Most common types of internet crimes
As invisible as it is devastating, internet crime cost Americans almost $21 billion last year. Massachusetts, once a moderately targeted state, is now among the six most targeted in the country.
Phishing and spoofing work to trick people through fake media—from texts to emails—to get sensitive information, gain access to a user’s device, or install harmful software. This is one of the most prevalent cybercrimes, especially because it requires no technical breach, only deception.
Extortion and ransomware is where cybercriminals target high-value institutions—oftentimes hospitals and corporations—and hold sensitive information, prompting victims to pay to gain their information back. This type of cybercrime has become prolific, with attacks having risen 158% in North America alone between 2019 and 2020. This type of attack is becoming more common not only because of the increasing amount of people online, but also because companies often choose to pay the cybercriminals’ ransom—incentivizing the behavior.
Identity theft, where cybercriminals steal personal information to commit fraud, is another common internet crime. These are hard to detect; once a user’s information has been stolen, it can be difficult to distinguish between the user’s typical behavior and the cybercriminal. The common occurrence of this internet crime is mainly attributed to increasing advancement of hacker abilities as well as the assistance of AI. With AI, cybercriminals’ ability to create convincingly realistic media to trick people, spread misinformation, and identify patterns in passwords is enhanced.
States with the most cyberattack victims
D.C., Alaska, and Nevada have consistently ranked in the top five for most cyberattack victims per one hundred thousand people across the years 2018, 2024, and 2025—D.C. and Alaska fluctuating as the top locations.
The abundance of high-net-worth targets—such as government officials—in D.C. likely plays a role in its high number of cybercrimes. Similarly, the large amount of small to mid-sized-businesses (SMBs) in Alaska contributes to its high amount of cyberattacks, especially due to their lack of financial resources to combat cyber threats. A trend that has sparked concern within the FBI.
Figure 1: A 2025 map of America displaying internet crime victims per 100K population from U.S. Data Labs.
In 2025, the top states in order included D.C., Alaska, Nevada, Arizona, and Washington. States on the East and West coast also experienced more cyberattacks than interior states.
Cyberattacks have increased in Massachusetts over the years
From 2018 to 2025, Massachusetts saw a 256.7% increase in cyberattacks, from 91 victims per 100K population to 321 in 2025. Massachusetts has gone from the 21st state with the most cyberattacks to the 6th in just seven years.
Just this past spring, a major cyberattack hit a Brockton hospital, temporarily shutting it down as well as some services, including chemotherapy, prescription refills, and the patient portal system—serving as a perfect example of how health care and public health has emerged as one of the most targeted industries for ransomware. Because of the dire nature of their information—especially in hospitals—health care is more vulnerable to yielding to ransomware, which hackers are taking note of.
How much do cyberattacks cost the public?
The FBI estimates internet crimes cost Americans nearly $21 billion in 2025. Complaint losses by crime type ranged widely from $6.6 million to over $11 billion—the highest being cryptocurrency at $11,366,669,732.
Figure 2: The top 5 internet crimes in order of highest complaint loss to lowest in 2025 from U.S. Data Labs.
Scammed businesses don’t just lose money—they also lose reputation and a strong brand. According to the cybersecurity company Total Assure, average losses can reach about $254,000 per breach of small businesses, and 60% of those who are attacked go out of business in the span of six months.
Conclusion
Internet crime is reshaping daily life across the country. The most prevalent crimes all exploit the gaps between evolving technology and the public’s ability to discern between reality and increasingly convincing shams.
The financial toll of cyberattacks is staggering. With internet crimes costing Americans billions, the burden hits those least equipped to combat it the hardest, like small businesses. Massachusetts illustrates just how quickly vulnerability to internet crime can escalate in just a few short years.
As more of life moves online, the more opportunities proliferate for cybercriminals to attack. Data shows how this is becoming an increasingly bigger concern for America, but it’s how the public adapts that decides how much of an effect internet crimes will have in the future.
Nina Argel is a Roger Perry Government Transparency Intern with the Pioneer Institute. She is a rising junior and James Monroe Scholar at the College of William & Mary with a double major in Government and English.
