In the shadowy underbelly of the internet, cybercrime has evolved from opportunistic hacks to sophisticated operations rivaling multinational corporations. Brett Johnson, a former fraudster once dubbed the “Original Internet Godfather” by the U.S. Secret Service, pulls back the curtain on how these illicit enterprises function in 2025. Drawing from his own experiences and insights shared in a recent interview, Johnson describes a world where cybercriminals operate with corporate-like efficiency, leveraging AI and global networks to perpetrate fraud on an unprecedented scale.

Johnson, who spent years building ShadowCrew, one of the first cybercrime forums, now works as a cybersecurity consultant. He explains that modern cybercrime isn’t about lone wolves anymore—it’s about ecosystems. “Cybercrime is a business,” Johnson told Business Insider. “You have divisions: hackers who breach systems, money mules who launder funds, and even customer service reps handling victim complaints.” This specialization mirrors legitimate tech companies, but with profits from ransomware, phishing, and identity theft.

The Rise of AI-Powered Attacks

Artificial intelligence has supercharged cybercrime in 2025, enabling automated and personalized attacks. According to the World Economic Forum’s Global Cybersecurity Outlook 2025, 47% of organizations cite AI’s role in advancing adversarial capabilities as their top concern. Johnson elaborates: “AI tools let criminals generate deepfakes or craft phishing emails that sound just like your boss.” This aligns with reports from SoSafe Awareness, which highlights multichannel deception and supply chain vulnerabilities as key trends.

Phishing remains a dominant vector, with incidents surging. The DeepStrike blog notes that phishing is the most reported attack, while ransomware cases jumped 73% globally in 2023, a trend continuing into 2025. Johnson recounts how fraudsters use AI to automate social engineering, making scams more convincing. “It’s not just emails anymore; it’s voice cloning and video calls,” he said in the Business Insider piece.

From Forums to Dark Web Empires

The dark web serves as the marketplace for cybercrime tools and services. Johnson built his reputation on platforms like ShadowCrew, which evolved into today’s underground forums where threat actors promote AI tools for malware development and deepfakes. Posts on X, such as those from cybersecurity expert Florian Roth, discuss trends like Lumma Stealer and EDR killers using vulnerable drivers, reflecting the real-time evolution of these tactics.

Global costs are staggering. The AAG IT Support reports cybercrime projections reaching $10.5 trillion by 2025, with an attack every 39 seconds. Johnson emphasizes the supply chain: “You buy stolen data, use off-the-shelf malware, and outsource laundering to mules in other countries.” This is echoed in Huntress’s 2025 Cybercrime Report, which surveyed IT professionals and identified ransomware and infostealers as top threats.

The Human Element in Digital Fraud

Beyond tech, cybercrime thrives on human psychology. Johnson highlights social engineering as the weakest link. “People are the vulnerability,” he told Business Insider. Tactics like fake CAPTCHA pages and malvertising, as noted in X posts by users like Florian Roth, lure victims into clicking malicious links. Recent news from Microsoft’s Digital Defense Report 2025 reveals over half of attacks are financially motivated, often starting with phishing or extortion.

Sextortion and sim-swap fraud are rising, with Kenyan authorities updating laws to combat them, as reported in an X post by NTV Kenya. Johnson shares from experience: “We’d pose as bank reps to get account details.” This matches insights from FAWCO, listing AI-powered attacks and deepfakes among the top eight trends for 2025.

Evasion Tactics and Tool Evolution

Cybercriminals constantly adapt to evade detection. Techniques like SMTP smuggling, detailed in a 2024 post by The Hacker News on X, allow spoofed emails to bypass security. In 2025, this has evolved with AI agents spoofing bots, as per Criminal IP’s recent X update. Johnson explains: “We used legit tools like remote access software to stay under the radar.” This is corroborated by SentinelOne’s 10 Cyber Security Trends for 2025, which discusses evolving evasion methods.

Ransomware actors pivot through unmonitored devices, a trend Roth highlighted on X. The Cyber Express notes Microsoft’s report on a surge in AI-driven ransomware. Johnson adds: “It’s about persistence—using tokens to bypass MFA,” aligning with X posts from Kyle Hanslovan on session token abuse in Microsoft 365.

Global Networks and Money Laundering

Cybercrime is borderless, with operations spanning continents. Johnson describes money mules as crucial: “They’re often unwitting participants, recruited via job scams.” This is detailed in VisionTechMe’s predictions for 2026, emphasizing zero-trust architectures to counter such networks. Losses exceed $16 billion annually, per the FBI’s IC3 report cited in DeepStrike.

AI also aids in laundering. “Criminals use crypto mixers and fake invoices,” Johnson said. X threads like those from Recovery Xpert warn of AI deepfakes in scams, including fake airdrops. The MDPI journal discusses historical trends evolving into 5G vulnerabilities and cryptojacking.

Defenses and the Path to Reform

Combating this requires proactive measures. Johnson, now advocating for cybersecurity, stresses education: “Train people on red flags like urgent requests.” Forbes outlines 2026 forecasts, including quantum threats and AI defenses. Organizations must invest in detection, as per Huntress.

Governments are stepping up. Updates to cybercrime laws, like Kenya’s targeting deepfakes, show global response. Johnson concludes in Business Insider: “I reformed because I saw the damage. Awareness is key.” This sentiment is echoed in X posts by Dr. Khulood Almani on 2025 predictions, focusing on practical AI and identity management.

Emerging Threats on the Horizon

Looking ahead, quantum computing poses new risks. Forbes warns of quantum-safe security needs by 2026. Johnson notes: “Criminals will exploit any edge.” Supply chain attacks, highlighted in SoSafe, remain critical.

Finally, resilience is paramount. As Microsoft reports, AI accelerates both attacks and defenses. Johnson’s journey from fraudster to consultant underscores that understanding the enemy—from AI phishing to global laundering—is essential for industry insiders navigating 2025’s cyber threats.