You place your order, make the payment, and only later notice a small detail: just one letter in the website address was different.
That’s how easily you can fall into a cybercriminal trap. If you’re lucky, the amount lost is small, and your bank acts fast — refunding the money and reissuing your card. But not everyone is so fortunate: in many countries, recovering stolen funds is nearly impossible.
One click away from losing everything
A bankruptcy lawyer told UN News that an increasing number of people are being forced to declare bankruptcy after losing money to cybercrime.
Anyone can fall victim to a cyberattack — no matter where they live — and everyone deserves protection and support.
Many cybercrimes originate in locations in Southeast Asia, like this abandoned scam farm in the Philippines.
While in some countries, cybercriminal acts still don’t fall clearly under the legal definition of “cybercrime,” and mechanisms for international legal cooperation are lacking, cybercrime itself is rapidly evolving.
What once were isolated attacks by individual hackers have become large-scale operations run by organized criminal networks.
The Internet and new technologies, including artificial intelligence, allow criminals to act faster and at greater scale, reach victims across the globe, and commit crimes with minimal human involvement.
From autonomous cyberattacks and fake images created using deep-fake technologies to malicious software and phishing campaigns enhanced by AI, the misuse of new technologies challenges traditional systems of investigation and cybercrime prevention.
Phishing kits for criminals
The most common cybercrime today is phishing — deceiving victims into revealing passwords or financial information through fake websites or emails, like the local hardware store.
Even inexperienced criminals can now use ready-made “phishing kits” to instantly create realistic clones of major brand websites and send convincing fraudulent messages.
In recent years, billions of stolen username and password combinations have surfaced on the dark web. These data are used in so-called credential-stuffing attacks — automated login attempts across thousands of websites at once.
Turning the page on cybercrimes
This page of digital history may soon turn.
In December 2024, the UN General Assembly adopted the United Nations Convention against Cybercrime — the first international treaty on criminal justice in more than two decades.
The adoption of the document was the result of five years of negotiations among UN Member States, with the participation of experts, civil society, academia, and the private sector.
UN Secretary-General António Guterres called the adoption of the Convention “a decisive step” in global efforts to ensure safety online.
A mobile phone, evidence in an anti-cybercrime operation in Southeast Asia, is set aside for analysis.
On 25 October, the Convention will be opened for signature at an official ceremony in Hanoi, Viet Nam. It will enter into force 90 days after ratification by 40 States.
Global response to global threat
The new document establishes a common international framework for combating cybercrime. It introduces unified definitions, investigation standards, and mechanisms for assisting victims — including compensation, restitution, and removal of illegal content.
States will implement these measures in accordance with their national legislation but within agreed international principles. And perhaps, with this Convention, a new era will begin — one in which a single wrong letter in a website address will no longer cost you everything.
The United Nations Office on Drugs and Crime (UNODC) leads the UN response to cybercrime with training and support to countries across the world.
The Vienna-based agency draws upon its specialized expertise on criminal justice systems to provide technical assistance in prevention and awareness-raising, legislative reform, revamping of law enforcement capabilities, international cooperation, forensic support as well as in data collection, research and analysis on cybercrime.
