US Cybercrime index: which states suffer the most?

After analyzing data provided by the Federal Bureau of Intelligence (FBI), Surfshark, a virtual private network (VPN) company, found out which US states suffer the most from cyberattacks and where perpetrators find their most lucrative victims.

To assess how cybercrime varies in each state, Surfshark reviewed data from the FBI’s Internet Crime Complaint Center. According to their calculations, the state with the most cybercrime victims per 100,000 internet users is Nevada (801), where perpetrators hurt people more than four times the national average.

In Nevada, the most common type of cybercrime is identity theft. In 2021, there were nine thousand reported victims of identity theft in the state, while the remaining victims experienced credit card fraud and cyber terrorism.


However, the average loss of a cybercrime victim is highest in the small state of North Dakota, where it equals $31,711 per scam – Nevada’s numbers are much better at $4,728 per scam.

It must be noted, though, that fewer than 800,000 people live in North Dakota, so a few large-scale thefts probably boosted the average. Surshark says hackers have been building fortunes out of fake relationship schemes in the state and schemed up to $12,1 million out of North Dakota internet users in 2021 alone.


The average cybercriminal steals $14,048 per scam in the US, but the severity of cybercrime varies significantly from state to state – for instance, in Colorado, the average perpetrator netted a whopping $33,605 in 2021.

In the states where perpetrators steal the most, such as Colorado or New York, criminals are likely targeting small- to mid-size businesses with financial capital. Investment scams are the most profitable.


And while Americans aged 40 to 49 constitute just 12,4% of the population, they account for 20,8% of all cybercrime victims in the US. Conversely, Americans under 20 make up almost 25% of the population, but they accounted for just 3,5% of victims in 2021.

Even so, the age group most victimized by cybercrime was the 60-plus year olds. In 2021, 92,371 Americans of this age group were victims of cybercriminals and collectively lost $1.7 billion.


According to Surfshark’s team, the type of cybercrime and the potential victim pool varies across the country. It depends on a number of factors.

“In states with older populations, the average internet user may be less tech-savvy and more vulnerable to phishing scams or other types of cybercrime. Similarly, states with more businesses prone to cybercrime — like real estate, gambling, lottery, and sweepstakes — may have more cybercrime overall,” the report says.

Cybercrime in the US is rising in both frequency and severity. In 2021 alone, the FBI received a record 847,376 complaints of cybercrime, with potential losses exceeding $6.9 billion.

At the same time, the US is one of the countries with some of the most robust cyber laws in place. The first effective law against such crimes was first established in the US in 1986, termed The Computer Fraud and Abuse Act (CFAA).

More from Cybernews:

3.5m IP cameras exposed, with US in the lead

Firefox and Thunderbird flaws allowed system takeover

Seven accused of smuggling military tech from US to Russia

Apple fixed actively exploited zero-day bug impacting iPhones

California says it is responding to Lockbit’s attack on Department of Finance

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked