Cybercrimeology

Cybercrimeology
  • 5.0 (2)
  • SCIENCE
  • UPDATED SEMIMONTHLY

Cybercrimeology is a podcast about cybercrime, its research and its researchers. We talk to top researchers from around the world to learn about different forms of cybercrime and their research. We learn about cybercrime theory, organized crime online, Darknet drug markets, cybercrime awareness and crime prevention, technology-facilitated intimate partner violence and much more. The podcast has been running since November of 2019 and there is still so much to learn. I am happy to have you along for the journey into this fascinating subject.

  1. Beyond “The Cybercriminal”: Understanding Diversity in Cyber Offenders

    FEB 1

    Beyond “The Cybercriminal”: Understanding Diversity in Cyber Offenders

    Notes:Dr Bekkers describes his academic pathway from psychology to criminology and explains why his research focus has consistently been on offenders and their behaviour rather than on offences or technologies.Cybercrime offenders are often portrayed as a homogeneous group of highly skilled hackers, but research shows they are a heterogeneous population with distinct motivations, skills, and pathways into crime.A key distinction can be made between financially motivated cybercrime, such as online fraud, and more technically complex cyber-dependent crimes such as hacking, DDoS attacks, and website defacement.Financially motivated cybercrime offenders often resemble traditional offline offenders and may commit both online and offline crimes, with similar risk factors, peer influences, and personality profiles.Technically skilled cyber offenders tend to show different characteristics, including higher levels of self-control and intrinsic motivations such as curiosity, challenge, and skill development.Research suggests that traditional criminological theories still help explain some forms of cybercrime, particularly financially motivated offences, while other forms require additional or adapted theoretical approaches.Gaming environments may act as pathways into certain forms of cybercrime by facilitating skill development, exposure to deviant peers, and access to illicit online forums, though gaming may also be protective in some contexts.Parental supervision and open communication may play a role in shaping online behaviour, similar to the role of guardianship and social control in offline offending.Law enforcement responses differ depending on the type of cybercrime, with financially motivated offences often handled by local police and more technical crimes investigated by specialized units.Dr Bekkers highlights the need for longitudinal research and greater engagement with offenders to better understand pathways into cybercrime and to inform prevention and intervention strategies.About our guest:Dr Luuk Bekkers https://www.thuas.com/research/research-groups/team-cybercrime-cybersecurity https://www.linkedin.com/in/luuk-bekkers-79621b162/ Papers or resources mentioned in this episode:Bekkers, L. M. J., Moneva, A., & Leukfeldt, E. R. (2025). Distinct group, distinct traits? A comparison of risk factors across cybercrime offenders, traditional offenders and non-offenders. Psychiatry, Psychology and Law, 1–25. https://doi.org/10.1080/13218719.2025.2546311 Bekkers, L. M., Holt, T. J., & Leukfeldt, E. R. (2025). The psychological correlates of cybercrime offending: Exploring the self-control/social learning relationship in serious cyber-dependent crime. European Journal of Criminology, 0(0). https://doi.org/10.1177/14773708251378356 Bekkers, L. M. J., Holt, T. J., & Leukfeldt, E. R. (2025). Exploring the factors that differentiate individual and group offenders in cyber-dependent crime. Journal of Criminal Justice, 101, 102522. https://doi.org/10.1016/j.jcrimjus.2025.102522

    25 min
  2. Systematically Improving Cybersecurity Training

    JAN 1

    Systematically Improving Cybersecurity Training

    Notes:Julia Prümmer describes her transition from legal psychology into cybersecurity research and how psychological methods shape her approach to cybersecurity training.The discussion explores the role of systematic reviews in mapping what a research field actually knows, rather than relying on highly visible or frequently cited studies.Findings from a large-scale systematic review of cybersecurity training methods are discussed, highlighting the diversity of training approaches used across the literature.The episode examines results from a meta-analysis assessing the overall effectiveness of cybersecurity training and the gap between improvements in precursors such as knowledge and intentions versus observable behaviour.Julia explains why many cybersecurity training programmes lack explicit behavioural theory and rely on trial-and-error design choices.A key theme is the distinction between cybersecurity behaviours that require active engagement, such as phishing detection, and behaviours that may benefit from habit formation, such as screen locking or password management.The conversation draws on research into email habits and phishing susceptibility to illustrate how habitual behaviour can increase vulnerability in certain contexts.Julia discusses the use of psychological theory, including habit formation and implementation intentions, to design and evaluate cybersecurity training interventions.The episode concludes with reflections on the future of cybersecurity training research and the need for behaviour-specific, theory-informed models.About our Guest:Julia Prümmer https://www.universiteitleiden.nl/medewerkers/julia-prummer#tab-1 https://www.linkedin.com/in/julia-prümmer-376778159/ Papers or resources mentioned in this episode Prümmer, J., van Steen, T., & van den Berg, B. (2024). A systematic review of current cybersecurity training methods. Computers & Security, 136, 103585. https://doi.org/10.1016/j.cose.2023.103585 Prümmer, J. (2024). The role of cognition in developing successful cybersecurity training programs: Passive vs. active engagement. In D. D. Schmorrow & C. M. Fidopiastis (Eds.), Augmented cognition. HCII 2024 (Lecture Notes in Computer Science, Vol. 14695, pp. 185–199). Springer. https://scholarlypublications.universiteitleiden.nl/handle/1887/4093101 Prümmer, J., van Steen, T., & van den Berg, B. (2025). Assessing the effect of cybersecurity training on end-users: A meta-analysis. Computers & Security, 150, 104206. https://doi.org/10.1016/j.cose.2024.104206 Vishwanath, A. (2015). Examining the distinct antecedents of e-mail habits and its influence on the outcomes of a phishing attack. Journal of Computer-Mediated Communication, 20(5), 570–584. https://doi.org/10.1111/jcc4.12126 Other If this topic of training as an intervention to reduce susceptibility to cybercrime, you might also enjoy the recent Episodes 123, 116, 110, 106, 60, and 59 that are all on related topics. If you are brave you can even go right back to Episodes 6, 7 and 8, there is a lot to listen to.

    49 min
  3. The Human beneath the Hoodie: Profiling pathways into cybercrime

    2025-12-01

    The Human beneath the Hoodie: Profiling pathways into cybercrime

    otes: Melissa completed her PhD after two decades of operational work, bringing a pracademic perspective to cyber profiling and offender pathways. Her research focuses on understanding the human behind the keyboard through developmental history, motivation and lived experience. Initial motivations among hackers often centre on curiosity, challenge seeking and belonging rather than financial gain. Many participants reported early interest in technology, solitary online activity and experiences they described as destabilising events. Melissa distinguishes between lawful and criminal pathways using indicators such as modifying games, low self-control and a history of property offending. Her work highlights misunderstandings about intent, the role of gamification and the abstraction of harm when offending takes place online. She argues that cybercrime is a societal problem requiring early education, parental and teacher capability building and partnerships with tech and gaming companies. Diversion programs are essential to guide youth with technical interest toward prosocial cybersecurity roles rather than criminalisation. About our guest: Dr Melissa Martineau https://www.linkedin.com/in/melissa-martineau-369bb5258/ https://www.captechu.edu/webinar-series-melissa-martineau Papers or resources mentioned in this episode: Martineau, M. (2023). The pathways of cyber dependent offenders. Journal of Cybercriminology, 3(3), 32. https://www.mdpi.com/2673-6756/3/3/32 Martineau, M. (2024). Distinguishing lawful and criminal hacker trajectories. Journal of Cybercriminology, 4(4), 45. https://www.mdpi.com/2673-6756/4/4/45 Other: Dr Martineau wanted to share something called PRISMA (Preferred Reporting Items for Systematic reviews and Meta-Analyses) which is a helpful guideline designed to improve the reporting of systematic reviews. You can find out more about it here.    http://www.prisma-statement.org

    34 min
  4. Courses, Clicks and Consequences: Empiricizing Enterprise Security

    2025-11-01

    Courses, Clicks and Consequences: Empiricizing Enterprise Security

    Episode Notes: Dr Ho describes an empirical research agenda focused on how security actually operates in organisations. He explains his experience with getting this research off the ground to allow them to perform the research in this setting.Study setting and scope: eight-month randomised controlled trial at UC San Diego Health involving ~19,500 employees and ten distinct phishing campaign lures.Annual awareness training: the study found no significant relationship between how recently staff completed the mandated course and their likelihood of failing a simulated phishing campaign.Embedded training (when someone clicks a phishing simulation and is immediately redirected to training): the measurable improvement was very small (≈2% reduction in failure rate) and varied significantly by lure and engagement.Engagement challenge: The vast majority of embedded-training sessions were extremely short or incomplete, a key factor in explaining limited effect size.Variability of lure difficulty: Some phishing lures elicited very low click-rates (~1.8%) while others up to ~30.8%, indicating that the phishing stimulus matters as much as, or more than, the training intervention.Practical takeaway: Organizations should treat training (especially annually mandated modules) as only one part of a broader defence strategy, and design empirical measurement systems (including controls, realistic lures, and sustained engagement) before assuming large effect sizes. About our Guest: Dr Grant Ho Profile: https://cs.uchicago.edu/people/grant-ho/ Papers or resources mentioned in this episode: Ho, G.; Mirian, A.; Luo, E.; Tong, K.; Lee, E.; Liu, L.; Longhurst, C.A.; Dameff, C.; Voelker, G.M. (2025). Understanding the Efficacy of Phishing Training in Practice: A Randomized Controlled Trial at a Large Health Organisation. Presented at the IEEE Symposium on Security & Privacy (May 2025). Full PDF: https://people.cs.uchicago.edu/~grantho/papers/oakland2025_phishing-training.pdf Other:  I mentioned some figures about the spending on cybercsecurity education and training, You can find those here.   Canadian Survey of Cyber Security and Cybercrime (CSCSC) https://www23.statcan.gc.ca/imdb/p2SV.pl?Function=getSurvey&SDDS=5244 Get convenient Excel Tables of the Statistics from 2017 and 2019.  https://www.serene-risc.ca/en/statistics-canada Other Other: Dr Ho was great to chat with and has a long history of researching phishing, Some of his older work that is more technical in nature, as so we didn't talk about in the episode, but in the case that it  might be interesting to you, here are some links:  Ho, G., Sharma, A., Javed, M., Paxson, V., & Wagner, D. (2017). Detecting Credential Spearphishing Attacks in Enterprise Settings. In Proceedings of the 26th USENIX Security Symposium (USENIX Security ’17), Vancouver, BC, Canada, August 16-18, 2017. USENIX Association. ISBN 978-1-931971-40-9. PDF: https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-ho.pdf USENIX+2USENIX+2 Presentation page: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/hoUSENIX+1 Ho, G., Cidon, A., Gavish, L., Schweighauser, M., Paxson, V., Savage, S., Voelker, G. M., & Wagner, D. (2019). Detecting and Characterizing Lateral Phishing at Scale. In Proceedings of the 28th USENIX Security Symposium (USENIX Security ’19), Santa Clara, CA, USA, August 14-16, 2019. USENIX Association. ISBN 978-1-939133-06-9. PDF: https://www.usenix.org/system/files/sec19-ho.pdf USENIX+1 Presentation page: https://www.usenix.org/conference/usenixsecurity19/presentation/ho USENIX

    1h 4m
  5. The many minds of MITRE: building multidisciplinary human insider-risk research

    2025-10-01

    The many minds of MITRE: building multidisciplinary human insider-risk research

    Trigger warning: This episode includes discussion of suicide in the context of researching measurable predictive indicators and the lack thereof in the context of cyber.  Episode Notes Dr Caputo's path from social psychology to applied security, including intelligence analysis and building a behavioural-science team at MITRE.What MITRE is: a not-for-profit operating six federally funded R&D centres that provide independent, public-interest research alongside government.Why early “indicator” hunting on endpoints often chased the last bad case; shifting to experiments and known-bad/created-bad data to learn patterns of behaviour change.The LinkedIn recruiter field experiment: ethically approved creation of recruiter personas, staged outreach in three messages, and follow-up interviews to understand reporting barriers.What user-activity monitoring can and cannot tell you; the role of human judgement and programme design.Insider-risk is not only “malicious users”: designing programmes for negligent, mistaken or outsmarted behaviours as well.Current lines of work include improving employee recognition and reporting of malicious elicitations and exploring whether insider-risk telemetry offers early signals of suicide risk.Why multidisciplinary teams beat solo efforts in insider-risk operations.About our guest: Dr. Deanna D. Caputo   MITRE Insider Threat Research & Solutions profile: https://insiderthreat.mitre.org/dr-caputo/  LinkedIn: https://www.linkedin.com/in/dr-deanna-d-caputo Papers or resources mentioned in this episode: Caputo, D. D. (2024). Employee risk recognition and reporting of malicious elicitations: Longitudinal improvement with new skills-based training. Frontiers in Psychology. https://www.frontiersin.org/journals/psychology/articles/10.3389/fpsyg.2024.1410426/full  MITRE Insider Threat Research & Solutions. (2025). Suicide risk and insider-risk telemetry overview. https://insiderthreat.mitre.org/suicide-risk/  MITRE. (2024). Managing insider threats is a team sport. https://www.mitre.org/news-insights/impact-story/managing-insider-threats-team-sport  MITRE Insider Threat Research & Solutions. (2024). Capability overview two-pager (PDF). https://insiderthreat.mitre.org/wp-content/uploads/2024/06/MITREInTResearchSolutions-CapabilityTwoPager-24-0659_2024-02-01.pdf  MITRE Insider Threat Research & Solutions. (2024). Insider Threat Behavioural Risk Framework two-pager (PDF). https://insiderthreat.mitre.org/wp-content/uploads/2024/06/MITREInTResearchSolutions-InTFramework_TwoPager-24-0674_2024-03-18.pdf

    44 min
  6. Follow the Honey: Experiments in Cybercriminal Decision-Making

    2025-09-01

    Follow the Honey: Experiments in Cybercriminal Decision-Making

    Show Notes: Daniëlle began her academic path in psychology, later moving into criminology through her interest in decision making and online behaviour.Her PhD research at NSCR focuses on cybercriminal decision making, using honeypots and experiments in real online environments.Early experiments tested how different rewards affected access attempts on fake accounts.A major focus has been on the impact of Operation Cookie Monster (2023), which disrupted the Genesis Market. Danielle’s work examined how this law enforcement operation influenced behaviour and moderation practices on hacker forums.She emphasizes the value of experiments in the field, which allow researchers to test criminological theories with live offender behaviour, while balancing strict ethical and legal safeguards.About our guest: Danielle Stibbe NSCR Profile Page: https://nscr.nl/en/medewerker/danielle-stibbe-msc/Google Scholar: https://scholar.google.com/citations?user=1fsHJEgAAAAJ&hl=enLinkedIn: https://www.linkedin.com/in/danielle-stibbe/?originalSubdomain=nlPapers or resources mentioned in this episode: Onaolapo, J., Mariconti, E., & Stringhini, G. (2016). What happens after you are pwnd: Understanding the use of leaked webmail credentials in the wild. Proceedings of the 2016 Internet Measurement Conference. https://doi.org/10.1145/2987443.2987475Europol (2023). Operation Cookie Monster: Genesis Market taken down in coordinated international action.https://www.europol.europa.eu/media-press/newsroom/news/operation-cookie-monster-genesis-market-taken-down-in-coordinated-international-actionOxford Handbook of Criminal Decision Making (2016). Eds. Bruinsma & Weisburd. Oxford University Press.Other: The open science framework https://osf.io

    31 min
  7. Crime Online: Hashtag Like and Subscribe, or don't

    2025-08-01

    Crime Online: Hashtag Like and Subscribe, or don't

    Episode NotesAbout our guest:Dr. Francesco Carlo Campisi PhD in Criminology, Université de Montréal Researcher, International Centre for Comparative Criminology 🔗 https://www.cicc-iccc.org/fr/personnes/etudiants-supervises/carlo-campisi 🔗 https://www.linkedin.com/in/francesco-carlo-campisi-aa3576125/ Topics discussed in this episode:From street gangs to digital deviance: a research trajectoryWhy “recruitment” doesn’t fit how modern movements growHow groups like QAnon and Anonymous influence participation onlineUsing social media metrics to measure engagementEmotional capital, visibility, and symbolic participationUpdating resource mobilization theory for digital contextsHashtag hijacking and online visibility strategiesStochastic terrorism and the challenge of lone-wolf violencePapers or resources mentioned in this episode:Campisi, F. (2024). Unveiling the digital underworld – Exploring cyberbanging and recruitment of Canadian street gang members on social media. Canadian Journal of Criminology and Criminal Justice, 66. https://doi.org/10.3138/cjccj-2023-0033Campisi, F., Fortin, F., & Néron, M.-E. (2022). Hacktivists from the inside: Collective identity, target selection and tactical use of media during the Quebec Maple Spring protests. Presented at the ICCC Symposium. Available on ResearchGateCampisi, F., & Beauregard, E. (2025). QAnon’s use of hashtag hijacking on X and its impact on online engagement. SSRN preprint. LinkMcCarthy, J. D., & Zald, M. N. (1977). Resource mobilization and social movements: A partial theory. American Journal of Sociology, 82(6), 1212–1241.Vigil, J. D. (1988). Barrio gangs: Street life and identity in Southern California. University of Texas Press. https://www.ojp.gov/ncjrs/virtual-library/abstracts/barrio-gangs-street-life-and-identity-southern-california-0Other: If you are curious about the video that was taken down, you should watch this video. https://www.youtube.com/watch?v=PIyrzMThHq8

    30 min
  8. The Human in_security - deception, weapons, crime & culture

    2025-07-01

    The Human in_security - deception, weapons, crime & culture

    About our guest: Dr. Iain Reid Senior Lecturer in Cybercrime University of Portsmouth https://www.port.ac.uk/about-us/structure-and-governance/our-people/our-staff/iain-reid   Topics discussed in this episode: How principles of military deception map onto cybersecurityWhy the phrase “the human is the weakest link” oversimplifies riskWhat it’s like to research developer perspectives on secure softwareThe psychology of decision-making in phishing attacksHow time pressure influences risky digital behaviourThe limits of “security culture” as an organizational solutionHow cyber deception fits within defence-in-depth  Papers or resources mentioned: Reid, I., Okeke-Ramos, A., & Serafin, M. (2024). Exploring the ethics of cyber deception technologies for defensive cyber deception. In P. Bednar, J. Kävrestad, E. Bergström, M. Rajanen, H. V. Hult, A. M. Braccini, A. S. Islind, & F. Zaghloul (Eds.), Proceedings of the 10th International Conference on Socio-Technical Perspectives in Information Systems (STPIS 2024) (pp. 140-148). (CEUR Workshop Proceedings). https://ceur-ws.org/Vol-3857 Whaley, B. (2007). Stratagem: deception and surprise in war. Artech. Rowe, N.C., Rrushi, J. (2016). Measuring Deception. In: Introduction to Cyberdeception. Springer, Cham. https://doi.org/10.1007/978-3-319-41187-3_11 Ashenden, D., Ollis, G., & Reid, I. (2022, October). Dancing, not Wrestling: Moving from Compliance to Concordance for Secure Software Development. In Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering (pp. 1-9). Paris Call for Trust and Security in Cyberspace https://pariscall.international   Other I would like to thank Dudley the French Bulldog for the invaluable (unavoidable) contribution to this episode.

    28 min
See All (126)

Ratings & Reviews

5
out of 5
2 Ratings

About

Cybercrimeology is a podcast about cybercrime, its research and its researchers. We talk to top researchers from around the world to learn about different forms of cybercrime and their research. We learn about cybercrime theory, organized crime online, Darknet drug markets, cybercrime awareness and crime prevention, technology-facilitated intimate partner violence and much more. The podcast has been running since November of 2019 and there is still so much to learn. I am happy to have you along for the journey into this fascinating subject.

Information

  • Creator
    Cybercrimeology
  • Years Active
    2019 - 2026
  • Episodes
    126
  • Rating
    Clean
  • Show Website
    Cybercrimeology