Evaluating Criminal Transactional Methods in Cyberspace as Understood in an International Context

Dates: October 2018 – May 2020
Lead researchers: R.V. Gundur, Flinders University, Australia, Michael Levi, Cardiff University, Volkan Topalli, Georgia State University, Marie Ouellet, Georgia State University, Maria Stolyarova, Lennon Yao-Chung Chang, Monash University, Australia and Diego Domínguez Mejía, Flinders University.


This project explored what is currently known about the financial transactions that cybercriminals carry out amongst themselves, and what they demand and receive from their victims. It provided an overview of the state of play in the countries of interest through five linguistic searches: in English, Russian, Chinese, Spanish, and French. For each of the five languages, surveyed the organisations, structures and policies that are relevant to financial aspects of cybercrime and conducted a systematic review of the relevant literature.

The literature review examined the processes and attributes of cybercriminal acts and what is known about the actors behind them, and the specific financial strategies employed to facilitate and benefit from profit-generating crimes. Authors prioritised examinations of the victim-facing parts of crimes. They described how attacks happen: the vulnerabilities attackers exploit and processes behind how crimes unfold, in broad terms. Many claims within the grey literature were found to lack methodological rigour, making the asserted facts difficult to verify. Most existing research focuses on developed economies and markets, leaving a significant gap in understanding as to how cybercrime affects rapidly expanding internet markets in developing economies and their users. There is an unequal representation of concerns from the developing world, likely due to a lack of capacity or transparency.

Policy implications

This project has developed a typology of economic ecosystems and transaction types that cybercriminals use, to understand transactions in reference to cybercrime. It has identified products and services that cybercriminals leverage to transact value and it shows how cybercriminals access these products and deploy them. This is relevant to policy and law enforcement development in Cyber Prevent, as well as disruption. These findings, to be published in due course, explore further evidence needs in this space.


Surveyed over 500 documents across five languages.

Find out more: Research articles in development
Funders: Home Office


Posted on

December 9, 2021