Written by: Jay H.
According to a new report released by the FBI, cybercrimes cost Americans over $4.8 billion last year.
In its annual Internet Crime Report, the organization announced that it received over 791,790 reports of suspected cybercrime. Alarmingly, this number is a 69% increase in total complaints from 2019. The top three crimes reported by victims were phishing scams (241,342), non-payment/non-delivery scams (108,868), and extortion (76,741).
Business Email Compromise Scams Cost Billions
Business email compromise (BEC) and email account compromise (EAC) scams proved to be the costliest overall, netting over $1.8 billion across 19,369 incidents for their perpetrators. This type of scam involves attackers compromising a legitimate email using social engineering or hacking, then requesting fund transfers from unsuspecting victims.
The FBI noted that BEC/EAC scams have become more sophisticated. In 2013, these attacks routinely began with the hacking or spoofing of the emails of chief executive officers or chief financial officers. Then, scammers sent fraudulent emails requesting wire payments. However, over the years, this scam has evolved to include compromise of personal emails and vendor emails, spoofed lawyer email accounts, requests for W-2 information, the targeting of the real estate sector, and requests for large amounts of gift cards.
The FBI saw an increase in BEC/EAC complaints related to identity theft and converting funds to cryptocurrency. In these variations, the initial victim was scammed in a non-BEC/EAC situation, including extortion, tech support, and romance scams that involved the victim providing a piece of ID to the threat actor. Next, scammers used the ID to establish a bank account to receive stolen BEC/EAC funds. Bad actors then transferred those funds to a cryptocurrency account.
Funds May Be Recoverable
The FBI stressed the importance of reporting the cybercrime to its Recovery Asset Team (RAT). In some instances, victims may be able to recover their stolen funds. In 2020, there were 1,303 incidents involving over $462 million stolen funds. Of this $462 million, RAT successfully froze and returned over $380 million, an 82% success rate.
In one example, the IC3 received a complaint from a victim company regarding a wire transfer of $60 million to a fraudulent overseas account in Hong Kong. The IC3 RAT notified the Legal Attach of Hong Kong, and through joint efforts, the organizations were able to locate the wire and block the deposit of funds. Law enforcement then returned the entirety of the $60 million to the victim.
Increase Of Tech Support Fraud
Tech support fraud continues to be a growing problem. This scam involves a bad actor claiming to provide customer, security, or technical support to defraud unknowing individuals. For example, the criminals may pose as a support representative claiming to resolve issues such as a computer virus. Then, the scammer tells the victim to pay for the “service,” usually by making wire transfers to overseas accounts or with prepaid gift cards. Recent complaints of this fraud involved customer support impersonation of financial institutions, utility companies, or virtual currency exchanges.
In 2020, there were 15,421 complaints related to tech support fraud from victims in 60 countries. The losses accumulated to over $146 million, a 171 percent increase from 2019. Moreover, most victims (66%) reported being over the age of 60. This victim group experienced over $116 million of the total losses.
Ransomware Incidents Cost Millions
In 2020, the IC3 received 2,474 complaints of ransomware with total costs of over $29.1 million. Ransomware is a type of malicious software that encrypts data on a computer, rendering it unusable. Then, the perpetrators demand a ransom payment for the release of the information. If a ransom is not paid, cybercriminals will not restore the data and may even sell or publish it on the black market. However, even victims who pay the ransom sometimes find attackers do not meet their promise of restoring the data.
Hackers use numerous means to infect victims with ransomware. However, the most common means of infection are email phishing campaigns, remote desktop protocols, and software vulnerabilities.
Protect Your Business From Cybercrime
Although this data may be American, many Canadian businesses also fall victim to these scammers. Is your organization armed against the tactics of cybercriminals? One of the best ways to protect your organization from criminals is by working with a managed IT services provider such as Design2Web IT. Contact us today and learn how we can keep your business safe from the massive costs of falling victim to a cybercrime.
Comments are closed.