widely, and it is challenging to provide an exact figure due to the vast number of unreported or undetected incidents.
However, the following points provide insights into the prevalence of cyber crime:
Global reach
Cyber crime has a global reach and affects individuals, businesses, and organisations across the world.
It knows no borders or time zones, and cyber criminals can target victims from anywhere.
Growing numbers
The number of reported cyber crime incidents continues to rise year after year.
This includes various forms of attacks such as:
-
Data breaches
-
Phishing attacks
-
Ransomware attacks
-
Identity theft
-
Online fraud.
Underreporting
It is important to note that many cyber crime incidents go unreported.
Victims may hesitate to report due to factors such as concerns about reputation damage, lack of awareness, or limited confidence in law enforcement's ability to address the issue effectively.
This further complicates the accurate measurement of the true extent of cyber crime occurrence.
Evolving tactics
Cyber criminals constantly evolve their tactics and exploit emerging technologies and vulnerabilities.
As technology advances, new attack vectors are discovered and exploited, leading to an ongoing cat-and-mouse game between cyber criminals and cyber security professionals.
Industry-specific trends
Certain industries, such as finance, healthcare, and e-commerce, tend to be frequent targets of cyber crime due to the potential for financial gain or the value of sensitive data they possess.
However, cyber criminals can target any industry or individual, depending on their motivations.
To effectively combat cyber crime, it is essential for individuals, organisations, and governments to remain vigilant, implement robust cyber security measures, and stay informed about the latest threats.
Collaboration, information sharing, and continuous advancements in cyber security technologies are crucial in the ongoing battle against cyber criminals.
What is eavesdropping in cyber crime?
In the context of cyber crime, eavesdropping refers to the unauthorised interception and monitoring of electronic communications or data transmissions. It involves the covert act of listening in on private or confidential conversations, either in real-time or by accessing stored data.
Eavesdropping can take place in various forms, including:
-
Network Eavesdropping: Cyber criminals can intercept and monitor network traffic, such as emails, instant messages, or Voice-over-IP (VoIP) calls, by gaining unauthorised access to network infrastructure or utilising specialised tools. They can capture and analyse the data transmitted over the network, potentially accessing sensitive information or confidential communications.
-
Wi-Fi Eavesdropping: Public Wi-Fi networks, which are often unsecured or improperly configured, can be exploited by cyber criminals for eavesdropping. By intercepting the wireless signals, they can monitor the communications of unsuspecting users, capturing usernames, passwords, or other confidential information.
-
Malware-based Eavesdropping: Malicious software, such as keyloggers or spyware, can be deployed on a victim's device to record keystrokes, capture screenshots, or secretly activate the microphone or camera. This allows cyber criminals to gather sensitive information or eavesdrop on conversations without the user's knowledge.
The primary objective of eavesdropping in cyber crime is to gather valuable information for various malicious purposes, including identity theft, corporate espionage, financial fraud, or blackmail.
Eavesdropping attacks can compromise privacy, confidentiality, and the security of individuals, organisations, and even governments.
To protect against eavesdropping, individuals and organisations should employ encryption technologies, such as using secure communication protocols (e.g., HTTPS, VPN), utilizing end-to-end encryption for messaging apps, and being cautious when connecting to public Wi-Fi networks.
Regularly updating and patching software, using robust anti-virus and anti-malware solutions, and practicing safe browsing habits also contribute to reducing the risk of eavesdropping attacks.
What are the common types of cyber crime?
Phishing Attacks
Phishing attacks involve sending fraudulent emails that appear to come from legitimate sources. The goal is to trick the recipient into revealing sensitive information like passwords or credit card numbers.
Ransomware Attacks
Ransomware attacks involve encrypting a victim's files and demanding payment for their release. Increasingly, ransomware attacks also include threats to leak sensitive data, if the ransom is not paid.
Identity Fraud
Identity fraud involves cyber criminals gather personal information through various means, like hacking or phishing attacks, to impersonate an individual and commit fraud, such as opening new accounts or making purchases.
DDoS Attacks (Distributed Denial of Service)
In a DDoS attack, a large number of compromised computers are used to flood a target website with traffic, making it inaccessible to legitimate users.
Malware
This is any software specifically designed to harm or exploit computer systems, including viruses, worms, and Trojans.
SQL Injection
This involves inserting malicious SQL code into a website or database, enabling the attacker to view, edit, or delete content.
Man-in-the-Middle Attacks
Here, the attacker intercepts communications between two parties to eavesdrop or impersonate one of the parties, usually to gain sensitive information.
Social Engineering
This involves manipulating people into divulging confidential information. Unlike phishing attacks, social engineering can occur in person or over the phone, as well as online.
Credential Stuffing
Attackers use stolen usernames and passwords to gain unauthorised access to multiple accounts, relying on the fact that people often reuse the same login details across different platforms.
Cyberstalking
This involves tracking someone's online activities and/or real-life movements, often involving harassment and intimidation.
Zero-Day Exploits
These are attacks that target unpatched vulnerabilities in software. Because the vendor has not yet issued a patch, the software remains vulnerable to exploitation.
Final thoughts
The comprehensive cyber crime statistics from across the UK paint a clear picture:
Cyber-enabled crime is a widespread and evolving threat, impacting individuals and organisations alike.
The staggering financial losses reported, especially in cases of consumer, banking, and investment fraud, underline the depth and severity of this issue.
Notably, the impact of these crimes varies significantly across different regions and demographics, suggesting a need for targeted prevention and education strategies.
For organisations, particularly SMEs, the threat is significant, with substantial losses indicating the importance of robust cyber security measures.
Alarming trends, such as the rise of AI-driven cyber attacks and the prevalence of Ransomware-as-a-Service, demonstrate the sophistication of modern cyber threats. These evolving techniques challenge traditional security measures, necessitating advanced and adaptive responses.
However, a decline in prioritisation of cyber security, especially among smaller businesses, alongside a reduction in basic cyber hygiene practices, raises concerns. This decrease in vigilance may lead to increased vulnerabilities and a higher likelihood of successful attacks.
In conclusion, these statistics and trends strongly advocate for a proactive approach to cyber security.
It is imperative for both individuals and businesses to stay vigilant, adopt robust security measures, and continuously educate themselves to navigate the ever-changing landscape of cyber crime effectively.
Â
We really hope you enjoyed our report on the latest cyber crime statistics in the UK. We plan to update them every quarter, so feel free to come back for more 😊Â
Now we’d like to hear from you:
Do you have any further questions about Cyber Security?
Perhaps you are considering it at the moment for your business?
Either way, let us know your thoughts.
Â
Sources:
National Crime Agency
Action Fraud
NFIB Fraud and Cyber Crime Dashboard
NCSC
UK Gov
Surf Shark
Money.co.uk
Back to the blog.