Introduction to Special Issue: Online Financial Crimes and Global Responses

Importance of Special Edition

Online financial crime has emerged as a significant concern in the digital era as technological developments have reshaped the ways individuals communicate, conduct financial transactions, and interact across global networks. Offenses such as business-related cybercrime, identity theft, online fraud, and cryptocurrency scams have expanded rapidly in both scale and sophistication, generating substantial economic and social harm for victims, businesses, and governments worldwide. Recent statistics illustrate the magnitude of this problem. According to the Internet Crime Complaint Center, 859,532 complaints of internet related crime were reported in the United States (Federal Bureau of Investigation, 2024), with total reported losses reaching 16.6 billion dollars. Among these reports, 256,256 complaints involved confirmed financial losses, with an average loss of approximately 19,372 dollars per victim. Cyber enabled fraud accounted for approximately 83% of total reported losses, highlighting the central role of financially motivated offenses within the broader cybercrime landscape. Evidence from international enforcement activities further underscores the transnational scope of these offenses. Coordinated operations targeting phishing, investment fraud, romance scams, and fraudulent online marketplaces have resulted in thousands of arrests worldwide, the identification of more than 14,000 additional suspects, the freezing of over 6,700 bank accounts, and the seizure of hundreds of millions of dollars in criminal assets through multi country investigations. These operations have also revealed widespread victimization associated with cyber enabled fraud, with tens of thousands of victims identified and substantial financial losses documented across multiple regions (International Criminal Police Organization [INTERPOL], 2024). Complementing these enforcement indicators, global industry surveys further highlight the prevalence of financially motivated cybercrime. The PwC Global Economic Crime and Fraud Survey (PricewaterhouseCoopers, 2024) reports that 41% of organizations worldwide experienced fraud or economic crime within the past 2 years, with cybercrime reported by 36% of organizations, making it one of the most frequently reported forms of economic crime affecting businesses globally.

Despite the scale reflected in these figures, online financial crimes remain particularly difficult to prevent and enforce. These offenses often operate across national jurisdictions, which complicate legal authority, evidence collection, and coordination among law enforcement agencies. Offenders also exploit rapidly evolving technologies, including encrypted communication platforms, digital payment systems, and cryptocurrencies, which enable them to conceal identities, rapidly transfer funds, and obscure financial trails. As digital environments continue to expand, offenders increasingly leverage online platforms, financial infrastructures, and communication technologies to carry out fraudulent schemes that are difficult to detect and investigate. The decentralized and borderless nature of many online services further allows offenders to operate from locations far removed from their victims while relying on intermediaries, mule accounts, and layered financial transactions to distribute illicit proceeds across multiple jurisdictions. These structural characteristics often delay detection, hinder the recovery of stolen assets, and complicate investigative efforts. At the same time, the rapid evolution of digital technologies enables offenders to continuously adapt their strategies in response to enforcement efforts, developing new forms of deception and financial manipulation. Consequently, a deeper understanding of the operational characteristics and situational dynamics of online financial crimes has become increasingly important for informing effective prevention strategies, strengthening investigative practices, and improving policy responses to cyber enabled fraud.

Although research on cybersecurity and financial crime has expanded in recent years, much of this scholarship remains concentrated within specialized or technical discipline (Cremer et al., 2022; Maimon and Louderback, 2019). As a result, broader criminological engagement with online financial crimes remains relatively limited despite the substantial harm these offenses produce (Dupont & Whelan, 2021). Integrating research on online financial crimes into leading criminology and criminal justice journals is therefore important not only for advancing theoretical and empirical understanding but also for informing policy development grounded in evidence based criminological research. Empirical work within criminology has long contributed to the development of effective policies and interventions aimed at preventing crime and protecting victims. Situating online financial crimes within mainstream criminological scholarship can therefore facilitate a deeper understanding of offender behavior, victim vulnerabilities, and guardianship mechanisms while generating empirical insights that support more effective regulatory, enforcement, and prevention strategies in response to emerging digital financial crimes.

Purpose of Special Edition

Online financial crimes represent a complex and rapidly evolving area of criminal activity that requires interdisciplinary collaboration and diverse analytical approaches. While policymakers and practitioners increasingly recognize the seriousness of cyber-enabled financial crimes, important questions remain regarding the effectiveness of existing enforcement strategies, regulatory frameworks, and technological interventions designed to prevent these offenses. Addressing these challenges requires systematic empirical research examining how these crimes occur, who is most vulnerable to victimization, and how institutions can better respond to emerging threats in digital financial systems.

The purpose of this special edition is to bring together scholars from diverse disciplines around the world to examine online financial crimes and the global responses developed to address them. The contributions included in this issue highlight empirical research on offending, victimization, and guardianship in online financial crimes, while also critically evaluating current policy responses and enforcement strategies across jurisdictions. A total of 10 articles in this special edition highlight several prominent forms of cyber enabled financial crime, including account takeover fraud involving compromised online banking accounts, identity theft and check fraud facilitated through the circulation of stolen financial information in illicit online markets, and financially motivated cyberattacks targeting businesses. Other studies examine ransomware based cyber extortion in which offenders encrypt or threaten to release victims’ data in exchange for payment, as well as cryptocurrency related crimes such as money laundering, market manipulation, wash trading, and fraud occurring within emerging digital asset ecosystems. Additional contributions analyze various forms of cyber fraud and online scams that rely on deception and social engineering tactics, including schemes conducted through telecommunications channels and digital communication platforms. Collectively, these articles illustrate the broad scope and evolving dynamics of online financial crimes, showing how offenders leverage digital technologies, online platforms, and cross-border communication systems to conduct financially motivated offenses. By incorporating varied methodological approaches and perspectives from multiple regions, this special edition aims to deepen scholarly understanding of these crimes and contribute to ongoing discussions on effective strategies for prevention, regulation, and enforcement.

Special Issue Contents

This section presents the table of contents by providing brief summaries of each paper and highlighting the unique contribution of the studies included in this special issue, organized around the three core components of Routine Activity Theory (Cohen & Felson, 1979). Routine Activity Theory posits that crime occurs when motivated offenders encounter suitable targets in the absence of capable guardianship, a framework particularly useful for understanding online financial crimes where digital environments shape opportunities for offending and victimization. Guided by this perspective, the papers collectively examine how offenders exploit technological systems and online platforms, how individuals and organizations become vulnerable targets of financially motivated cyber offenses, and how various forms of guardianship, including technological safeguards, institutional responses, and regulatory measures, influence the prevention and control of these crimes.

The discussion first turns to the offender side of online financial crime. Three empirical studies examine the behaviors and operational dynamics of financially motivated cyber offenders, particularly those operating within cryptocurrency enabled criminal ecosystems. Two of these studies focus on the commercialization of cybercrime driven by digital asset markets, examining offender activities associated with ransomware operations and financial crimes emerging within nonfungible token (NFT) ecosystems. The third study shifts attention to offender adaptation in cyber fraud, analyzing how fraud networks strategically modify their operational practices to evade law enforcement detection and regulatory intervention. Specifically, Gundur et al. (2026) conducted a longitudinal empirical study examining how ransomware has evolved as a form of financially motivated cybercrime. Using an original dataset of 525 ransomware strains identified between 2013 and 2025, the researchers coded each strain for characteristics such as year of emergence, ransom note language, payment instruments requested, and typical ransom amounts. The analysis revealed that ransomware development can be understood through three evolutionary phases. The Spray-and-Prey era (2013–2018) involved indiscriminate attacks distributed broadly through phishing campaigns, with relatively small ransom demands typically below $500. The Big Game Hunting era (2018–2021) marked a shift toward targeted intrusions against high-value corporate victims capable of paying large sums, often hundreds of thousands of dollars, with payment requests dominated by cryptocurrencies such as Bitcoin. The Ransom Bazaar era (2021–present) reflects further professionalization and commercialization of ransomware operations, characterized by negotiation-based extortion, multiple payment options including privacy-focused cryptocurrencies, and affiliate-based ransomware-as-a-service models. Overall, the findings suggest that ransomware has evolved from opportunistic malware attacks into a commercialized cybercriminal enterprise that adapts its payment systems, targeting strategies, and communication practices in response to cryptocurrency market dynamics and regulatory pressures. Taken it further, Ozga and Leuprecht (2026), through a case-based analysis, examined how non-fungible tokens (NFTs) create opportunities for financial crime and money laundering in digital markets. The authors compiled an original dataset of 20 NFT-related legal cases identified through legal databases and open-source sources and coded them by jurisdiction, case type, charges, and cryptocurrencies involved. The analysis showed that most cases involved criminal fraud schemes such as rug pulls, insider trading, wash trading, and investor fraud, with Ethereum serving as the dominant transactional medium. High-profile NFT collections, particularly Bored Ape Yacht Club, appeared repeatedly in fraud cases, indicating that speculative hype increases vulnerability to exploitation. The findings suggest that regulatory ambiguity surrounding NFTs, particularly their classification as art or financial securities, creates structural conditions that facilitate financial crime and highlights the need for adaptive regulatory approaches to improve transparency and consumer protection in digital asset markets. Lastly, internationally, Sun et al. (2026) additionally investigate offender strategies by examining how cyberfraud syndicates adapt their behaviors to evade police detection. Drawing on empirical evidence from cyberfraud cases across mainland China, Hong Kong, and Myanmar, the study applies motivational postures theory to analyze offenders’ evolving responses to responsive policing. The authors identify several adaptive strategies used by offenders to avoid law enforcement intervention, including shifting from high-value scams to low-value, high-frequency fraud schemes, exploiting enforcement thresholds that limit prosecution, and migrating communication from public platforms to private messaging channels to reduce traceability. Offenders also employ advanced technological tactics, such as overseas servers, fake websites, remote-control tools, and rapid destruction of digital evidence, alongside sophisticated social engineering techniques that manipulate victims’ trust and urgency. The findings highlight that cyberfraud syndicates continuously modify their operational methods in response to policing efforts, suggesting that effective cybercrime control requires adaptive and responsive enforcement strategies capable of addressing the dynamic “cat-and-mouse” relationship between regulators and offenders.

The focus of attention next shifts to the victim perspective, with four empirical studies examining victimization in various forms of online financial crime, including business cybercrime, cyberfraud, ransomware, and identity theft. Via a quantitative study, He et al. (2026) examine repeat victimization (RV) and multiple victimization (MV) in business cybercrime using data from the 2024 UK Cyber Security Breaches Survey. The study analyzed a nationally representative sample of 2,000 UK businesses and applied dynamic statistical models to assess how organizational characteristics, online activities, and cybersecurity practices influence cyber-attack risks. The findings show that cybercrime victimization is unevenly distributed across businesses, with a small proportion experiencing repeated or multiple attacks. Larger firms and those with greater online visibility or accessibility are more likely to suffer cyber-attacks, while measures such as restricting access rights and separating staff and visitor Wi-Fi networks reduce victimization risks. The results also indicate that factors predicting initial victimization differ from those associated with repeat or multiple victimization, suggesting that cybersecurity prevention strategies should be tailored to different stages of victimization rather than relying on uniform approaches. Similar findings are reported in a quantitative study conducted by Zhou et al. (2026), which utilized self-reported survey data from 929 high school students in Shandong, China. The study employed structural equation modeling (SEM) to examine the relationships among low self-control, online risk-taking, online deviant lifestyle, routine online activities, and two forms of cyber fraud victimization: fraud targeting and financial loss. The results indicate that online deviant lifestyle is the strongest predictor of both fraud targeting and financial loss. Online risk-taking also significantly increases the likelihood of both forms of victimization and serves as a key mediator linking low self-control to deviant online behaviors. After accounting for these mediating mechanisms, low self-control no longer exerts a direct effect on cyber fraud victimization, suggesting that its influence operates indirectly through risk-taking and deviant lifestyle patterns. In addition, while non-deviant routine online activities increase the likelihood of fraud targeting, they are associated with a reduced likelihood of financial loss. Overall, the findings suggest that cyber fraud victimization is more strongly explained by behavioral risk patterns and online lifestyles than by individual traits alone. Taken those observations further, Nevin et al. (2026) examined how predictor–consequence relationships vary across identity theft subtypes using a nationally representative sample of 8,254 victims from the 2021 NCVS–ITS and regression models. The findings show that bank account misuse, credit card misuse, and other account misuse substantially increase the likelihood of financial loss, whereas social media misuse is associated with a lower likelihood of monetary loss, while most subtypes are linked to higher levels of emotional distress. The results further indicate that these outcomes are conditioned by victim characteristics, with older individuals and those with disabilities experiencing greater harms in certain contexts and Black victims reporting higher levels of distress across several subtypes. In addition, higher income and routine protective behaviors reduce the likelihood of financial loss, although income may intensify distress in some cases. Overall, the study demonstrates that the consequences of identity theft are heterogeneous across both victim groups and theft types, underscoring the need for targeted prevention and tailored victim support strategies. As a valuable concluding contribution to the victimization literature, Vakhitova and Mezzetti (2026) conducted an innovative factorial vignette experiment that advances prior research by systematically examining how emotional responses shape ransomware victims’ decisions regarding whether to pay ransom demands. Using a nationwide sample of 2,085 U.S. adults, participants were randomly assigned to one of three scenarios in which they acted as a hospital cybersecurity director: a neutral policy condition, a “locked files” ransomware attack, or a “stolen files” data exfiltration threat. Participants indicated whether they would pay the ransom and reported their emotional reactions, including fear, anger, shame, and guilt. The results show that ransomware messages increased negative emotions, particularly fear and anger, but had more limited direct effects on payment decisions, with the locked files condition associated with a reduction in willingness to pay. Fear and guilt were associated with a higher likelihood of payment, whereas anger significantly reduced the likelihood of paying, and shame was not significant. Mediation analyses indicate that anger partially explains the relationship between ransomware note framing and payment decisions, although the overall indirect effects are modest. Overall, the findings suggest that ransomware decision making is shaped not only by rational considerations but also by emotionally driven responses to attacker messaging.

The final group of empirical studies in this special issue focuses on the role of guardianship. Two sets of researchers examine the importance of guardianship in preventing crimes such as account takeover fraud, identity theft, and check fraud. From a sentencing perspective, the concluding study further explores whether increased deterrence through harsher sentencing can influence organized online fraud activities. Kamar et al. (2026) conducted a quantitative natural experimental study to examine the effectiveness of two-factor authentication (2FA) in reducing account takeover fraud. Using cyber threat intelligence data collected from 50 illicit online markets between March 2021 and February 2022, the study analyzed advertisements of compromised bank accounts associated with 14 Canadian banks. During this period, three banks implemented 2FA, two as an optional feature and one as a mandatory requirement. Using Bayesian structural time series analysis, the findings show that mandatory 2FA significantly reduced the number of compromised accounts advertised on illicit markets, whereas optional 2FA had no meaningful effect. The results suggest that cybersecurity measures are most effective when implemented as mandatory institutional policies, underscoring the importance of target hardening within situational crime prevention frameworks. Additionally, Maymoni et al. (2026) conducted an OSINT-based empirical study to examine the relationship between stolen checks circulating in online illicit markets and officially reported identity theft incidents in the United States. Using open-source intelligence methods, the researchers collected and analyzed data from 80 Telegram-based illicit markets between September 2021 and December 2022, scraping over 71,000 images of stolen checks and extracting financial information using Optical Character Recognition (OCR). These data were compared with official Financial Crimes Enforcement Network (FinCEN) reports on check fraud and identity theft. The findings indicate that stolen check activity observed on Telegram significantly predicts subsequent increases in officially reported check fraud and identity theft, with patterns appearing 1 to 3 months before formal reports. The study also finds that checks issued to private individuals are more strongly associated with identity theft than business checks, suggesting different mechanisms of fraud across victim types. Overall, the authors conclude that OSINT data from illicit online markets can serve as an early warning indicator for financial fraud trends, highlighting the value of integrating alternative intelligence sources with official reporting systems to improve fraud detection and prevention. Lastly, Mao et al. (2026) conducted a particularly impressive large-scale quantitative study to examine whether increased sentencing severity deters telecom fraud in China. Collected a dataset of 108,478 court cases from 2014 to 2021 obtained from China Judgments Online, the authors coded legally defined aggravating sentencing factors from the 2011, 2016, and 2021 judicial interpretations on telecom fraud and linked them with province-level socioeconomic indicators. Applying longitudinal Poisson regression models to province-level panel data, the study assessed whether the application of specific aggravating circumstances predicted subsequent changes in fraud case counts. The findings reveal selective rather than uniform deterrence effects. Aggravating factors associated with severe harm, prior punishment for telecom fraud, and victim vulnerability were linked to reductions in later fraud cases, suggesting some deterrent impact of highly visible and morally condemned offenses. However, aggravators reflecting technologically sophisticated or organizationally coordinated fraud activities, such as impersonation of authorities, use of covert technical tools, and leadership roles in fraud groups, were associated with increases in subsequent offenses. These results indicate that severity-based penal policies alone have limited effectiveness against scalable and networked fraud operations, highlighting the need to complement punitive approaches with technological regulation and situational prevention strategies.

Conclusion

This special edition for Crime and Delinquency brings together new and diverse research on online financial crimes through the use of varied methodological approaches and interdisciplinary perspectives, allowing for a comprehensive assessment of financially motivated cyber offenses. By examining offender behaviors, victimization patterns, and guardianship mechanisms across different digital environments, the studies included in this issue contribute to a deeper understanding of how online financial crimes emerge, evolve, and impact individuals, organizations, and societies. Providing such a comprehensive special edition not only expands the growing literature on cyber-enabled financial crime within criminology, but also offers valuable insights for academics, policymakers, and practitioners seeking to better understand and address these increasingly prevalent offenses.

Importantly, the contributions in this issue highlight several emerging forms of online financial crime that have not been extensively examined within mainstream criminological scholarship. As digital technologies continue to reshape communication systems, financial infrastructures, and social interactions, offenders are constantly adapting their strategies to exploit new opportunities for deception and financial gain. The studies included in this special edition therefore offer a timely perspective on the rapidly evolving nature of cyber-enabled financial crimes and emphasize the importance of continued empirical research to understand their operational dynamics and societal consequences.

As such, I hope this special edition serves as a starting point rather than a conclusion for scholarly engagement with online financial crime. Continued research is needed to examine how technological change, global financial systems, and regulatory responses shape the development of these offenses and the vulnerabilities of potential victims. I encourage scholars across criminology and related disciplines to further explore these issues and contribute to the development of evidence-based strategies aimed at improving prevention, strengthening guardianship mechanisms, and protecting individuals and organizations from online financial victimization.