Cybercrime and Identity Theft Statistics (2023 Edition)

Last modified: March 5, 2023

Identity theft is a growing concern on the Internet; from email scams to phishing attacks, take a look at what the latest identity theft statistics have to say.

At this time, we can safely assume that mankind has entered the era of technology. While IT helps fix many of our problems, in a cheap and efficient manner, it has also brought with it numerous security challenges; the flourishing cybercrime market for one. Consequently, we’ve all heard about various identity theft statistics for instance, and that the prevalence of cybercrime is only getting bigger.

To put things into perspective, cybercrime refers to all forms of illegal activity that involve the use of a computer, or network. Generally speaking, cybercrime does not cause real-life damage, yet it is known for how easily it can make millions of dollars disappear, causing psychological trauma to those unlucky individuals as a result. In fact, the tech market is filled with numerous cybercrime tools and techniques.

The purpose of this article is to paint a clearer picture of the identity theft and cybercrime market, by highlighting cybersecurity risks, relevant events, data concerning identity theft, identity scams, cybercrime stats, along with prevention tips.

Five Must-Know Identity Theft Statistics in 2020 (Editor’s Pick)

  • Identity theft is generally carried out to help thieves accomplish the following crimes: tax fraud, employment fraud, credit card fraud, utility fraud, bank fraud, lending fraud, and government benefits fraud.
  • Michigan represents the US state with the highest number of identity theft complaints.
  • 1 in 4 victims of identity theft are aged 60 and older, according to the US Insurance Information Institute.
  • Victims of identity theft are 43% more likely to live in an affluent suburb and 73% more likely to hold an advanced educational degree.
  • 978 million people from 20 nations were directly affected by cybercrime during 2017.

Identity Theft Statistics 2020

1. In the first 6 months of 2020, the ITRC traced around 540 breaches that affected almost 164 million people. This number was lower than in 2019 when 811 breach cases were tracked out of which 490 million people were affected. 

2. In the first half of 2020, external threats accumulated to 404 – slightly lower than in 2019’s, recording 588 cases. Threats that were internal and emerged from employees totaled 83 in 2020 in contrast to the 126 threats in 2019. There were 53 threats from third-party contractors, paralleled to 89 in 2019. 

3.As per the Identity Theft Resource Center, the COVID-19 pandemic and the increase in people working remotely may be a significant factor in the decline in breaches as workers have less access to personally identifiable information (PII). 

Businesses are particularly vigilant about identity theft. People are still defenseless though because identity thieves are utilizing billions of personally identifiable information that was stolen over the past 5 years to commit various fraudulent acts. 

4. How many identities are stolen each year? According to the Federal Trade Commission (FTC), every year, around 9 million US citizens have their identities stolen. 

5. Are identity thieves ever caught? Identity theft statistics for 2020 are not available yet; however, 2006 research showed that federal authorities arrest only 0.14% of the criminals (one person in 700 identity theft suspects). 

In contrast, nearly 45% of violent crime and 16% of property crime suspects were arrested. It wouldn’t be entirely wrong to say that identity thieves are more likely to walk away from their crimes.

Most Common Identity Fraud and Theft Complaints

A 2018 survey, carried out by The Harris Poll, has determined that up to 60 million Americans have experienced the consequences of identity theft, whereas it is believed that roughly 15 million Americans were affected during 2017 alone. Research organizations have piled up the available data to help determine the most common types of identity theft, in terms of crimes being committed.

6. Identity theft-based tax fraud and employment

This category is currently regarded as the most common ID theft complaint. In this instance, criminals work by stealing the Social Security number alongside other types of information, in an attempt to be employed by a specific company. It’s slightly less dangerous when compared to other types of identity scams, given that its main purpose is employment, rather than stealing money. The same category also includes tax fraud, which is slightly more dangerous, given that criminals use other people’s personal data in order to file income tax returns, thus gaining a monetary advantage in this instance. Roughly 34% of identity theft and fraud complaints are exclusive to this category, according to the FTC identity theft reports.

7. Credit card fraud

While slightly less common when compared to the first complaint, credit card fraud is also prevalent throughout the United States and it represents 33% of all identity theft and fraud complaints at this point in time. With this in mind, in the case of credit card fraud, criminals use the personal information of others in order to either use a credit card that does not belong to them or to get a new credit card entirely. The cards are then used to make fraudulent payments, thus explaining why credit card fraud is classed as a financial crime by FTC stats.

8. Utilities and phone-line fraud

Another common complaint concerning identity theft is directly linked to using another person’s personal data in order to open utility and telecom accounts. By doing this, the fraudster gets access to free memberships for public utilities, since the actual invoices will be sent to the owner of the personal data used fraudulently. Up to 13% of ID theft cases lead to such complaints.

9. Bank fraud

Bank fraud is also fairly common. In this instance, the criminal leverages the personal data of another person in order to open new bank accounts and credit lines or even to seize control of a person’s account entirely. This is also a financial crime since it allows criminals to gain access to money that belongs to someone else. Identity theft statistics show that 12% of complaints on identity theft concern bank fraud.

10.  Leasing and lending frauds

This identity theft-related complaint is also fairly common, as more and more criminals actively attempt to use the personal data of other people, for the purpose of obtaining loans and leases. The benefit for the criminal is that they won’t have to pay back the debt, or the interest associated with it. Rather, the victim will be contacted for debt repayment. At this time, it is estimated that 7% of ID theft complaints are linked to leasing and lending fraud.

11. Obtaining government benefits through identity theft

Last but not least, numerous criminals use identity theft in order to unlock a variety of government benefits. The content of these benefits depends on what the criminal is looking for in particular. Roughly 7% of complaints regarding this practice, which is considerably less common when compared to employment and tax fraud.

Source: LifeLock

ID Theft and Fraud by State

At this moment in time, sources point out that roughly 158 million social security numbers have been exposed during 2017, due to data breaches. The actual number of exposed SSNs is likely much higher if we take other forms of exposure into account as well. Here are some statistics meant to better outline how prevalent this practice is at the state-level in the US.

12. States with the highest rate of identity theft complaints

A recent study, carried out in 2017, has concluded that Michigan represents the US state with the highest number of complaints. Since then, the rates have stayed roughly the same. With this in mind, there are 151 complaints per 100,000 people, and a total of 15K complaints have been made during 2017, as indicated by identity theft statistics.

Some of the other states with large scale identity theft practices include, in descending order: Florida, California, Maryland, Nevada, Delaware, Illinois, Rhode Island, Georgia, and Arizona.

13. States with the lowest rate of identity theft complaints

On the other side of the spectrum, we have states such as South Dakota where only 46 cases of identity theft are detected per 100,000 individuals yearly. To put things into perspective, only 403 cases were reported during 2017, according to the latest identity theft facts.

Some of the other states with low identity theft numbers include West Virginia, Vermont, Iowa, Maine, Montana, Nebraska, North Dakota, Hawaii, Wisconsin, and Alaska. An interesting factor worth pointing out, in this case, is that these are states with lower population density — thus, it is somewhat understandable why identity theft is less prevalent here.

14. States with the highest rate of fraud complaints

Fraud represents yet another way for criminals to get their hands on money, rights, and documents. Over the last couple of years, fraud has remained fairly prevalent throughout the United States. For instance, reports indicate that roughly 1.1 million fraud complaints were made during 2016, according to the FTC fraud report.

With this in mind, Florida represents the state known for the most fraud complaint reports. There, 993/100,000 people are affected by fraud on a yearly basis. Estimates showcase that 208,443 individuals made fraud-related complaints to the relevant authorities during the same year.

Other states known for the high prevalence of fraud include Georgia, Nevada, Delaware, Michigan, Texas, Maryland, Alabama, South Carolina, and Tennessee, in descending order, as indicated by fraud and identity theft statistics.

15. States with the lowest rate of fraud complaints

On the other hand, we have states where fraud affects fewer people and where considerably fewer complaints are made on a yearly basis. As such, fraud is least common in North Dakota, where only 277/100,000 people are affected by fraud — a total of 2,090 complaints have been made during 2017.

Some of the other states known for a low incidence of fraud include South Dakota, Iowa, Vermont, Nebraska, Alaska, Utah, Wyoming, Maine, Hawaii, and Minnesota.

Source: FTC

Identity Theft Statistics by Age and Profile

So far, several studies have been carried out to determine whether identity theft is more prevalent within a specific age group. Here are the findings:

16. According to the US Insurance Information Institute, 1 in 4 victims of identity theft are aged 60 and older.

This means that 24.1% of US-based attacks are targeted towards individuals of this age, based on identity theft numbers.

17. Almost 50% of the victims were below the age of 50.

A study has also shown that people below 50 years of age accounted for roughly 57% of all monetary losses that were reported during 2018. It is important to keep in mind that identity theft and fraud are much easier to carry out when targeting the elderly, given the fact that they are less fluent with tech.

Source: III

18. An identity fraud study carried out by the US Bureau for Justice Statistics went more in-depth and helped conclude that 10% of people aged 16 and older were victims of identity theft during 2016.

19. Additionally, 1% of people aged at least 16 had their personal data used by criminals to open a bank account or to seize control over an existing account or credit card.

Based on these stats provided by identity theft resource centers, we can conclude that this is a real criminal trend, which requires intervention to ensure that the rates are reduced throughout the United States. As we will see later on, there are several methods that can be leveraged to combat identity theft and fraud attempts.

Source: US Bureau for Justice Statistics

Last but not least, it is important for us to also discuss whether the profile of a person makes them more prone to having their identity stolen. Data that has been analyzed by Experian showcases that people with a specific profile are often targeted more. Here are the key findings:

20.Victims of identity theft are 43% more likely to live in an affluent suburb

This stat certainly makes sense, since the main purpose of identity thieves is to acquire monetary compensation. Therefore, people living in affluent neighborhoods are more likely to have larger lines of credit or more money stored in their bank accounts.

21. Victims of identity theft are 73% more likely to hold an advanced degree given by a higher education institution

Similarly, people who have completed their higher education are bound to be employed with companies that offer competitive salaries alongside other bonuses. As such, identity thieves tend to target these individuals more, as it has been pinpointed by online identity theft stats.

22. Other relevant data indicates several other risk factors including, but not limited to: living in a high-density metro area, having a spouse, having an interest in politics, and engaging in hobbies such as tennis and arts

People should keep in mind that anyone can be a victim of identity theft or fraud; not fitting within these profiles doesn’t guarantee that you will never be targeted yourself.

Source: Las Vegas Review-Journal

Largest Identity Theft Insurance Companies

Identity theft is a crime, therefore victims can expect law enforcement to carry out their duties and due diligence to help catch the criminals responsible for your personal data infringements. However, there are numerous cases in which identity thieves are not caught by state authorities, alongside cases when reimbursement of the stolen funds is impossible.

Since cases like these exist, several insurance companies that identify theft as a valid insurance claim have appeared on the market. The craft of these insurers is to offer premiums in case you happen to be a victim of identity theft or fraud. Below, you’ll find information regarding the top 5 writers of identity theft insurance, organized based on the value of the direct premiums offered during 2018, in the US. This identity theft information regarding insurance should give you a better idea of the market’s biggest players.

Company Percentage of Direct Premiums Written
State Farm Mutual Automobile Insurance 13.5%
Travelers Companies Inc. 10.9%
Liberty Mutual 5%
Allstate Corp. 4.8%
Farmers Insurance Corp. 4.1%

Readers shouldn’t rely solely on this table when picking an insurance provider. Rather, it is best for future insured individuals to carefully research companies that offer personal data theft insurance in their region, to help determine whether they qualify, what the monthly rate is, and what premiums are currently on offer.

Source: III

Crucial Cybercrime Statistics

This part of the article is focused on highlighting some of the world’s most important cybercrime-related statistics. It covers breaches, impersonations, malware, fraudulent emails, cybersecurity efforts, and other overall stats on the cybercrime market. Our goal is to facilitate an understanding of the current state of the cybercrime market, while also outlining tips that individuals can leverage to better protect themselves.

23. A research effort carried out by the UK government has helped determine that 2 in 5 businesses have been affected by a data breach within the last 12 months

However, it isn’t just for-profit businesses that are affected by data breaches, since the findings also indicate that 19% of charities suffered a similar cyber incident.

24. The same UK government survey has determined the most common types of data breaches:

75% of businesses faced data breaches due to fraudulent emails being sent out to employees. 28% of businesses are affected by impersonators, whereas 24% of business data breaches were caused by viruses and malware. Cyber theft of data has become a real concern for both companies and individuals throughout the world, thus showcasing the desperate need for stricter personal data protection measures.

25. 70% of UK businesses and 57% of UK charities believe that they are protected against cybersecurity risks

However, actual research studies indicated that this is nothing but a false sense of security. Only 20% of businesses have offered cybersecurity training to their employees, whereas only 27% have actual cyber-security policies implemented to help prevent and deal with the aftermath of an attack. Therefore, the truth is that numerous companies lack robust password security measures to stop identity fraud from even taking place.

26. Despite this aspect, it seems like 67% of UK businesses report spending money on improving their cybersecurity protocols

The main arguments for investing in business insurance include protecting customer/beneficiary/donor data, preventing fraud/theft, protecting monetary assets, and protecting intellectual property; in this order.

Source: UK Government Study

27. Cybersecurity Ventures has predicted that cybercrime will cost roughly $6 trillion on a yearly basis until 2021 worldwide

This cost includes the actual monetary losses, alongside prevention and other processes associated with ensuring cybersecurity. The same report has also stated that cybercrime represents one of mankind’s greatest challenges for the next two decades, as reported by numerous computer crime statistics.

Source: Herjavec Group

28. Distributed Denial of Service (DDoS) attempts cost enterprises $2 million dollars per attack

According to Kaspersky Labs, DDoS attempts are increasing in popularity since they represent an easy way for competitors and other ill-willed individuals to attack the interests of small businesses and enterprises. In the case of small businesses, dealing with a fully-fledged DDoS attack can cost over $120,000. These statistics pinpoint a huge increase in the cost of dealing with attacks when compared to the past couple of years. This stat helps bust the common misconception that cybercrime is usually carried out through email scams since there are a plethora of attack types, each with its own set of dangers and security measures.

Source: Kaspersky Labs

29. According to Norton, 978 million people residing in 20 of the world’s countries were directly affected by cybercrime and cyberattacks during 2017

Gauging the actual numbers for the entire world is extremely difficult due to reporting inconsistencies. Regardless, we can assume that at least one billion people are directly or indirectly affected by cybercrime yearly. In most of these cases, the attack doesn’t cause a direct impact (such as having money stolen from a bank account) — rather, many attacks focus on illegally obtaining personal data which can be sold, or later leveraged by criminals, as reported by identification theft information.

Source: Norton Symantec

30. Norton Symantec carried out a research study meant to determine the most common cybercrimes that currently affect people worldwide.

The study is based on data concerning the individuals surveyed and people they know:

  1. 53% of people had one of their devices affected by viruses/malware.
  2. 38% of surveyed individuals have experienced, or know someone affected by credit card fraud.
  3. 34% of individuals had the password of an account compromised by a cyberattack, whereas 34% had their social media accounts accessed by attackers.
  4. 33% of people were affected, or know someone who was scammed when making an online purchase or payment.

Source: Norton Symantec

31. How much money is lost to email scams every year?

Answering this question is quite difficult since piling up all the reports from all over the world in order to get an exact figure is hard work, to say the least. Firstly, we have email scams that target individuals (“The Nigerian Prince,” “You’ve Won the Lottery,” or “I wish to make a donation”) — for these types of email-based scams, earnings are somewhat low when looking at the bigger picture. However, they still affect tens of thousands of individuals annually, thus leading to hundreds of thousands of dollars’ worth of losses. In the case of company-targeted email scams and phishing attacks, the numbers are in the millions.

3 Astonishing Cybercrime and Identity Theft Cases

  • In 2017, authorities managed to seize and identify a Russian cyber-criminal, who was responsible for running an identity theft ring worth over $50 million. According to sources, the Russian worked with hackers to steal personal data and credit card information, but also had numerous associates on foot who would withdraw money on his command, from ATMs placed in 280 cities throughout the world. This isn’t your average Federal Trade Commission identity theft or cybercrime case.
  • In 2007, Estonia was brutally affected by a cyber-attack that targeted several public institutions, including banks, ministries, the Estonian Parliament, newspapers, and standalone individuals. It is believed that the attack was orchestrated by Russia, and was politically-motivated. The severity of this attack led to the creation of the NATO Cooperative Cyber Defence Centre of Excellence, based in Estonia.
  • An IRS-based identity theft case has weakened the public’s trust in public institutions safeguarding the population’s personal data. Namely, an IRS employee has been accused of stealing identities and committing tax fraud by using IRS computers. The data was then used to request refunds on debit cards and to submit several fraudulent tax returns.

How to Prevent Identity Fraud and Theft

Based on everything that has been outlined thus far, we can conclude that cybercrime and identity theft are here to stay. It is a lucrative business, producing hundreds of millions of dollars on a yearly basis. Because of this, it is essential for the world to figure out smarter protection mechanisms, meant to limit the popularity of identity theft and cybercrime overall. Thankfully, according to Javelin Strategy & Research group, but also thanks to numerous other experts, we have a set of guidelines that can be followed to reduce the likelihood of being affected by identity theft.

The main key factors for preventing identity theft include: ordering free credit reports online, actively monitoring your accounts, enrolling in credit monitoring, not sharing your Social Security Number with other people, stopping pre-approved credit card offers, picking up check orders, paying bills online, password safety (the stronger the better), and being extra attentive as to what personal information you share on the internet, or on the phone.

Key protection measures against cybercrime include: installing apps from reputable sources, clicking on links on emails from trustworthy persons only, using strong and different passwords for your online accounts, not falling for email scams and phishing attempts, reading up on the best online security practices by both companies and individuals.

 

Actively doing your due diligence and practicing care when dealing with people you do not trust will have a positive impact on identity theft statistics throughout the world.

FAQs

What are the most common types of identity theft?

According to cybercrime statistics, the 5 top most common types of identity theft are, but not limited to: 

  1. Financial identity theft
  2. Medical identity theft
  3. Criminal identity theft
  4. Child identity theft
  5. Tax identity theft

Does police investigate identity theft?

There is not much the police can do for you in an identity theft crime. The authority prosecutes only 0.14% of identity theft suspects, and filing a report to the police will only safeguard you against financial claims from businesses and debt collectors.  

What is the most common cause of identity theft?

The most common cause behind an identity theft crime is typically economic gain. It deliberately utilizes somebody else’s identity as a way to gain financial benefits that may cause the victim severe loss. For instance, your Social Security number can be stolen to make a purchase, create a new account or commit other fraud.  

What do hackers do with your stolen identity?

With enough stolen identifying data and information about you, an identity thief can take over your identity to conduct an array of crimes. Scamming statistics show that stolen identity is commonly used for the following:

  • Fraudulent withdrawals from your bank account
  • Selling your identity information and data
  • False applications for credit cards and loans
  • For covering medical treatment
  • Intercepting your tax refund
  • Opening utility accounts
  • Extortion and phishing attacks
  • Fraudulent use of online accounts or telephone calling cards
  • Obtaining goods or privileges that otherwise may be denied if the criminal’s real identity is used

 

List of Sources: