Last year alone businesses and individuals who fell victim to cybercrime suffered losses of $3.5bn according to the latest report from the FBI’s Internet Crime Complaint Center (IC3).
The 2019 Internet Crime Report was compiled using data from the 467,361 complaints the IC3 received last year. However, since its inception in May 2000, the center has received over 4.8m complaints with an average of 340,000 complaints per year and 1,200 complaints daily over the last five years.
Between 2015 and 2019, cybercrime victims recorded losses of $10.2bn and in a blog post, the FBI provided further insight into which attack types were the most common and which were the most costly to individuals and businesses, saying:
- Tackling cybercrime with a culture of security
- FBI warns that hackers are targeting software supply chain providers
- Cybercrime costs could hit trillions
“The most frequently reported complaints were phishing and similar ploys, non-payment/non-delivery scams, and extortion. The most financially costly complaints involved business email compromise, romance or confidence fraud, and spoofing, or mimicking the account of a person or vendor known to the victim to gather personal or financial information.”
According to IC3’s chief Donna Gregory, cybercriminals adopted new techniques and tactics in an effort to further evade detection while carrying out their scams in 2019.
“Criminals are getting so sophisticated. It is getting harder and harder for victims to spot the red flags and tell real from fake. In the same way your bank and online accounts have started to require two-factor authentication — apply that to your life. Verify requests in person or by phone, double-check web and email addresses, and don’t follow the links provided in any messages,” Gregory said.
Business Email Compromise (BEC) was the 2019 cybercrime with the highest reported total victim loses at $1.8bn according to 23,775 recorded complaints.
The IC3 also observed an increased number of diversion of payroll funds BEC complaints where cybercriminals email a company’s HR or payroll department requesting to update direct deposit information while posing as an employee. If successful, these requests result in an employee’s paycheck being sent to cybercriminals as opposed to the intended recipient.
Expect the tactics used by cybercriminals to continue to evolve in 2020 and reports like this one from the FBI have helped shed light on how financially devastating cybercrime can really be.