The Federal Bureau of Investigation has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year.
The Internet Crime Complaint Center (IC3) received last year 791,790 complaints – up by 69% from 2019 – of suspected internet crime causing more than $4 billion in losses.
While most complaints were for phishing, non-payment/non-delivery scams, and extortion, about half of the losses are accounted by business email compromise (BEC), romance and confidence scams, and investment fraud.
A trend observed in 2020 was the use of identity theft and converting funds to cryptocurrency. In these cases, an initial victim (extortion, tech support, romance scam) provided their ID to the fraudster.
One case involved an illegal wire transfer of $60 million from a victim company in St. Louis to a bank account in Hong Kong controlled by the fraudsters.
One type of cybercrime that is grossly misrepresented in FBI’s annual report is ransomware, with 2,474 complaints and adjusted losses of more than $29.1 million.
Although the figures are small, they represent an increase compared to 2019, when IC3 received 2,047 complaints and the losses were above $8.9 million.
Ransomware is a multi-billion cybercriminal business that has not stopped growing, with some actors’ demands averaging upward of $1million.
In just five months, the Netwalker ransomware gang made $25 million from paying victims last year. One of its affiliates, charged in the U.S., is believed to have made more than $27 million from this activity.
Other ransomware operations – Maze, Conti, Egregor, REvil, Ryuk, Doppel Paymer – were responsible for a larger number of attacks last year and higher profits.
Bumble Dee – stock.adobe.com