How Cybercriminals Operate Online

How Cybercriminals Operate Online

Digital technology has advanced massively in recent years, and while this has brought many benefits, it can also put users at increased risk of their personal information being stolen.

Recent years have also seen a huge surge in cyber-attacks and mass data breaches. This has been highlighted in the news this week, as reports flood in regarding fraudulent charity sites which purport to help the war effort in Ukraine.

While an organised crime lawyer can help with the legal and practical side of cybercrime, below we’ll be discussing the different ways criminals operate in a digital sphere.

What are cyber criminals?

Often referred to as scammers or fraudsters, cybercriminals are individuals or organisations who use digital and online means to commit crimes such as identity theft and financial crime. Every year, there are around 400,000 reports of fraud and cybercrime in the UK but, despite this, very few of these criminals are prosecuted.

How do cybercriminals operate online?

There are a number of ways in which cybercriminals are able to work their way into people’s private data. in this section, we’ll take a look at some of these:


Frequently, cybercriminals use phishing attacks to secure individuals' and companies’ private information. A phishing attack can be sent via an email which sets out to trick or deceive somebody into clicking on a link contained within the email. Unfortunately, the seemingly innocent action of clicking on that link can give cyber criminals access to a system or network and, therefore, access to personal data, including financial information.

Criminals are then able to utilise that data for illegal means such as identity fraud and theft from bank accounts and other financial platforms. Shockingly, there are around 323,972 phishing scam victims in the UK every year.

Social engineering

Social engineering is a manipulation technique that takes advantage of human error to gain financial and confidential information. In the cyberspace, these crimes can manifest through sending emails and texts to unsuspecting users into sharing their data.

This can take a number of forms, including:


  • Warning of a problem with the user’s account which needs to be rectified by clicking on a link.
  • Claiming to be a business administrator who needs urgent access to the user’s computer for either an update or to investigate a problem.


  • Claiming that the user has won a prize in order to persuade them to hand over their personal details.
  • Sending clickbait such as an interesting article in order to convince the user to click on a link.


Also known as ‘zombie machines’, a botnet refers to a network of computers which have all been hacked and infected by malware. These computers are controlled from a central hub - usually by an individual or criminal organisation. Once a hacker has control of a botnet, they are then able to use this to commit crimes, including:

  • Phishing emails
  • Virus creation and distribution
  • Launching denial-of-service cyber attacks
  • Supporting illegal websites

Botnets have been used increasingly by hackers in recent years as they allow fraudsters to commit crimes with a wide-reaching impact with a limited chance of being identified.


Malware, or malicious software, is usually a file or a code which is delivered to a computer through a network with the aim of stealing information. Once malware enters a system, it is able to explore and track down personal information such as financial details which can then be used to commit crimes.

Installing antivirus software on a computer can help to reduce the risk of malware attacks and doing so should be considered to be the best practice, particularly for business computers and laptops.

Beating the cybercriminals

As cyber criminals become ever more sophisticated, it's important that businesses and individuals do all that they can to protect against these attacks.

As we’ve mentioned in this article, installing anti-virus software is a good first step in keeping criminals out of your computer systems. As well as, remaining vigilant when it comes to emails containing links. Often, we will instinctively click on a link without giving it a second thought. Sadly, this is very much what the criminals are relying on.

Drawing a line under online crime

Whether you’re a business or an individual, cybercrime can have a devastating and long-reaching impact

For companies, this may mean downtime, lost funds and even lawsuits regarding GDPR if the crime involves the inadvertent sharing of data stored on the system for third parties such as clients.

For individuals, it can result in bank account thefts and identity fraud which can have some serious consequences, including credit rating issues in the future. The only real way to beat cyber criminals is through security training, up-to-date software, and vigilance.

Please be advised that this article is for general informational purposes only, and should not be used as a substitute for advice from a trained legal professional. Be sure to consult an organised crime lawyer/solicitor if you’re seeking advice on cybercrime. We are not liable for risks or issues associated with using or acting upon the information on this site.