Cybercrime has evolved over the years, becoming increasingly sophisticated and making it difficult for victims to identify. The rapid growth of the Internet has led to a shift in users' preferences from traditional shopping to electronic commerce. Instead of physical robberies, criminals now target victims online using specific tricks. The rise of online services has also come with a rise in cyber-attacks. Phishing is one of the most common and effective types of attacks, where criminals impersonate legitimate sources to steal confidential information. While cybercrime varies from country to country, certain factors like phishing and data breaches are observed globally. The digital landscape we enjoy today offers both opportunities and risks. With just a click of a button, fraudsters and criminals can easily find unsuspecting victims from the comfort of their own homes. By leveraging the anonymous nature of the Internet, attackers employ techniques like phishing, using false websites to deceive victims and collect sensitive information like account IDs, usernames, and passwords. Determining whether a webpage is legitimate or a phishing attempt is a challenging problem, as it exploits the vulnerabilities of computer users [13]. Due to this evolving and complex nature, robust cybersecurity measures are necessary to protect individuals and organizations. It is crucial to stay vigilant, educate ourselves about potential threats, and implement effective detection and prevention mechanisms to combat cybercrime.
Social engineering techniques are employed by attackers to exploit the carelessness and vulnerabilities of individuals in order to intercept sensitive data [14]. Phishing remains a significant concern in a rapidly changing world [15]. To address the increasing cyber threats, countries have been developing robust cybersecurity programs and implementing legislation to combat cybercrime and protect themselves from digital dangers.
The private sector has also played a crucial role in developing innovative cybersecurity solutions, ranging from antivirus programs to specialized fraud prevention software.
Phishing emails are successful because they manipulate human emotions, creating a sense of urgency and prompting recipients to take immediate action, often resulting in financial and data losses. Therefore, solely relying on human detection of phishing attempts is insufficient, and more effective automatic detection mechanisms are necessary [3].
Phishing attacks are one of the most prevalent methods employed by attackers, and their consequences can include financial losses, reputational damage, and identity theft [4].
While various phishing detection techniques have been proposed over the years, many focus on the content or textual information of emails. However, with the evolving nature of phishing emails, more sophisticated approaches are required that leverage all the characteristics of emails to enhance the detection capabilities of machine learning and deep learning classifiers [16].
1.1 The Cyber Threat Around the Globe
As the threat of cybercrime continues to grow, organizations and countries have taken measures to address this issue. Many countries have enacted their own cyber laws, and some have even registered for specific cyber law initiatives, as indicated by the Global Cybersecurity Index (GCI). Having dedicated cyber laws in place helps in the fight against cybercrime as it allows for the condemnation and punishment of illegal activities conducted online. To assess if the risks of cybercrime are distributed equally across the globe, a study was conducted using data from three major cybersecurity authorities: the National Cyber Security Index (NCSI), the Global Cybersecurity Index (GCI), and the Cybersecurity Exposure Index (CEI). By combining these datasets, a global ranking was created to identify the ten countries with the lowest and highest cyber threats. The ranking was determined by calculating the mean average of the NCSI, GCI, and CEI scores, resulting in the Cyber-Safety Scores (CSS) [26]. It's important to note that not all countries had available data for NCSI, GCI, and CEI. In such cases, the list was sorted based on the availability of data. For instance, South Sudan is marked as having the lowest NCSI score, but since there is no data available for their GCI and CEI scores, the next country in the list with available data would be used.
These rankings provide valuable insights into the varying levels of cyber threats across different countries, aiding in identifying areas that require greater attention and improvement in terms of cybersecurity measures.
1.2 The Top 10 Lower-Risk Countries for Cyber Threats
Table 1
The Top 10 lower-risk countries for cyber threats
S.N | Country | National Cyber Security Index (NCSI) Live, 23rd October 2023 in % | Global Cybersecurity Index (GCSI) 2020 in % | Cybersecurity Exposure Index (CSI) 2020 | Cybersecurity Exposure Index (CSI) 2020 in % | Cyber Safety Score (CSS) in % |
1 | Belgium | 94.81 | 96.25 | 0.190 | 81.00 | 90.69 |
2 | Lithuania | 93.51 | 97.93 | 0.297 | 70.30 | 87.25 |
3 | Estonia | 93.51 | 99.48 | 0.134 | 86.60 | 93.20 |
4 | Czech Republic | 90.91 | 74.37 | 0.334 | 66.60 | 77.29 |
5 | Germany | 90.91 | 97.41 | 0.241 | 75.90 | 88.07 |
6 | Romania | 89.61 | 76.29 | 0.462 | 53.80 | 73.23 |
7 | Greece | 89.61 | 93.98 | 0.400 | 60.00 | 81.20 |
8 | Portugal | 89.61 | 97.32 | 0.303 | 69.70 | 85.54 |
9 | United Kingdom | 89.61 | 99.54 | 0.207 | 79.30 | 85.59 |
10 | Spain | 88.31 | 98.52 | 0.210 | 79.00 | 88.61 |
In Table 1, you will find a list of the top 10 countries with the strongest cybersecurity measures, where people are most protected from cybercrime through legislation and advanced technology. However, it is unfortunate that these countries are also the primary targets for hackers.
1.3 The Top 10 Highest-Risk Countries for Cyber Threats
Table 2 presents a list of the top 10 countries that provide the least protection against cybercrime. These countries have weak or non-existent legislation regarding cybercrime, exposing them to the highest risk when it comes to processing sensitive transactions.
Table 2
The Top 10 highest-risk countries for cyber threats
S.N | Country | National Cyber Security Index (NCSI) Live, 23rd October 2023 in % | Global Cybersecurity Index (GCSI) 2020 in % | Cybersecurity Exposure Index (CSI) 2020 | Cybersecurity Exposure Index (CSI) 2020 in % | Cyber Safety Score (CSS) in % |
1 | Libya | 10.39 | 28.78 | 0.793 | 2.7 | 13.96 |
2 | Myanmar | 10.39 | 36.41 | 0.910 | 9.0 | 18.6 |
3 | Afghanistan | 12.99 | 5.2 | 1.000 | 0.00 | 6.06 |
4 | Zimbabwe | 15.58 | 36.49 | 0.724 | 2.76 | 18.27 |
5 | Mongolia | 18.18 | 26.2 | 0.738 | 15.67 | |
6 | United Republic of Tanzania | 24.68 | 90.58 | 0.731 | 2.69 | 39.32 |
7 | Jordan | 28.57 | 70.96 | 0.586 | 4.14 | 34.55 |
8 | Bosnia and Herzegovina | 28.57 | 29.44 | 0.583 | 4.17 | 20.73 |
9 | Namibia | 28.57 | 11.47 | 0.679 | 3.21 | 14.41 |
10 | Nepal | 28.57 | 44.99 | 0.762 | 2.38 | 25.31 |
1.4 The Most Common Forms of Cybercrime
As of 2022, the most prevalent types of cybercrime globally are phishing attacks, ransomware attacks, and distributed denial-of-service (DDoS) attacks. Phishing attacks involve the use of fraudulent emails or messages to deceive individuals into sharing confidential information. Ransomware attacks entail encrypting a victim's files and demanding a ransom in exchange for restoring access. DDoS attacks, on the other hand, focus on overwhelming websites or networks with excessive traffic to disrupt their normal functioning.