June 16, 2024

A colossal sum of over $12.5 billion was amassed by cyber criminals in 2023 through online fraudulent activities, as disclosed by the FBI’s Internet Crime Report — marking a 22% surge compared to the previous year.

The report, an aggregation of data from the FBI’s Internet Crime Complaint Center (IC3), shows an almost generalized upswing in cyber scams. More than 880,000 grievances were lodged with the center. IC3 only collates data on reported incidents, thus the actual losses may very well exceed these numbers.

Investment Scams Lead in Cyber Crime Losses

Of all the types of digital crimes reported, it was investment fraud that contributed the greatest losses, surging to $4.57 billion — a 38% tilt from the prior year. Based on FBI reports, a significant chunk, about $3.94 billion of that total was linked to cryptocurrency investment scams.

Since 2021, the annual losses reported due to investment scams have tripled, driven largely by phishing attempts like pig butchering scams — deceptive schemes where unsuspecting victims, manipulated into believing they have a personal relationship with the fraudster, are conned into making bogus cryptocurrency investments. These deceitful activities primarily have origins in Southeast Asia and are often the handiwork of meticulously structured criminal rings exploiting forced labor.

A snapshot from the IC3 annual report.

The FBI outlined in the report that “Different age groups were distinctively affected by differing crimes. Victims in the age bracket of 30 to 49 years were more susceptible to investment fraud losses.”

IC3’s report highlighted Business Email Compromise (BEC) scams as the second most financially detrimental form of web crime, contributing to a deficit of $2.9 billion. Commonly surfacing in the form of compromised vendor accounts, requests for W-2 information, and real estate scams.

Other Notable Scams

Citing from an alert issued by the FBI last year, scammers are increasingly maneuvering the victims’ money into accounts maintained at financial institutions for cryptocurrency exchanges or roping in third-party payment processors or even manipulating victims to wire money directly to these platforms from where funds are quickly dispersed.

With these sophicated techniques of fraudulent money transfers to cryptocurrency platforms and third-party payment processors, it buttresses the necessity to implement two-factor or multi-factor authentication as a shield against such crimes,” they further emphasized.

Ransomware also saw a resurgence in 2023, after a dip in activity the previous year. Adjusted losses witnessed a steep ascent of 74%, amounting to nearly $60 million.

Nearly 1,200 complaints were registered, originating from organizations within a critical infrastructure sector affected by a ransomware invasion. The healthcare sector was accountable for 249 of these complaints.

Signs of Hope Amidst the Scourge of Cyber Fraud

Despite an overall distressing year for cyber fraud, the report did underscore some optimistic developments.

More than $538.39 million was successfully frozen by the IC3’s Recovery Asset Team (RAT), following reports of fraudulent activities. RAT was established in 2018 for the purpose of bridging communication between financial institutions and field offices to secure stolen assets.

In one instance, upon receiving a report from a “critical infrastructure construction project entity” in New York about a loss of $50 million due to a BEC scam, the RAT responded by filing a Financial Fraud Kill Chain (FFKC) request — a protocol developed to regain large international wire transfers unlawfully pulled from U.S. accounts. The banks responded by freezing the assets in the account.

On the whole, the RAT submitted more than 3,000 similar requests, and, remarkably, managed to recoup more than 70% of the funds in those instances.

Unearth more insights with the

Recorded Future.

Intelligence Cloud.

Learn more here.