We use cookies to collect anonymous data to help us improve your site browsing experience.

Click 'Accept all cookies' to agree to all cookies that collect anonymous data. To only allow the cookies that make the site work, click 'Use essential cookies only.' Visit 'Set cookie preferences' to control specific cookies.

Set cookie preferences

Your cookie preferences have been saved. You can change your cookie settings at any time.

Publication - Statistics

Recorded Crime in Scotland, 2024-25

Published
24 June 2025
From
Cabinet Secretary for Justice and Home Affairs, +2 more … Chief Statistician, Director of Safer Communities
Directorate
Justice Directorate, +1 more … Safer Communities Directorate
Topic
Law and order

Statistics on crimes and offences recorded and cleared up by the police in Scotland in 2024-25, split by crime or offence group and by local authority.

Part of

Supporting documents

Police recorded cyber-crime in Scotland

This chapter presents an estimate of how many cyber-crimes were recorded in Scotland during 2024-25.

The information provided below relates to cyber-crimes which have come to the attention of the police. It does not provide information on the characteristics of all cyber-crime committed in society, as not all of these crimes are reported to the police.

Background

Defining cyber-crime is complex, with no agreed upon definition of the term. The main debate centres around the extent to which cyber technology needs to be involved for the crime to be termed ‘cyber-crime’. For the purposes of recorded crime (as defined in the Scottish Crime Recording Standard), a broad definition of cyber-crime is adopted that includes crimes in which cyber technology is in any way involved. This ranges from crimes where a digital system, infrastructure or Information and Communication Technology (ICT) device is the target as well as the principal or sole method of attack, known as ‘cyber-dependent’ crimes (such as the spreading of computer viruses), to ‘traditional’ crimes where the internet has been used as a means to commit the crime, known as ‘cyber-enabled’ crimes (such as online fraud or sexual crime). Throughout this chapter, both ‘cyber-dependent’ and ‘cyber-enabled’ crimes are referred to collectively as ‘cyber-crimes’.

The estimates provided in this chapter are based on a review of crime records, whereby a random sample of cases was drawn across Scotland for those types of crime that could in theory involve a cyber-element. The review considered which proportion, by crime type, actually were cyber-crimes in 2024-25.

As this analysis is based on a sample of police records (rather than all police records), it should be seen as providing a broad estimate of the volume and type of cyber-crime recorded in Scotland, rather than an exact count. Following previous reviews of crime records, we have assumed that all crimes under the Computer Misuse Act 1990 (within the Damage and reckless behaviour crime group) were cyber-crimes.

Estimated volume of cyber-crimes

In 2024-25, an estimated 14,120 cyber-crimes were recorded by the police in Scotland. This was a decrease of 2,770 crimes (or 16%) when compared to the estimated volume for 2023-24 (16,890 crimes). Despite this decrease, levels remain significantly above the pre-pandemic year of 2019-20 (with 7,710 cyber-crimes). Part of the increase seen in reported cyber-crimes since 2019-20 may be due to the significant impact of the COVID-19 pandemic and government instructions to limit social contact. However, the lifting of restrictions has not been accompanied by a reduction to pre-pandemic levels in the estimated volume of police recorded cyber-crime. A procedural change to the recording of international crime made in April 2020 has also likely led to some additional cases, but relatively few when compared to the overall increase. This is discussed further in the 2020-21 Recorded Crime in Scotland bulletin.

We estimate that at least 5% of crimes recorded by the police in Scotland in 2024-25 were cyber-crimes. This includes an estimated 27% of Sexual crimes, 7% of Crimes of dishonesty, 3% of Non-sexual crimes of violence and less than 1% of Damage and reckless behaviour.

It is important to note that whilst the sample of crime records reviewed for this analysis was designed to capture the main types of crime that could involve a cyber-element, this may not have included every relevant type of crime. As such, these figures should be taken as estimates. Going forward statisticians will continue to keep the types of crime reviewed for this chapter under consideration, to ensure any additional types (beyond those discussed below) that may involve a cyber-element are included.

Table A12 in the 'Supporting documents' Excel workbook provides estimates of the number of cyber-crimes split by crime type from 2019-20 to 2024-25.

Cyber-crimes within Non-sexual crimes of violence

This analysis looked specifically at crimes of (i) Threats and extortion (ii) those recorded under the Domestic Abuse (Scotland) Act 2018 (iii) Stalking and (iv) Encouraging or Assisting Serious Self-Harm (Online Safety Act, 2023).

In 2024-25, an estimated 1,640 crimes of Threats and extortion were cyber-crimes, a decrease of 21% from the estimated 2,080 recorded in 2023-24 though more than a five-fold increase from the estimated 290 recorded in 2019-20. In the latest year, 94% of recorded Threats and extortion were cyber-crimes. Most of these cases relate to ‘sextortion’, most commonly where the perpetrator threatens to reveal evidence of the victim’s online sexual activity unless they receive some form of monetary payment.

As part of the analysis, we looked at the confirmed and suspected location of the perpetrators of cyber-crimes. This analysis was based on the information recorded at the point which the cases were reviewed. Amongst the cases we sampled, for Threats and extortion the location of perpetrators was confirmed or suspected to be outside Scotland in 48% of cyber-crimes and unknown for 46%.

Table A14 in the 'Supporting documents' Excel workbook provides estimates of the location of perpetrators of cyber-crimes in 2024-25.

Crimes recorded under the Domestic Abuse (Scotland) Act 2018 and Stalking are course of conduct type offences. Within this research, any crime that occurred wholly online, or included a mix of in-person and online activity as part of the course of conduct, has been classified as a cyber-crime. In 2024-25, an estimated 550 crimes under the Domestic Abuse (Scotland) Act 2018 and 260 crimes of Stalking were cyber-crimes. This represented an estimated 21% of crimes recorded under the Domestic Abuse (Scotland) Act 2018 and 27% of crimes of Stalking.

Given the low number of crimes of Encouraging or Assisting Serious Self-Harm (Online Safety Act, 2023), a percentage figure is not reported.

Cyber-crime within Sexual crimes

This analysis looked specifically at those types of sexual crimes that could have a cyber-element. For example, crimes of Communicating indecently, Cause to view sexual activity or images, Indecent photos of children, Disclosing or threatening to disclose intimate images and Voyeurism.

In 2024-25, an estimated 4,070 Sexual crimes (27%) recorded by the police were cyber-crimes, compared to 4,300 in 2023-24. The estimated volume of Sexual crimes that were cyber-crimes has increased over the longer term from 1,100 in 2013-14. Part of the increase after 2017-18 will likely relate to new crimes of Disclosing or threatening to disclose intimate images being recorded under the Abusive Behaviour and Sexual Harm (Scotland) Act 2016, which was implemented on 3 July 2017. However, the clear majority of this longer term increase will be due to other factors.

The analysis also suggests an estimated 1,490 Sexual crimes recorded in 2024-25 were both cyber-crimes and had a victim under the age of 18.

We found that, for around three quarters (74%) of the records examined, perpetrators of Sexual crimes which were cyber-crimes were either confirmed or suspected to be located in Scotland. The location of perpetrators was unknown in under a fifth (18%) of records.

Cyber-crime within Crimes of dishonesty

This analysis predominately covers the crimes of Fraud, as well as Proceeds of crime.

Fraud includes a wide range of criminal activity such as bank card fraud, failure to pay for goods and services (either online or in person such as taxi fares and meals at restaurants), fraudulent sales, bogus workmen, phishing, banking scams etc.

In 2024-25, just under half (49%) or 7,550 recorded frauds were estimated to have been cyber-crimes. This is a decrease of 24% when compared to the estimated 9,890 cyber frauds recorded in 2023-24 but remains more than double the estimated 3,450 recorded in 2019-20.

Table A13 in the 'Supporting documents' Excel workbook provides estimates of volumes and proportions of Cyber Fraud from 2019-20 to 2024-25.

We found that for under half (46%) of the records we examined, the location of perpetrators of Fraud cyber-crimes was unknown. Around one third (35%) of records had perpetrators who were either suspected or confirmed to be located outside of Scotland and around one in five (19%) were suspected or confirmed to be located in Scotland.

In 2024-25, an estimated 30 cases of Proceeds of crime were cyber-crimes (representing 18% of all recorded cases).

Cyber-crime within Damage and reckless behaviour

As a result of analysis undertaken in previous years and the nature of the crime recorded, we have assumed that all 20 crimes recorded under the Computer Misuse Act 1990 (causing damage) were cyber-crimes.

Contact

Email: Justice_Analysts@gov.scot

Back to top