Cybercrime Statistics 2020: An In Depth Look at UK Figures and Trends

by Sandra Henshaw - , Last Updated on December 30, 2019, How To Guides, Statistics

In today’s increasingly connected world, computers play a vital part in all of our lives. However, computers aren’t always as safe as you might think. Whilst rates of cybercrime have been falling in the last twelve months, there’s still a shockingly large amount of computer-oriented crime in the UK. What is cybercrime? How bad is the problem? Can you protect yourself? We’ve got everything you need to know.

What Is Cybercrime?

In very basic terms, cybercrime is any kind of crime that involves a computer. That could be hacking, or it could be identity theft or child pornography. Cybercrime covers a wide range of different offences, all of which are punishable by law in the UK. We can divide cybercrime up into two categories: crimes that affect people, and those that effect businesses.

Personal Cybercrime

The most frequent kind of cybercrime effects individuals or personal accounts. And there are many examples of this:

  • Phishing: where you receive an email that pretends to be from an authority (perhaps your bank, or maybe your boss) in which you’re asked to give out your passwords or personal information such as your address, telephone number, or other data.
  • File Hijacking: where a hacker enters your computer and accesses your files, locking you out of them. The hacker then demands a ransom (usually money) before he will give you your files back.
  • Webcam Managing: where hackers take over your webcam. This may be so that they can watch your keyboard and learn your passwords, or it may be to record video of you doing something personal that they can then blackmail you with, or perhaps just to learn personal information about you.
  • Screenshot Managing: where hackers enter your computer and take screenshots of your display. This can help them get information about you, get passwords, or even blackmail you.
  • Keylogging: where hackers can record your keystrokes on your computer, thus gaining your passwords or other personal info.
  • Ad Clicking: where hackers encourage you to click on a link (perhaps by email, or on a webpage) which will then open malware or simply ask for your personal info.

Business Cybercrime

Unless you own your own business, most of us don’t need to worry too much about business-oriented cybercrime, although it can affect us. There are generally two kinds of crime in this category:

  • Hacking: where hackers enter a business’s files or servers and gain information from them.
  • DDOS Attacks: where hackers enter a business’s files or servers and change them so that their services or web pages can’t be accessed.

Though these kinds of crimes are more the concern of businesses, they can have an effect on you. When a business is hacked and the information is lost, some of that information could be yours. If your bank is hacked, for example, the hackers could gain your online banking password. And if a DDOS attack takes place then you may not be able to access a service that you need, such as that online banking portal.

What Are the Consequences of Cybercrime?

Now that you know what cybercrime is, you may be wondering what the point of it is. And, as with most kinds of crime, the point is money. In some of these crimes (such as file hijacking), it’s obvious to see where the money is coming from. But other crimes are sneakier. Any crime that is used to get personal information from you is designed to aid identity theft. This is when someone pretends to be you in order to get money. This could be as simple as getting your banking password and clearing out your bank account. Or as complex as collecting enough personal information about you that the hacker can then open credit cards or apply for loans in your name. To find out more about identity theft, you might want to check out our article on the subject.

How Bad is the Problem?

Each year the UK Office for National Statistics (ONS) releases a Crime Survey for England and Wales. In the most recent survey for the year ending in March 2018, the ONS estimates that around 4.5 million cybercrimes were committed in England and Wales during that twelve month period. Of those, around 3.24 million were fraud offences, and about 1.23 million were related to computer misuse (encompassing child pornography and hacking).

However, the survey does state that though this number is huge, it’s a 31% decrease in cybercrime over 2017. This is thought to be due to fewer computer viruses and better anti-virus technology. Don’t get complacent, however. You are still far more likely to fall victim to cybercrime than any other kind of crime in the UK. In 2017 around 17 million UK residents were victims of cybercrime, with around £130 billion being stolen.

For the latest year in which figures were available (ending June, 2017), there was a big difference in the kinds of frauds committed under the heading of cybercrimes. Bank and credit card fraud made up around 75% of all offences, with consumer or retail fraud (taking out loans, signing mobile phone contracts, purchasing things in someone else’s name) made up around 22% of the total number of crimes. Under the heading of computer misuse, around 67% of cybercrimes were related to malware or viruses whilst 33% were related to unauthorised access of personal information.

When it comes to businesses, the 2018 Cyber Security Breaches Survey estimates that two in five businesses have been subject to some kind of cybercrime within the past twelve months. There is an average cost of around £3000 per business per cybercrime, which adds up to billions of pounds, not to mention the personal costs of consumers losing data or becoming victims of fraud.

What Does All This Mean?

The upshot of all the above statistics is that cybercrime is a problem in the UK. If 17 million people were affected by cybercrime in 2017, that means that 25% of UK residents have been a computer crime victim. That gives you a one in four chance of somehow being affected by cybercrime. And that does NOT include business cyber crimes such as hacking or DDOS, which could have a secondary effect on you. You are ten times more likely to be the victim of cybercrime than you are to be the victim of someone stealing from your person (a pickpocket, perhaps), and thirty-five times more likely to be affected by cybercrime than physical robbery.

Who Is Affected?

According to the Office of National Statistics, there are some factors that make you more likely to be a victim of cybercrime:


Adults aged between 35 and 44 are slightly more likely to be victims of cybercrime (by around 7.4%). This is in comparison to 16 to 24-year-olds (4.9%), 65 to 74-year-olds (5.4%) and over 75 (2.8%).


Households with incomes of more than £50,000 per year have a slightly higher risk than those below that threshold. This could be due to the fact that more affluent households tend to have more internet-connected devices, however.


Managers and professionals such as doctors and lawyers have a slightly higher chance of being victims of cybercrimes.


Residents of more affluent areas tend to be more likely to become victims of cybercrimes than those in more deprived areas. Again though, this could be due to the fact that more affluent residents tend to have more internet-connected devices.

However, all the differences found in the ONS cybersecurity reports were very small, far smaller than the differences seen in characteristics of those more likely to be victims of violence, for example. The bottom line is that cybercrime can really happen to anyone.

Cybercrime Laws in the UK

Cybercrime is a crime and it is illegal. The UK has relatively strict laws regarding computer crimes when compared to other countries. Any crime that involves fraud is covered by existing UK fraud laws, most recently the Fraud Act of 2006. However, cybercrime is additionally covered by the Computer Misuse Act of 1990. The unfortunate truth of the matter though is that cybercriminals are seldom caught, and even more seldom prosecuted. In 2017 there were a mere 47 prosecutions of cybercriminals. And the number of fraud prosecutions has fallen by a third since 2011.

How Can I Protect Myself?

Given that so few cybercrimes are actually prosecuted, protecting yourself from cybercrime is key. Whilst there’s no way to completely eliminate the threat, there are various things that you can do to defend yourself:

Your Devices

  • Ensure that your devices all have solid, up to date anti-virus security.
  • Install a firewall on your computer.
  • Install anti-spyware software on your computer.
  • Ensure that you update your software (including Windows or iOS) when prompted to do so, postponing an update can leave you vulnerable.
  • Ensure that your devices are password protected with a strong password. You can find the official governmental advice on creating passwords here.
  • Ensure that should any of your devices be stolen that you can quickly change account passwords. This may mean keeping a list of all your accounts so that you know what you need to change.
  • Cover your webcam when it’s not in use. A small piece of non-transparent tape or a post-it note should be fine.

Your Online Usage

  • Be aware of your surroundings, make sure that no one is looking over your shoulder or watching as you type in passwords.
  • Do not connect to unfamiliar WiFi networks. If you must do this, do not access any sensitive information whilst on the connection.
  • Do not click or anything or download anything unless you are 100% confident in the source.
  • Do not reply to emails asking for personal information or passwords. If an authority, perhaps your bank, asks for information over email, call your branch and ask for confirmation that they actually need this data.
  • If you’re going to enter sensitive information such as a credit card number into a website check the address bar for a padlock symbol and the prefix ‘https’ rather than just ‘http’ to indicate that the site is a secure one.
  • Do not give out personal information, even something as simple as your address, unless you absolutely know that data is going somewhere trustworthy.

Miscellaneous Tips

  • It can be difficult to know if fraud has occurred until it is too late. The best way to know if someone is borrowing money in your name or using your funds is to keep a close eye on your finances. Check bank statements and credit card statements regularly, and check your credit rating at least once a year to be sure that no suspicious transactions are taking place. You can check your credit report with Experian, Equifax, or Transunion (formerly CallCredit) for free.
  • Follow news reports of data breaches for major companies, and if you have a connection to a breached company ensure that you change any account passwords related to them.

What Do I Do If I Suspect a Cybercrime?

If you suspect that a cybercrime has occurred then there are a few steps that you can take:

  • Report any losses to your local police station
  • Report fraud to Action Fraud, the UK’s police fraud squad
  • In the case of blackmail or ransomware do NOT pay. You can find official government guidance on what to do in these situations here
  • Change any passwords that are appropriate and run a full antivirus, malware and spyware check on your devices
  • If your credit rating has been affected, contact the credit reporting agency concerned (Experian, Equifax, or Transunion) to file a dispute
  • If you suspect someone of misusing a computer, due to things like hacking, possession of child pornography, or something else, report the person concerned to your local police. Do NOT confront them personally

Cybercrime: The Bottom Line

Cybercrime happens every day, and it happens to people just like you. No one is safe, though you can lessen your chances of being affected by following the advice given above. Be alert, be vigilant, and be careful so that you don’t become a statistic!