What Is Cybercrime? | Digital Privacy

Definition of Cybercrime

Cybercrime is any criminal act that involves a laptop, tablet, or other internet-connected device and the internet. When you think of cybercrime, you might imagine a hacker sitting hunched over a computer in a dark room, but “hacking” is a broad term and only a single aspect of cybercrime.

Among the most common types of cybercrime is identity theft, wherein criminals use various means to steal personal information, such as a Social Security or credit card number, and use those credentials to make purchases or to open accounts. The goal is to extract as much value from the stolen credentials as possible before the owner notices, leaving the victim with the bill – and serious damage to their credit.

Although cybercrimes often involve hacking, criminals employ many other methods to commit fraud. For example, phishing can be used to coerce unsuspecting victims into handing over personal information voluntarily. Malicious software can be surreptitiously installed on someone’s device to harvest personal information and passwords. Bolder and more daring cybercriminals may even deploy ransomware, taking control of an individual’s or company’s devices and demanding a ransom.

Below, we provide more details about various types of cybercrime.

Types of Cybercrime

There are many different types of cybercrimes and cybercriminals. Just as varied are the methods these criminals employ, from outright hacking to social engineering, phishing, and malicious software. To harden yourself against these threats, you must first learn about the basic types of cybercrime.

Malware Installation

Malware is among the most common tools used by cybercriminals. It involves the surreptitious installation of malicious software on the victim’s device, ideally without detection. There are many types of malware, from remote access Trojans that give the hacker control of a device to ransomware that allows a cybercriminal to hold a device hostage until money (a “ransom”) is paid.

Identity Theft

Another common type of cybercrime is identity theft. With someone’s personal information stolen from a hacked bank or social media account or another online source, a hacker can open new financial accounts in the person’s name and max them out before the victim notices anything suspicious on a credit report. This type of fraud is prevalent enough that there are identity theft protection services dedicated to countering it. Note that not all identity theft is cybercrime. For example, some identity thieves obtain a person’s information simply by stealing their physical mail.

cyber bullying

Cyberbullying – bullying that takes place using digital devices – inhabits a legal gray area but can fall under the definition of cybercrime. Many US states include cyberbullying in their school bullying reporting laws. Cyberbullying may involve harassment and stalking, which are illegal in certain jurisdictions. Criminals can also employ cyberbullying for the purpose of extracting information or money from their target.

Compromised Email

Your online accounts are almost all tied to an email address, and cybercriminals can do a lot with unfettered access to your inbox. A thief might read your emails without detection, farming messages for personal information. Alternatively, a hacker might change the password and lock you out of your inbox to gain access to accounts tied to that email.


Identity theft need not involve hacking. Criminals also use social engineering methods such as phishing to trick people into handing over information voluntarily. In a phishing attack, a criminal typically sends a text or email that “spoofs” an email address and/or website of the victim’s financial institution and asks the victim to verify their credentials. If the victim clicks on a link in the email, instead of communicating with the financial institution, they’re actually communicating with the attacker. Many victims unwittingly hand their information to fraudsters in this way, only realizing their mistake too late.

DDoS attacks

A DDoS attack is a malicious attempt to shut down a website or service by flooding it with traffic, making it partially or wholly inaccessible. Cybercriminals use DDoS attacks for extortion, revenge, or even political purposes. Although DDoS attacks are mainly a threat to website owners and companies, your devices can become part of a DDoS botnet via malware.


Cyberextortion is the act of coercing a victim into handing over funds or personal information through online means. Installing ransomware on a victim’s device or network is one notable method of cyberextortion. DDoS attacks can also be used in an attempt to extort money.

How To Protect Yourself From Cybercrime

In a recent interview with US News & World Report, Bruce Schneier, Chief of Security Architecture at Inrupt, Inc. and Harvard Kennedy School fellow, gave this advice: “Make sure you install your patches. Have an antivirus program. Have a good backup. And the fourth is – you need to have a good bullshit detector. … When you get something sketchy in an email, don’t click on the link!”

There is a never-ending arms race between cybercriminals and security professionals. In fact, the proliferation of malicious “black hat” hackers has given rise to “white hat” hackers who help companies and individuals protect themselves against online threats. You don’t have to learn to code to protect yourself from cybercrime, however. Instead, take the following steps.

Use good antivirus software

You’re probably aware of antivirus software, but, “antivirus” is a misnomer. Today, malware includes more than just viruses. The best antivirus software protects against an equally wide range of threats, detecting and blocking Trojans, rootkits, ransomware, spyware, and even malicious websites. In other words, antivirus software stops malware in its tracks before it does serious damage.

Use an identity theft protection service

The prevalence of identity fraud has gone hand-in-hand with the growth of identity theft protection services. These actively monitor your credit reports and scour the web for your personal information, alerting you to any attempts to use your credentials for fraudulent purposes or if your data appears where it shouldn’t be, such as on darknet websites.

Set strong passwords

Sometimes, all a hacker has to do to take control of an account is to guess your password. Too many people use simple, easy-to-guess passwords, and use the same few passwords for every account. Cybercriminals take full advantage of this using brute-force methods to guess passwords, often in a short period of time. Use strong, varied passwords and the best password managers to keep them organized and secure.

Schneier also advised, “Don’t write your passwords down. I think that’s a dumb piece of advice. … Get a password manager.”

Use two-factor authentication

Apps and websites increasingly offer two-factor authentication. When a new login to your account is detected, such as from an unrecognized device, a one-time password is sent to your email or phone. This added layer of security alerts you when someone who isn’t you is trying to access one of your accounts.

Review your credit report and bank statements

Even if you’re already using an identity theft protection and/or credit monitoring service, you should regularly check your credit report and financial statements yourself. Review any and all activity, make sure that nothing looks suspicious, and immediately report anything that does.

Update your software and operating system

Always keep operating systems and other software up to date, and don’t ignore update prompts. These security patches include important malware protection updates. Out-of-date software is far more vulnerable to the latest tactics and tools employed by those involved in computer crime.

Don’t click on links or open attachments from unknown senders

Hacking often requires the victim to unwittingly download malware or supply personal information themselves. This is usually done through malicious websites and emails disguised to appear as if they’re from a trusted source, such as a bank. Don’t click links, download anything, or open attachments in emails or texts that you aren’t 100% sure are from someone you know and trust.

How To Recognize and Report a Cybercrime

In combating cybercrime, early detection is key. Antivirus software, identity protection services, and credit monitoring companies are important tools for sniffing out malware and thwarting identity theft.

You also need to be vigilant. Regularly review your credit and financial statements to detect fraudulent activity early. Cybercriminals may use small transactions to test stolen credentials and ensure they’re valid before “cash out” with a spending spree. Review all transactions, no matter how small, and report anything suspicious to your financial institution immediately. A bank or credit card company will usually replace the payment method in question with a new one and may perform an investigation depending on the size and nature of the unauthorized activity.

Also, learn to recognize suspicious emails and websites. Many antimalware apps can detect this, but your own eyes are useful. Suspicious emails or websites often have something “off” about them – unfamiliar email addresses or website URLs, for instance, or odd typos. These are giveaways that you’re dealing with phishing or malware.

Learn More

Guides From 360 Reviews

You may be interested in our guides to these tech products:

Why You Can Trust Us

At US News & World Report, we rank the Best Hospitals, Best Colleges, and Best Cars to guide readers through some of life’s most complicated decisions. Our 360 Reviews team draws on this same unbiased approach to rate tech products that you use every day. The team doesn’t keep samples, gifts, or loans of products or services we review. In addition, we maintain a separate business team that has no influence over our methodology or recommendations.


Leave a Comment