What to know about cybercrime in 2026 | #cybercrime | #infosec

Cybercrime has grown into a thriving, highly profitable industry, threatening governments, businesses and people worldwide. With two-thirds of the world’s population online – and much of the global economy reliant on information and communications technology – everyone is a viable target.  

The United Nations Convention against Cybercrime opened for signature on 25 October 2025 and currently has 74 signatories. Below, find out what you need to know about cybercrime and what the Convention means for you.

What makes cybercrime unique?

Cybercriminals use malware (malicious software, including ransomware) to infiltrate digital systems, and steal money, data and other valuable assets. Or they use information and communication technology to facilitate other crimes, like drugs, arms or human trafficking, money laundering, fraud and more.

Cybercrime differs from traditional crimes in many ways, including:

• Anonymity and the lack of physical risk. Traditional crimes, like drug trafficking, require somebody to physically be present – for example, to manufacture or grow, transport and sell a drug. Each of these steps presents an opportunity to get caught (though it is much easier to catch low-level culprits than to go after the “kingpins” behind a criminal operation). But with cybercrime, offenders can defraud a victim or steal data in one location with basic computer equipment from anywhere, lowering the barrier to entry for would-be cybercriminals and reducing the physical risks.
• No geographical limits. Because cybercriminals don’t need to be anywhere near the scene of the crime, they can “shop jurisdictions” – i.e., deliberately choose to operate from the city, state or country where they believe that are least likely to get caught by law enforcement.
• Scale and speed. This also means that victims can be targeted in multiple locations simultaneously. A single cyberattack or cyberscam can affect hundreds of victims – or span across hundreds of jurisdictions – at once, creating major challenges for law enforcement coordination and response.

 

What new trends are emerging in cybercrime today?

Cybercriminals, like the technology they rely upon, are constantly adapting, including through:

Automation:

Cybercriminals are using automated tools to commit their crimes more efficiently. Phishing, the tricking of victims into revealing passwords or financial information, is now becoming even more common with the use of ‘phishing kits’ or platforms – i.e., ready-made malicious websites and email templates – enabling criminals to send thousands, or even millions, of phishing texts and emails.

Others use botnets, or a network of malware-infected computers or devices under one attacker’s control. Using their botnet, the attacker can remotely command thousands of machines to perform tasks like spreading malware or spam in unison.

Data breaches exposing username and password combinations, meanwhile, have been used for “credential stuffing”, i.e., an automated technique where stolen credentials are rapidly tested across multiple websites, targeting users who reuse passwords.

Automation also plays a role in money laundering with the creation of mule accounts, or accounts used to transfer illicit funds and disguise their origin. Bots can assist cybercriminals to automate the setting up of multiple mule accounts with stolen or fabricated identities.

Artificial intelligence (AI)

Generative AI programs create original content – like text, images or videos – based on user prompts.

Such systems are already producing ‘deepfake’ videos, images and audio to create highly convincing but fabricated impersonations – making it appear as though people have spoken or acted in ways that never occurred. Together with AI chatbots – computer programs that simulate and process human conversation –  these technologies allow cybercriminals to stage sophisticated impersonation scams, deceiving victims into unwittingly transferring money to fraudsters they believe to be trusted friends, family or colleagues.

Scam compounds in South-East Asia, for instance, are using generative AI to deploy multilingual chatbots– allowing a scammer to engage with a multitude of victims simultaneously, with AI assuming the burden of drafting, translating and tailoring content.

Other criminal groups are using AI to create entirely false digital identities, complete with photos, social media content, fake IDs and online footprints to convince victims that they are real and trustworthy. Scammers then use these fake personas to lure victims into fraudulent relationships and investment schemes.  

The wide availability of generative AI tools has made it significantly easier to turn AI from a tool into a weapon, allowing even unskilled hackers to circumvent the AI system’s ethical guidelines and code malicious malware. Criminal groups have even developed and trained their own AI models, like WormGPT, which operate without any safety guardrails at all.

AI machine learning works by identifying patterns in data. Once trained, the system can use what it has learned to make accurate predictions or inferences about new data without human intervention.

AI machine learning models are helping to make attacks more effective and damaging. These models can process enormous troves of data – including information from leaks, open sources or internal documents – to identify a target’s security protections, weakest points or most critical assets.

This gives cybercriminals the crucial intelligence needed to carry out an attack with precision, speed and maximum impact. They could, for example, hack a system to steal customer data and valuable secrets. Or they could deploy ransomware, demanding payment from targets to regain access to important files.  They can even use AI to assess the wealth of a victim and generate personalized pricing.

Moreover, with machine learning malware can be tooled to adapt to its environment, for example to remain dormant when under observation, significantly lowering the chance of detection.

Cybercrime as a service:

Many cybercriminals now offer their specialized services online. Someone can purchase their ransomware from one seller on the dark web, contact another group who specializes in phishing and yet another who are experts in exploitation. This means that essentially anyone – even someone with no technical skills or personal contacts to people with such skills – can carry out a cybercrime with minimal investment.

 

How does cybercrime facilitate other crimes?

Internet and communication technology have already transformed the way criminals do business. From migrant smugglers advertising on social media to drug traffickers selling on illicit online markets to money launderers using the Internet to remain anonymous, cybercrime has become an integral part of the business model of criminals everywhere.

AI is further enabling criminal groups to monitor law enforcement activities. For example, in a territory where a criminal group exerts de facto control, facial recognition software can be integrated into CCTV networks, which could then be used to detect undercover officers or unmarked police vehicles. Migrant smugglers or human traffickers, on the other hand, could use AI models to scrape social media platforms to pinpoint individuals in financial or employment-related distress, i.e., those who would be more vulnerable to a fraudulent recruitment scheme.

 

What’s at stake with cybercrime?

• Our safety, privacy and public trust. Anyone can be a victim of cybercrime, including children, who are at risk of being groomed, manipulated or coerced online. All of our personal data – health diagnoses, bank account numbers, government ID numbers and more – can be stolen, leading to potential identity theft or fraud.
• Our security. Cyberattacks – including by cyber-terrorists – can incapacitate public water systems, electricity grids, transportation systems or healthcare services. Such attacks can debilitate national and economic security, compromise public health or even result in the loss of life.
• Our prosperity. Cybercriminals are draining businesses and individuals alike. Businesses may have to pay an exorbitant ransom to regain access to their systems or pay a hefty fine after a data breach. Retirees could lose their life savings through an investment scam, while everyday people could be bilked out of thousands of dollars through a romance scam.  

 

What are the current issues affecting the investigation and prosecution of cybercrime?

In a cybercrime, the perpetrator might be in one country, the victims in ten others, and the electronic evidence stored somewhere else entirely. Moreover, electronic evidence can disappear very quickly.

This makes policing cybercrime costly and timely, and specialized knowledge and tools are needed. In many places, the resources devoted to fighting the crime are dwarfed by the scale of the threat.

Currently, the collection, sharing and ability to use electronic evidence across borders poses a major obstacle to States prosecuting cybercrime. With no consistent international rules, evidence admissible in one country’s court system may be rejected in another.

 

What will the UN Convention against Cybercrime improve?

• Collection and sharing of electronic evidence. In 2025, the prosecution of crimes – whether it be cybercrime alone or other crimes that are enabled by information and communications technology – almost always relies on electronic evidence.
  One of the Convention’s main aims is to ensure that all ratifying countries define electronic evidence consistently and apply the same standards when collecting such evidence. This way, when one country shares electronic evidence with another for a cybercrime prosecution, the evidence can be admissible in the receiving country’s courts.
• Cooperation. By signing and ratifying the Convention, countries are acknowledging that cybercrime is an existential threat to global security and accelerating the scale, speed and scope of terrorism and transnational organized crimes. Coherent international rules and regulations, shared expertise and resources, and strong political will under the Convention will streamline the prevention and prosecution of cybercrime, bringing international responses up to speed and building a safer digital future.