Cybercrime: Criminal activity that either targets or uses a computer, a computer network, or a networked device.^[1]

Internal fraud: Occurs when a current or former employee steals, alters, or destroys organizational information (such as client/donor data) or assets (such as computer software or physical assets) for direct personal gain or indirect gain by assisting other fraudulent actors.^[2]

In 2023, cybercrime is predicted to cost the world USD 8 trillion.^[3] Additionally, according to the Association of Certified Fraud Examiners, internal fraud generates median losses of $117,000 per case and typically lasts for 12 months.^[4]

Malware: Harmful software designed to gain unauthorized access to devices, networks, and systems. Includes viruses, spyware, ransomware, and adware.

Phishing: Email communications designed to trick the recipient into disclosing sensitive information. Phishing targets large groups. Spear-phishing targets specific individuals.

Ransomware: Uses malicious software to encrypt a victim's files, denying them access. The attacker then demands a ransom payment to relinquish control.

Password attack: The attacker cracks or guesses a password to gain access to a company's devices, network, or systems.

Organizations email compromise: Criminal compromises legitimate organization email accounts to conduct fraudulent transfers of funds.

Formjacking: Criminals use malicious code to hack a website form and gather data.

Insider threats: Authorized individuals misuse their access to an organization's assets.