The author, Mirko Nazzari, holds a PhD in Criminology from Catholic University of Sacred Heart Milan and was a researcher at Transcrime – Joint Research Centre on Innovation and Crime. His research focuses on money laundering, cybercrime, and the risks associated with new technologies.
Many low-level cybercrime workers are trapped in coercion and exploitation, pressured into roles by organised networks.
Cybercrime has become a defining feature of the digital age, affecting individuals, businesses, and governments.
Each day brings fresh reports of data breaches, phishing scams, ransomware attacks, business email compromises, romance scams, and identity theft.
These incidents highlight the vast scope and relentless nature of cybercrime, which continues to grow at an unsettling pace.
What may come as a surprise is that many of these cyberattacks are not as technically complex as they might seem. This observation, already noted in 2017, has only become more pronounced today.
Rather than exploiting intricate system vulnerabilities, cybercriminals often target a far more vulnerable aspect: human psychology.
By employing basic social engineering tactics, they manipulate emotions like trust, urgency, and fear to achieve their ends.
Consider the all-too-familiar phishing email: how often have you received an urgent message that appears to be from your bank, urging immediate action to avert dire consequences?
Such schemes rely not on complex coding but on the art of manipulation — simple, yet disturbingly effective.
The evolution of cybercrime
Despite the surge in cybercrime, a fundamental question remains: who are the masterminds behind these attacks?
Public perception typically defaults to the stereotypical image of cybercriminals as highly skilled, isolated figures — hackers in hoodies, working alone in dark rooms or as teenagers experimenting in their parents’ basements.
While there may be some truth to this image, the cybercrime landscape today is far more complex, organised and professional than these stereotypes suggest.
Cybercrime has evolved from small-scale acts to a sophisticated, volume-driven industry. It’s powered by networks of professionalised groups, each with specialised roles and a structured division of labour.
Increasingly, it follows “as-a-service” business models (CaaS), where skilled cybercriminals develop and offer tools, services, and resources for sell or rent to other criminals, regardless of technical skill.
Similar to legitimate software-as-a-service (SaaS) models, CaaS lowers barriers to entry, opening cybercrime to a broader base of users.
A multi-layered ecosystem
This shift has transformed cybercrime into a multi-layered, organised ecosystem. Cybercrime syndicates now operate like traditional businesses, complete with established hierarchies, defined roles, and streamlined processes to develop, maintain, and distribute CaaS products consistently.
A wide array of administrative and support roles has emerged to sustain these infrastructures, leading to a cybercriminal ecosystem marked by increasing specialisation.
Highly organised groups depend on networks of less-skilled actors for routine tasks, such as writing code or sending phishing emails. These lower-tier offenders, often working under precarious conditions, earn little for their labour, while those higher up in the hierarchy reap the financial rewards.
However, not all of these workers are involved by choice. Many are lured abroad by promises of lucrative job opportunities, only to find themselves trapped in exploitative situations.
Once abroad, they are often coerced into working as online fraudsters. A stark example of this is Operation Storm Makers II, coordinated by Interpol, which targeted such criminal networks in Southeast Asia in December 2023.
Law enforcement’s counterattack
Identifying, arresting, and prosecuting cybercriminals is challenging. The use of anonymity-enhancing tools like Virtual Private Networks (VPNs) and anonymous networks (e.g., Tor, I2P) make it difficult to trace the devices and individuals responsible.
Law enforcement faces limitations in conducting investigations.
The rapidly evolving cyber landscape means investigators must continuously update their skills. Cybercrime investigators are often “lifelong learners,” committed to ongoing training to stay current on technologies, criminal methods, and emerging threats.
Still, law enforcement agencies worldwide are ramping up efforts to protect internet users.
Central to these efforts are specialised cybercrime task forces— units staffed by officers trained in digital forensics, threat intelligence, and incident response.
Yet, policing alone does not have all answers.
Recognising fighting cybercrime requires collaboration across sectors, agencies are forging public-private partnerships with security firms, tech companies, and academic experts.
These partnerships enhance defences against cyber threats by pooling cutting-edge technology, knowledge, and resources from both the public and private sectors.
With cybercrime respecting no borders, international cooperation is also essential. Organisations like Interpol and the European Union Agency for Law Enforcement Cooperation (Europol) play pivotal roles in connecting member countries, sharing intelligence, coordinating investigations, and organising joint operations targeting transnational cybercriminal networks.
This global collaboration enables law enforcement agencies to act across jurisdictions, pursuing cybercriminals wherever they are.
The human factor in cybercrime
The “human factor” in cybercrime is often framed as a vulnerability or lapses in judgment that leaves individuals open to attack. Yet, focusing only on mistakes that lead to victimisation overlooks a broader reality.
Cybercrime extends beyond technology; it’s driven by human choices at every level, including those of perpetrators and law enforcement.
For perpetrators, involvement in cybercrime is not always a straightforward choice. Economic pressures, social circumstances, and even coercion may drive individuals to join criminal networks. Many actors are as much exploited as they are complicit.
For law enforcement, the “human factor” presents unique challenges. Investigators need to adapt to a fast-evolving cyber landscape, requiring both technical expertise and insight into the social and psychological dynamics of criminal networks.
The fight against cybercrime is not only technical but deeply human. Effective prevention strategies must acknowledge cybercrime as a social phenomenon, rooted in complex motivations, vulnerabilities, and environments, to truly address its causes and impacts.
– Mirko Nazzari holds a PhD in Criminology from Catholic University of Sacred Heart Milan and was a researcher at Transcrime – Joint Research Centre on Innovation and Crime. His research focuses on money laundering, cybercrime, and the risks associated with new technologies.
(This article is republished from 360info under Creative Commons licence.)