Search Results (39)

As digital literacy becomes central to cybercrime prevention, we examine how adults of different ages engage with online learning, moving beyond age alone to consider additional drivers of preference. We analyzed a nationally representative U.S. adult sample (N = 1113; Nov 2024). Ordinal logistic regressions assessed associations between preferences for cybersecurity education and age, education, income, subjective well-being (SWB), and high-speed internet access. Interaction terms (e.g., age × internet access) were tested but not retained. Preferences declined with age across most tools, with the sharpest drop being for highly interactive or novel formats (VR/AR, gamification). Actor-based, non-interactive videos showed no age advantage. Education displayed selective positive links, especially for interactive features, while income was largely unrelated. SWB was a broadly enabling correlate, often with nonlinear patterns, and reliable high-speed internet was consistently aligned with stronger preferences. Overall, the model fit was moderate. Effective cybersecurity education should not rely on age-based assumptions. Designing offerings that emphasize clear purpose and ease of use, pair reliable broadband with skills supports, and account for learners’ well-being can improve engagement and potential scam resilience across age groups. Full article

Generative Artificial Intelligence (GenAI) has transformed Australian higher education, amplifying online harms such as misinformation, fraud, and image-based abuse, with significant implications for cybercrime prevention. Combining a PRISMA-guided systematic review with MAXQDA-driven analysis of Australian university policies, this research evaluates institutional strategies against national frameworks, such as the Cybersecurity Strategy 2023–2030. Analyzing data from academic literature, we identify three key themes: educational strategies, alignment with national frameworks, and policy gaps and development. As the first qualitative analysis of 40 Australian university policies, this study uncovers systemic fragmentation in governance frameworks, with only 12 institutions addressing data privacy risks and none directly targeting AI-driven disinformation threats like deepfake harassment—a critical gap in global AI governance literature. This study provides actionable recommendations to develop the National GenAI Governance Framework, co-developed by TEQSA/UA and DoE, enhanced cyberbullying policies, and behavior-focused training to enhance digital safety and prevent cybercrime in Australian higher education. Mandatory annual CyberAI Literacy Module for all students and staff to ensure awareness of cybersecurity risks, responsible use of artificial intelligence, and digital safety practices within the university community. Full article

This article analyzes how artificial intelligence (AI) is influencing the evolution of cybercrime in Ecuador. The use of AI tools to create new threats, such as intelligent malware, automated phishing, and financial fraud, is on the rise. The main problem is the increasing sophistication of AI-driven cyberattacks and the limited preventive response capacity in Ecuador. In Ecuador, cybercrime rose by more than 7% in 2024 compared to 2023, and by nearly 130% between 2020 and 2021. This research focuses on exploring mitigation strategies based on international frameworks such as NIST and ISO, as well as developing measures through training and knowledge transfer. The results obtained are expected to help identify the main trends in AI-driven cyberthreats and propose a set of technical, legal, and training measures to strengthen public and private institutions in Ecuador. It is important to emphasize that the implementation of international standards, national policies, and specialized training is essential to address emerging cybersecurity risks in Ecuador. Full article

The landscape of cybercrime has undergone significant transformations over the past decade. Present-day threats include AI-generated attacks, deep fakes, 5G network vulnerabilities, cryptojacking, and supply chain attacks, among others. To remain resilient against contemporary threats, it is essential to examine historical data to gain insights that can inform cybersecurity strategies, policy decisions, and public awareness campaigns. This paper presents a comprehensive analysis of the evolution of cyber trends in state-sponsored attacks over the past 20 years, based on the council on foreign relations state-sponsored cyber operations (2005–present). The study explores the key trends, patterns, and demographic shifts in cybercrime victims, the evolution of complaints and losses, and the most prevalent cyber threats over the years. It also investigates the geographical distribution, the gender disparity in victimization, the temporal peaks of specific scams, and the most frequently reported internet crimes. The findings reveal a traditional cyber landscape, with cyber threats becoming more sophisticated and monetized. Finally, the article proposes areas for further exploration through a comprehensive analysis. It provides a detailed chronicle of the trajectory of cybercrimes, offering insights into its past, present, and future. Full article

As cyber threats escalate in scale and sophistication, the imperative to secure public data through theoretically grounded and practically viable frameworks becomes increasingly urgent. This review investigates whether and how criminology theories have effectively informed the development and implementation of information security management frameworks (ISMFs) to prevent cybercrime and fortify the digital ecosystem’s resilience. Anchored in a comprehensive bibliometric analysis of 617 peer-reviewed records extracted from Scopus and Web of Science, the study employs Multiple Correspondence Analysis (MCA), conceptual co-word mapping, and citation coupling to systematically chart the intellectual landscape bridging criminology and cybersecurity. The review reveals those foundational criminology theories—particularly routine activity theory, rational choice theory, and deterrence theory—have been progressively adapted to cyber contexts, offering novel insights into offender behaviour, target vulnerability, and systemic guardianship. In parallel, the study critically engages with global cybersecurity standards such as National Institute of Standards and Technology (NIST) and ISO, to evaluate how criminological principles are embedded in practice. Using data from the Global Cybersecurity Index (GCI), the paper introduces an innovative visual mapping of the divergence between cybersecurity preparedness and digital development across 170+ countries, revealing strategic gaps and overperformers. This paper ultimately argues for an interdisciplinary convergence between criminology and cybersecurity governance, proposing that the integration of criminological logic into cybersecurity frameworks can enhance risk anticipation, attacker deterrence, and the overall security posture of digital public infrastructures. Full article

In recent years, there has been a sharp increase in the number of online fraud cases. However, research on crime geography has paid little attention to online crimes, especially to the influencing factors behind their spatial distributions. Online fraud is closely related to people’s daily internet use. The existing literature has explored the impact of internet use on online crimes based on small samples of individual interviews. There is a lack of large-scale studies from a community perspective. This study applies the routine activity theory to online activities to test the relationship between online fraud alert data and the usage durations of different types of mobile phone users’ applications (apps) for communities in ZG City. It builds negative binomial regression models for analyzing the impact of the usage of different types of apps on the spatial distribution of online fraud. The results reveal that the online fraud crime rate and the online time spent on a financial management app share the most similar spatial distribution. While financial management, online education, transportation, and search engine app usages have a significant positive association with online fraud, the use of a financial management app has the greatest impact. Additionally, time spent on social media, online shopping and entertainment, and mobile reading apps have a significant negative association with online fraud. As not all online activities lead to cybercrime, crime prevention efforts should target specific types of apps, such as financial management, online education, transportation, and search engines. Full article

Cybercrime prevention is critical for the effective functioning of e-government services. Despite its importance, internal cybercrime mitigation processes within these services are underrepresented in the existing literature. This study addresses this gap by conducting a systematic review and bibliometric analysis of e-government research from January 2015 to January 2025. Using the Web of Science and Scopus databases, 3790 studies were identified; after removing duplicates, bibliometric analysis was performed using R Studio (Build 467). The analysis revealed that Government Information Quarterly was the leading journal, with China, the USA, and the UK contributing the most publications. Nineteen major themes emerged, with “adoption” identified as the dominant theme, followed by “governance” and “development”. Among 88 security-related studies, 19 specifically addressed cybersecurity in e-government services. Findings indicate a predominant focus on user-centric perspectives, such as service adoption and system vulnerabilities, while internal cybersecurity issues, including managerial practices and mitigation strategies, remain largely unexplored. Limited data availability may contribute to this gap. This study highlights the need for future research to adopt an integrated approach, emphasising management-level practices for cybercrime mitigation within e-government institutions from both developing and developed nations. Full article

The digital transformation age introduces cybersecurity threats into the hospitality industry by increasing the exposure and vulnerability of hospitality firms’ data and systems to hackers. The hospitality industry is a diverse segment of the service sector dedicated to the provision of services in areas such as accommodation, food and beverage, travel and tourism, and recreation, including hotels, restaurants, bars, travel agencies, and theme parks. Cybersecurity risks in the hospitality industry affect the data and systems of businesses such as accommodation, food, travel, and entertainment, primarily enabled by the industry’s increasing digitization. This study aims to map the principal cybersecurity risks to the main stakeholders by proposing a novel Picture Fuzzy Sets (PFSs)-based Matrix of Alliances and Conflicts: Tactics, Objectives, and Recommendations (MACTOR) approach. The purpose here is to examine each stakeholder’s position towards handling cybersecurity attacks and estimate the uncertain nature of personal judgments of industry representatives when stating their point of view. The research aimed to extract the triggering positions of the defined cybercrime risks to reach the root cause of these risks, as the point to try to mitigate first. Thus, this paper contributes to the literature in both theoretical and practical ways by proposing a new approach and by providing real industry officials’ perspectives to solve the challenges. A hospitality practitioner can easily understand their position in this service network and take action to prevent such cybercrimes. Full article

As blockchain technology increasingly underpins digital transactions, smart contracts have emerged as a pivotal tool for automating these transactions. While smart contracts offer efficiency and security, their automation introduces significant legal challenges. Detecting and preventing fraud is a primary concern. This paper proposes a novel application of artificial intelligence (AI) to address these challenges. We will develop a machine learning model, specifically a Convolutional Neural Network (CNN), to effectively detect and mitigate fraudulent activities within smart contracts. The AI model will analyze both textual and transactional data from smart contracts to identify patterns indicative of fraud. This approach not only enhances the security of digital transactions on blockchain platforms but also informs the development of legal standards and regulatory frameworks necessary for governing these technologies. By training on a dataset of authentic and fraudulent contract examples, the proposed AI model is expected to offer high predictive accuracy, thereby supporting legal practitioners and regulators in real-time monitoring and enforcement. The ultimate goal of this project is to contribute to legal scholarship by providing a robust technological tool that aids in preventing cybercrimes associated with smart contracts, thereby laying a foundation for future legal research and development at the intersection of law, technology, and security. Full article

Cybercrime is currently rapidly developing, requiring an increased demand for information security knowledge. Attackers are becoming more sophisticated and complex in their assault tactics. Employees are a focal point since humans remain the ‘weakest link’ and are vital to prevention. This research investigates what cognitive and internal factors influence information security awareness (ISA) among employees, through quantitative empirical research using a survey conducted at a Dutch financial insurance firm. The research question of “How and to what extent do cognitive and internal factors contribute to information security awareness (ISA)?” has been answered, using the theory of situation awareness as the theoretical lens. The constructs of Security Complexity, Information Security Goals (InfoSec Goals), and SETA Programs (security education, training, and awareness) significantly contribute to ISA. The most important research recommendations are to seek novel explaining variables for ISA, further investigate the roots of Security Complexity and what influences InfoSec Goals, and venture into qualitative and experimental research methodologies to seek more depth. The practical recommendations are to minimize the complexity of (1) information security topics (e.g., by contextualizing it more for specific employee groups) and (2) integrate these simplifications in various SETA methods (e.g., gamification and online training). Full article

The Internet of Things forensics is a specialised field within digital forensics that focuses on the identification of security incidents, as well as the collection and analysis of evidence with the aim of preventing future attacks on IoT networks. IoT forensics differs from other digital forensic fields due to the unique characteristics of IoT devices, such as limited processing power and connectivity. Although numerous studies are available on IoT forensics, the field is rapidly evolving, and comprehensive surveys are needed to keep up with new developments, emerging threats, and evolving best practices. In this respect, this paper aims to review the state of the art in IoT forensics and discuss the challenges in current investigation techniques. A qualitative analysis of related reviews in the field of IoT forensics has been conducted, identifying key issues and assessing primary obstacles. Despite the variety of topics and approaches, common issues emerge. The majority of these issues are related to the collection and pre-processing of evidence because of the counter-analysis techniques and challenges associated with gathering data from devices and the cloud. Our analysis extends beyond technological problems; it further identifies the procedural problems with preparedness, reporting, and presentation as well as ethical issues. In particular, it provides insights into emerging threats and challenges in IoT forensics, increases awareness and understanding of the importance of IoT forensics in preventing cybercrimes, and ensures the security and privacy of IoT devices and networks. Our findings make a substantial contribution to the field of IoT forensics, as they not only involve a critical analysis of the challenges presented in existing works but also identify numerous problems. These insights will greatly assist researchers in identifying appropriate directions for their future research. Full article

As cybercrime proliferates globally, law enforcement agencies face significant challenges in responding effectively. This essay shares perspectives from Singapore, where cybercrime accounted for about 70% of the total annual crime in 2023, with no clear data on case resolution rates. This situation reflects a broader global trend and highlights the need to reconceptualize policing objectives in cyberspace. The fundamental differences between cybercrime and physical crime necessitate a shift from emphasizing the identification and prosecution of perpetrators to adopting a harm-centric perspective. Under this perspective, structures and policies should be implemented to disrupt financial flows, ensure data security, disrupt the spread of harmful content, and prevent physical damage. Once this is done, strategies such as public–private partnerships, international cooperation, and training and building capabilities to address specific harms can be more effectively implemented to mitigate the growing threat that cybercrime poses worldwide. Full article

In the wake of the COVID-19 pandemic, there has been a significant digital transformation. The widespread use of wireless communication in IoT has posed security challenges due to its vulnerability to cybercrime. The Indonesian National Police’s Directorate of Cyber Crime is expected to play a preventive role in supervising these attacks, despite lacking a specific cyber-attack prevention function. An Intrusion Detection System (IDS), employing artificial intelligence, can differentiate between cyber-attacks and non-attacks. This study focuses on developing a machine learning-based policing model to detect cyber-attacks on Wi-Fi networks. The model analyzes network data, enabling quick identification of attack indications in the command room. The research involves simulations and analyses of various feature selection methods and classification models using a public dataset of cyber-attacks on Wi-Fi networks. The study identifies mutual information with 20 features such as the optimal feature reduction method and the Neural Network as the best classification method, achieving a 94% F1-Score within 95 s. These results demonstrate the proposed IDS’s ability to swiftly detect attacks, aligning with previous research findings. Full article

Cybercrime threat intelligence enables proactive measures against threat actors and informed, data-driven security decisions. This study proposes a practical implementation of cybercrime threat intelligence in the Arab world by integrating Indicators of Compromise and collecting security alerts from honeypot systems and open-source intelligence. The data collected are stored on the Malware Information Sharing Platform, an open-source platform used to create and share Indicators of Compromise. This study highlights the intuitive interface of the Malware Information Sharing Platform for data analysis, threat identification, and the correlation of Indicators of Compromise. In addition, machine learning techniques are applied to improve predictive accuracy and identify patterns in the data. The decision tree classifier achieves a high accuracy of 99.79%, and the results reveal significant potential cyber-threats, demonstrating the effectiveness of the platform in providing actionable information to prevent, detect, and respond to cybercrime. This approach aims to improve the security posture of the Arab region. Full article

A critical worldwide problem is that ransomware cyberattacks can be costly to organizations. Moreover, accidental employee cybercrime risk can be challenging to prevent, even by leveraging advanced computer science techniques. This exploratory project used a novel cognitive computing design with detailed explanations of the action-research case-study methodology and customized machine learning (ML) techniques, supplemented by a workflow diagram. The ML techniques included language preprocessing, normalization, tokenization, keyword association analytics, learning tree analysis, credibility/reliability/validity checks, heatmaps, and scatter plots. The author analyzed over 8 GB of employee behavior big data from a multinational Fintech company global intranet. The five-factor personality theory (FFPT) from the psychology discipline was integrated into semi-supervised ML to classify retrospective employee behavior and then identify cybercrime risk. Higher levels of employee neuroticism were associated with a greater organizational cybercrime risk, corroborating the findings in empirical publications. In stark contrast to the literature, an openness to new experiences was inversely related to cybercrime risk. The other FFPT factors, conscientiousness, agreeableness, and extroversion, had no informative association with cybercrime risk. This study introduced an interdisciplinary paradigm shift for big data cognitive computing by illustrating how to integrate a proven scientific construct into ML—personality theory from the psychology discipline—to analyze human behavior using a retrospective big data collection approach that was asserted to be more efficient, reliable, and valid as compared to traditional methods like surveys or interviews. Full article