Hacked Nation: The Cybercrime Surge
DATA ANALYSIS | DATA VISUALIZATION
RESEARCH QUESTION
How have cybercrime threat types, financial impacts, and victim demographics in the United States evolved between 2020 and 2024?
PROCESS
This analysis used data extracted from IC3 annual reports (2020–2024). Five-year averages were cleaned and compiled to uncover key insights. Visualizations were created in Tableau to explore cybercrime trends, then enhanced for impact in a data visualization poster (Fig 1.0).
KEY INSIGHTS
â–« Shows top cybercrime types over five years.
â–« Compares complaint volume to financial loss.
â–« Highlights which age groups are most affected.
â–« Identifies the most targeted industry sectors.
â–« Maps the states with the highest reported losses.
DATA SOURCES
SOFTWARE
MS Excel, Tableau and Adobe Illustrator
Figure 1.0
ANALYSIS: CRIME TYPE & FINANCIAL LOSS
The visual analysis reveals a striking disconnect between frequency and financial severity of cybercrimes. Fig. 2.0 below will highlight the following insights drawn from the data of complaints and financial losses from the 5 most reported cyber crimes:
-
Phishing led with 1.36 million complaints, making it the most reported crime type from 2020–2024.
-
However, Investment fraud topped the financial loss chart at $15 billion, despite far fewer incidents.
-
Crimes like Non-payment/Non-Delivery and Personal Data Breach also showed lower volume but disproportionately high losses.
-
Another standout is the steep and sudden rise in financial losses reported for tech support cybercrimes.
This highlights a key insight: high volume ≠ high financial impact. The data emphasizes the importance of addressing both common and costly threats in cybersecurity response strategies.
Figure 2.0
ANALYSIS: DEMOGRAPHIC IMPACT
The demographic breakdown, as represented in Fig. 3.0, shows that older adults bear a heavier financial burden:
​
-
The 60+ age group experienced the highest total losses, reaching $14.67 billion, despite reporting similar complaint volumes to younger cohorts.
-
In contrast, younger users (<20) reported fewer complaints and losses, suggesting either lower targeting or lower success rates for scammers.
The data suggests older individuals may be more financially impacted by cybercrime, possibly due to greater financial assets or higher susceptibility to certain scams.
Figure 3.0
WHO IS GETTING HIT THE HARDEST
In 2024, the U.S. reported total cybercrime-related losses of $16.6 billion. Figure 4.1 highlights the top five states by reported losses, which together accounted for $6.35 billion. Notably, California, Texas, and Florida led the list, with California alone reporting $2.5 billion in losses.
​
Geographically, these 5 states collectively responsible for over a third in losses, demonstrate a pattern shaped by both operational urgency and high population density, making them prime targets for cybercriminal activity.
Figure 4.1
Figure 4.2 below compares the five U.S. states with the highest cybercrime impact in 2024, showing both total financial losses and number of complaints. California tops both measures, reflecting its large population, high digital activity, and concentration of high-value targets. Texas and Florida also report high complaint volumes, but their average loss per incident is lower, around $21,000 and $20,500 respectively.
New York, with fewer complaints than the top three, still ranks high in total losses, with an average loss per complaint of nearly $24,700. California’s average loss per incident is even higher, exceeding $26,000. Illinois, while lower in both total losses and complaints, has the lowest average loss per complaint among the five states, at around $18,800.
These variations highlight that cybercrime isn’t distributed evenly across states, and some are targeted more frequently, while others suffer greater losses per incident.
Figure 4.2
INDUSTRY IMPACT
Cybercrime doesn’t affect all industries and regions equally. Healthcare and critical manufacturing were among the most targeted sectors, facing relentless ransomware and data breach attempts. Figure 5.0 presents a bubble diagram illustrating the extent to which each industry is affected.
​
-
Healthcare & Public Health: Provides medical services and public health infrastructure — e.g., hospitals, clinics, health departments.
-
Information Technology: Delivers digital infrastructure, software, and cybersecurity services — e.g., cloud providers, IT consultancies.
-
Financial Services: Manages money, investments, and insurance — e.g., banks, credit card companies, fintech startups.
-
Government Facilities: Supports federal, state, and local operations — e.g., administrative offices, military sites, public service agencies.
-
Critical Manufacturing: Produces essential goods for national security and economy — e.g., defense contractors, semiconductor plants, energy equipment manufacturers.
Figure 5.0
FUTURE DIRECTIONS
This project opened up key questions I’d like to explore further, especially around the why behind the patterns. What makes certain crime types more financially damaging despite lower complaint counts? How do scammers tailor their tactics to specific age groups or industries?
I'm particularly interested in digging deeper into attack methods (these are vectors within a certain cybercrime type) and how they intersect with user behavior, trust, and digital literacy.
​
In future iterations, I’d also like to bring in geographic data to better understand regional response capacity and recovery. Comparing IC3 reporting patterns with public awareness campaigns or intervention strategies could reveal gaps in prevention. I’m interested in how a deeper understanding of cybercrime patterns can support smarter prevention strategies and more targeted public awareness efforts.