State of Cybercrime
Find out how attackers are adapting their techniques as cyber defenses improve.
Acting to create a safer ecosystem
531,000
unique phishing URLs and 5,400 phish kits were taken down at the direction of our Digital Crimes Unit.
70 billion
email and identity threat attacks were blocked by Microsoft last year alone.
2.75 million
site registrations were successfully blocked by Microsoft to get ahead of criminal actors that planned to use them to engage in global cybercrime.
The growing threat of ransomware and extortion
Most seen vulnerabilities
The top finding among ransomware incident response engagements was insufficient privilege access and lateral movement controls.
Business email compromise
Credential phishing schemes are on the rise and are a substantial threat to users everywhere because they indiscriminately target all inboxes. Among the threats our researchers track and protect against, the volume of phishing attacks is orders of magnitude greater than all other threats.
Business email compromise themes by percentage of occurrence.
Cybercriminal abuse of infrastructure
IoT devices are a popular target for cybercriminals using widespread botnets. Unpatched routers can be used to gain access to networks and execute malicious attacks.
Is hacktivism here to stay?
The war in Ukraine saw a surge in hacktivism, with volunteer hackers deploying tools to cause damage to political opponents, organizations, and even nation states.
Explore other critical focus areas
Nation State Threats
Nation state actors are launching increasingly sophisticated cyberattacks to evade detection and further their strategic priorities.
Devices and Infrastructure
As organizations harness advances in computing capability and entities digitize to thrive, the attack surface of the digital world is exponentially increasing.
Cyber Influence Operations
Today’s foreign influence operations utilize newmethods and technologies, making their campaignsdesigned to erode trust more efficient and effective.
Cyber Resilience
As threats in the cyber landscape increase, building cyber resilience into the fabric of the organization is as crucial as financial and operational resilience.
Follow Microsoft