Software

Bitkom: Cybercrime balance sheet – 6 out of 10 Internet users are affected

March 4, 2025: The majority of internet users in Germany have been victims of cybercrime in the past 12 months. 61 percent have personally experienced it, while 36 percent have been spared. This is the result of a representative survey of 1,021 people aged 16 and over in Germany who use the internet, commissioned by the digital association Bitkom.

Graphic: Biktom

Most common crimes: fraud when shopping online, phishing and malware

Internet users are most frequently affected by three crimes: 36% have been defrauded when shopping online, 30% have had their personal information obtained by attackers via text message, email or phone call through so-called phishing and 24% have had their smartphones or computers infected with malware such as viruses. This is followed at a considerable distance by spying on access data for online services (9 percent) and fraud against sales staff in online retail (6 percent). In 5 percent of cases, others have impersonated them online, 5 percent have had their account or credit card details stolen and misused online, 3 percent have been sexually harassed online and 2 percent have been personally threatened. There are also reports of new attacks using artificial intelligence, with 3% being deceived with a deepfake, i.e. an AI-generated video or photo. At the bottom of the rankings are the infection of their own computer or smartphone with ransomware and the unauthorized use of their own online banking (2 percent each).

Another 2 percent were victims of a new scam that blurs the offline and online worlds, known as quishing. This involves distributing QR codes, for example on supposed official letters or parking tickets. Anyone who scans these with their smartphone is directed to a fraudulent online page where they are tricked into paying fees or entering personal data, for example. “Fraud with QR codes is an example of how cyber criminals are constantly finding new ways to deceive people and cause them harm. Quishing is still too little known and we need to provide more information about it,” says Wintergerst.

Only a quarter have suffered no financial loss

On average, victims of cybercrime have suffered a loss of 219 euros in the past 12 months. 60 percent of those affected state that they personally suffered damage, which amounted to an average of 181 euros. 4 percent say that a third party, such as an online retailer or the bank, was responsible for the damage. Their average loss is 609 euros. A quarter (25 percent) did not suffer any financial loss, while 13 percent were unable or unwilling to provide any information.

There is a high number of unreported cases of cybercrime

Only around a quarter (26 percent) of those affected by cybercrime have filed a complaint with the police. 8 percent have contacted other authorities such as the Federal Office for Information Security (BSI) and 3 percent have consulted a lawyer. “When it comes to cybercrime, we have a high number of unreported cases in the official statistics because many people do not contact the authorities or take legal action,” says Wintergerst. More often, those affected seek help in their personal environment or change their personal behavior. Almost half (46%) have sought to talk to friends or family, 39% have changed passwords or other security information, 11% have drawn attention to the criminal activities through social media posts or contributions on online platforms and 3% have responded to the criminals’ demands, such as ransom payments. In addition, 42% have contacted the company whose platform was used for the criminal activities and 12% have deleted or terminated their account there. However, around a fifth (22 percent) have not responded at all.

– – – – – –