For the third consecutive year, M3AAWG has co-sponsored Interisle Consulting Group’s Cybercrime Supply Chain study, which continues to reveal dramatic year-over-year increases in cybercrime. These trends highlight a sophisticated industry that, like a parasite, flourishes from services meant for legitimate business.

The report also offers important recommendations to increase friction for criminals seeking access to these tools.

Released on November 18, the Cybercrime Supply Chain 2025 Measurements and Assessments of Cyber Attack Resources and Where Criminals Acquire Them study examines over 26 million malware, phishing, and spam attacks, revealing significant growth trends:

• 60% increase in overall attacks involving malware, phishing, and spam.
• 126% surge in compromised and maliciously registered domains used in cyberattacks.
• 149% rise in domains registered by cybercriminals.
• 177% escalation in bulk-registered domains used in cyberattacks.

"Supporting research into how trillions of dollars evaporate from the global economy each year due to cybercrime remains a top priority for us," said Amy Cadagin, M3AAWG Executive Director. "It’s a societal issue disrupting the lives of millions, and we will continue to help track and address this problem as its economic impacts reach near-catastrophic levels."

The report outlines five essential strategies for deterring criminals:  

• Strengthening customer verification, including the adoption of the EU NIS2 directive standards.
• Implementing automated systems to disrupt and mitigate suspicious registration and hosting activity.
• Limiting high-volume registration and account creation.
• Adopting trusted reporter programs to expedite takedowns.
• Taking corrective actions against operations with high rates of criminal abuse.

"While not a perfect or easy fix, hardening the supply chain for domains, hosting, and other key assets would mitigate this cybercrime problem by increasing the effort and/or human intervention needed at each step," said Laurin Weissinger, M3AAWG Expert Advisor.

 "Therefore, stronger detection systems and obstacles—ideally, ones that are easy for legitimate customers to handle but difficult for criminals—could significantly raise the costs for cybercriminals who rely on bulk abuse."

Other key insights from the report include:

• When compared to the GDP of nation-states, cybercrime as an economy would likely outperform all countries except China, the United States, and India in 2025.
• The illicit activity in the new gTLD space is alarming: it accounts for only 12% of market share but 47% of cybercrime domains.
• CaaS (Crime as a Service) has gained prominence, enabling more novices to perpetrate fraud through turnkey criminal efforts.
• Dark web benefit packages and salaries now rival some of the highest-paid tech jobs in the legitimate economy.
• Exact matches of brand names within domain names grew by 97% compared to 2024.

M3AAWG co-sponsored Interisle’s study with our industry partners at the Anti-Phishing Working Group (APWG) and the Coalition Against Unsolicited Commercial Email (CAUCE). For more information, including detailed insights into the methodologies and research findings, please visit the Cybercrime Supply Chain 2025 report and review Interisle's Press Release.