Cybercrime Trends Report 2025 by SoSafe

Cybercrime Trends Report 2025 by SoSafe

The Cybercrime Trends Report 2025 by SoSafe highlights the escalating scale and impact of cybercrime, projecting damages to reach £10.78 trillion ($13.82 trillion) by 2028, a nearly 50% increase since 2024. The report identifies several key trends shaping the cybercrime landscape:

• The Rise of AI as an Exploitable Attack Surface: Cybercriminals are increasingly weaponizing AI to orchestrate sophisticated attacks, such as realistic deepfakes and mass-scale AI-generated phishing campaigns, which require fewer resources but yield more effective results. There has been a 223% increase in deepfake-related tools on dark web forums between Q1 2023 and Q1 2024. While 96% of professionals recognize the importance of detecting AI based attacks, only 26% rate their ability to do so as “high”.
• The Rise of Multichannel Attacks: Attackers are diversifying their methods beyond traditional email, combining multiple channels like messaging apps, social media, and deepfake voice calls to create “3D phishing attacks”. A significant 94% of organizations reported an increase in multichannel attacks in the past year. These hyper-targeted attacks leverage social engineering tactics like pretexting and are harder to detect due to their execution on minimally regulated platforms like Telegram.
• Supply Chain Attacks: With 93% of companies relying on third-party services, every additional provider expands the attack surface, making supply chain vulnerabilities a significant risk. Attackers can infiltrate less-secure vendors to move laterally to more valuable targets or disrupt services impacting multiple organizations simultaneously. The report emphasizes the growing “fourth-party risk” due to reliance on suppliers’ vendors.
• Personal Identities as a Gateway: Cybercriminals are increasingly targeting personal identities and devices as a backdoor into corporate systems. 83% of organizations have been hit by cyberattacks originating from personal devices or accounts. The blurring lines between personal and professional life, coupled with large-scale data breaches, make it easier for attackers to exploit sensitive personal information, even targeting employees’ relatives to breach organizations indirectly.
• Cyber Resilience Inequality: A widening gap exists in cyber defences, with highly regulated sectors and large corporations strengthening their resilience, while less regulated and resource-constrained sectors (e.g., critical infrastructure, healthcare, charities, manufacturing, retail) struggle to keep up. 98% of respondents believe this gap is widening.
• The Boom of Cybercrime: Cybercrime has professionalized into a global industry, with costs projected to climb to £10.78 trillion ($13.82 trillion) by 2028. This is fuelled by global online platforms, ransomware-as-a-service (RaaS), and a broader cybercrime-as-a-service ecosystem that lowers the barrier for aspiring criminals.

Understanding these trends is essential for staying ahead in cybersecurity, with collaboration and innovation playing a key role in navigating an ever changing digital landscape. Building a strong security culture equips individuals and businesses of all sizes with the knowledge and resilience needed to actively protect against cyber threats.