Robbing someone at gunpoint in an alleyway isn't just a crime. It's bad business.
That's because it isn't scalable. Now, criminals can rob millions of people at a time using new technologies. Both businesses and individuals are at risk, but there are ways to mitigate the danger, according to Marc Goodman, a cybercrime expert and a futurist at the FBI.
"It's not just good guys who get to use tech. Tech is being democratized and can be used by bad guys too," he said at the Exponential Finance conference in New York on Wednesday.
Related: 2.7 million taxpayers had identities stolen last year
It's more profitable for criminals to brush up their coding skills than ever before -- the average bank robbery only nets about $4,300, which pales in comparison to recent cybercrimes.
"Only the really, really dumb criminals are doing bank heists," said.
In 2013, a crime ring sent prepaid MasterCard debit cards, which had been hacked to have big balances and no withdrawal limit, to associates in 27 different countries, including the U.S. In just 10 hours, the criminals had done 36,000 fraudulent transactions across the globe -- totaling a staggering $45 million.
The coordinated nature of this attack is not uncommon: Goodman said 80% of criminal hackers work as part of an organized crime unit.
Related: The text you never want to get on your iPhone
Individuals can also be affected, which is something Target (TGT)'s customers learned when the company was hacked in 2013. In that data breach, over 100 million accounts were compromised.
"We've gone from one person being able to rob one person, to one person being able to rob 100 million people," Goodman said. "We've never been able to steal 100 million of anything in the past. This is a fundamental paradigm shift."
Goodman said the best way for people to protect themselves and their businesses is to be prepared and be aware. He said important documents should be classified and encrypted, and businesses should invest in security experts -- especially since less than 6% of data breaches are discovered by the organization's IT department.