Outsmarting real-life criminals in the virtual world

With digital devices in almost every pocket and on every desk, and digital infrastructure running every organization, cybercrime has become a major threat worldwide.

INTERPOL Spotlight looks at how criminals use malicious software, phishing, sextortion or online scams to defraud individuals, compromise businesses and critical infrastructure, and threaten economies – while maximizing their profits.

As agile and innovative as the digital ecosystem it thrives in, cybercrime is constantly creating new challenges for law enforcement, and INTERPOL member countries around the world cite it as one of the top threats facing them today. International criminal networks increasingly function anonymously, behind the dark web, utilising cryptocurrencies or encrypted messaging platforms, while the rise of cybercrime-as-a-service is lowering the entry barrier to crimes that offer high potential gains.

Functioning much like the multitude of digital services available in the legal economy, these turnkey toolkits – for online extortion, business email compromise, ransomware and more – are easy-to-use, inexpensive and readily available to those who know where to look. “The simpler it gets, the more criminals move into cybercrime, leading to more attacks, more often,” says Sangsoon Kim, Assistant Director, INTERPOL Cyber Threat Intelligence. “Easy access to crime-as-a-service has accelerated the blurring of the boundaries between traditional and digital crimes as transnational criminal networks see opportunities to leverage cyber tools and take their illegal activities to a new level of efficiency or move into more crime areas.”

From cybercrime to polycrime

In this polycriminal landscape, law enforcement agencies need expertise in both the cyber-dependent crimes – malware attacks or data breaches for example – which directly target digital devices or infrastructure and cyber-enabled crimes, which use digital tools and technology to commit other offences like fraud, sextortion or even human trafficking. “We have reached a situation today where there is a cyber component in almost every type of crime,” says Enrique Hernandez Gonzalez, Assistant Director INTERPOL Cybercrime Operations, “and in that context, only INTERPOL can mobilize expertise in cybercrime, financial crime, organized crime and more on a global scale to effectively counter that challenge”.

Tracking the cyber threats

To take the pulse of cybercrime at a given time and identify where the greatest threats lie, INTERPOL regularly surveys our member countries and works with expert private sector partners  in fields such as cybersecurity, telecommunications and banking. 

The latest global intelligence paints a clear picture of a cybercrime landscape dominated by similar criminal modus operandi in most regions: ransomware and other types of malware, data breaches – including targeting critical infrastructure – and online scams, with the latter increasingly driven by artificial intelligence  to make phishing attacks or sextortion even more difficult to evade. Alongside these are local threats that are specific to each region or even sub-region. Our 2025 Africa Cyberthreat Assessment Report, for example, revealed that online scams, ransomware, business email compromise, digital sextortion and identity theft are among the most reported cyberthreats across the continent. Two-thirds of African member countries also reported that cybercrimes represented a medium-to-high proportion of offences committed in 2025, with the figure standing at 30 per cent of all reported crime in Western and Eastern Africa. 

Targeted operations and future preparations

The in-depth knowledge of the threats and trends facing different regions gathered in this way shapes the direction and prepares the groundwork for global and regional cybercrime operations led by INTERPOL in collaboration with member countries and its private partners.

“In 2025, our operations  have led to the disruption or dismantling of cryptocurrency mining operations, infostealer malware and online investment fraud schemes among others,” says Enrique Hernandez Gonzalez, “and led to the arrest of thousands of suspects and the recovery of millions of US dollars”. It is also essential to the development of strategic future-facing work aimed at countering current and emerging threats ever more effectively. “With the digital ecosystem and cybercrime techniques constantly changing, we have to be proactive in the way we prepare for the future,” says Sangsoon Kim, “and we are currently exploring a series of priority areas such as artificial intelligence, cyber incident response, and residential proxies, a new threat which we are beginning to see emerging in Asia”.

The future-facing cybercrime fight

The INTERPOL cybercrime team is already developing a project around cyber attack response. Project Symphony, will help protect critical infrastructures and major international events from cyber attacks through capacity building and enhanced coordination between law enforcement, cybersecurity authorities and national Computer Emergency Response Teams. 

Our cyber experts are also looking into innovative ways of combating sextortion and phishing and protecting connected devices by targeting criminal use of residential proxies, an emerging crime area that exploits the Internet of Things by infecting home devices like smart TVs or connected kitchen appliances with malware during the production process. “This allows criminals to use the devices to connect to the internet without the owner’s knowledge and commit crimes via a residential proxy, a service that makes the malicious activity appear to come from the household,” explains Enrique Hernadez Gonzalez.

“The new threat from residential proxies is just one illustration of the endless capacity for innovation of the cybercrime ecosystem,” concludes Sangsoon Kim. “At INTERPOL we aim to combine our own capacity for innovation with our global reach to work as a bridge and close the gaps between the many different stakeholders whose expertise is needed to make a real difference in the fight against cybercrime.”