Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint //

Privacy

5/9/2018
09:30 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

FBI: Reported Internet Crimes Topped $1.4 Billion Last Year

Business email compromise (BEC) campaigns outnumbered ransomware cases.

The FBI's Internet Crime Complaint Center (IC3) logged more than 301,000 complaints of Internet crimes last year that resulted in losses of more than $1.4 billion — and that's just from consumers and businesses that reported incidents to the bureau.

Victims who reported attacks to the IC3 mostly were hit with so-called non-payment/non-delivery scams, personal data breaches, and phishing attacks. The most-costly types of Internet crimes reported to the FBI were business email compromise (BEC), confidence/romance fraud, and non-payment/non-delivery scams.

Ransomware, the darling of the cybercrime and nation-state hacker scenes, actually declined in 2017, according to the FBI IC3 data, from 2,673 complaints in 2016 to 1,783 last year. Victims of ransomware lost more than $2.3 million last year, versus $2.4 million in 2016.

But that data may well be skewed by shifts in ransomware targets: the drop in ransomware reports to the FBI could be due to the rise in those attacks on more lucrative targets than consumers — larger organizations. It also could reflect larger organizations not reporting their attacks to IC3.

"The FBI IC3 only reports on what is given to them. In the case of ransomware specifically, victims seem even less inclined to report — to the point where it hampers our ability to go after the bad guy," says John Bambenek, vice president of security research and intelligence at ThreatSTOP.

Bambenek says many large enterprises may have the resources in-house to handle the incident without law enforcement, and some corporate counsels may advise reporting a ransomware attack if it's not required. In addition, he notes, cryptojacking's recent rise also has contributed to lower ransomware numbers as attackers have found a simpler and more lucrative way to make money than relying on ransom payments.

BEC
Meanwhile, reported BEC and email account compromise (EAC) attacks netted the most losses to victims last year, with 15,690 BEC complaints and losses of more than $675 million. These types of attacks dupe business users into transferring money, purportedly to their supplier or other business partner. EAC is where an attacker wrests control of a legitimate user's business email account rather than use a phony account.

So-called confidence fraud/romance schemes, where a fraudster poses online as a love interest or other trusted person to squeeze money from the target, netted attackers more than $211 million last year, according to the IC3's report. Scams where victims paid for an item or service online that never arrived or they didn't receive payment for an item (non-payment/non-delivery) resulted in more than $141 million in losses to victims.

Another popular scam last year was tech support fraud, which increased by 90% over 2016. The IC3 logged nearly 11,000 complaints of attacks that resulted in losses of $15 million.

The top 10 US states with the most victims of Internet crime were California (41,974), Florida (21,887), Texas (21,852), New York (17,622), Pennsylvania (11,348), Virginia (9,436), Illinois (9,381), Ohio (8,157), Colorado (7,909), and New Jersey (7,657).

"We want to encourage everyone who suspects they have been victimized by online fraudsters to report it to us," says Donna Gregory, chief of the IC3. "The more data we have, the more effective we can be in raising public awareness, reducing the number of victims who fall prey to these schemes, and increasing the number of criminals who are identified and brought to justice."

Related Content:

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-36192
PUBLISHED: 2021-01-18
An issue was discovered in the Source Integration plugin before 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private Project), if they are attached to an existing Changeset. The information is visible on the view.php p...
CVE-2020-36193
PUBLISHED: 2021-01-18
Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a related issue to CVE-2020-28948.
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...