Cyber ​​scams cost victims more than $6.9 billion worldwide in 2021 • The Register


Cyber ​​scams cost victims worldwide at least $6.9 billion last year, according to the latest FBI Internet Crime Report.

Since 2017, the bureau’s Internet Crime Complaint Center (IC3) has received an average of 552,000 complaints per year. This includes reports of extortion, spoofing, phishing, fraud and a host of other nefarious schemes that cost victims no less than $18.7 billion in losses over the five-year period. years.

Unsurprisingly, the volume of these crimes – and the associated costs – has increased every year; 2021 set records [PDF] for the total number of complaints (847,376) as well as losses exceeding $6.9 billion, a jump from the $4.2 billion reported a year earlier.

As in previous years, phishing attacks were by far the most frequently reported crimes, with 323,972 last year. A subset of this category, business email compromise (BEC), is proving very lucrative, costing victims nearly $2.4 billion out of 19,954 victims, according to the federal government.

BEC involves a cybercriminal compromising a legitimate email account and then tricking a business or individual into transferring funds, sending personal employee data or tax-related W2 forms, or unlocking cryptocurrency wallets. The fraudster then steals the money, empties the crypto wallet, and/or sells employee identities and credentials on the dark web.

The FBI reinforces the need to verify the BEC

In a related public service announcement, also shared this week, the FBI revealed that BEC fraud cost organizations and individuals at least $43.3 billion between June 2016 and December 2021.

The BEC “continues to grow and evolve, targeting small local businesses to larger businesses and personal transactions,” the FBI warned, adding that between July 2019 and December 2021, the IC3 tracked an increase of 65 % of global exposed losses identified, with victims in 177 countries.

Part of the reason for this, along with virtually every other ailment during this time, was the COVID-19 pandemic and the resulting go-virtual everything, according to the FBI.

Crypto, ransomware spike

Losses related to cryptocurrency crime also increased last year, increasing nearly sevenfold, from $246.2 million in 2020 to over $1.6 billion in 2021, according to the IC3 report. However, while the cost associated with these crimes has increased, the number of complaints has decreased slightly, from 35,229 victims in 2020 to 34,202 in 2021.

“It is extremely prevalent in investment scams, where losses can run into the hundreds of thousands of dollars per victim,” the federal authorities wrote. And in addition to the FBI monitoring crypto crimes more closely, the U.S. Securities and Exchange Commission announced this week that it is nearly doubling the number of positions in a special unit that monitors crypto fraud. currency and other cyber crimes.

Ransomware continued to evolve in 2021, and IC3 received 3,729 complaints identified as ransomware last year, though many more were presumably unreported. Adjusted losses for this category of crime topped $49.2 million, up from around $30 million in 2020, the report says, but adds that these numbers only cover ransoms victims admitted to paying, not repair costs for failed systems.

“Although cybercriminals use a variety of techniques to infect victims with ransomware, phishing emails, remote desktop protocol (RDP) exploits, and exploits of software vulnerabilities have remained the top three vectors of attack. initial infections for ransomware incidents reported to IC3,” the report noted. .

The agency first began tracking reported ransomware incidents in June 2021 in which the victim was a critical infrastructure owner or operator, and received 649 such complaints.

It tracks 16 critical infrastructure sectors and noted that 14 of them had at least one organization that fell victim to a ransomware attack in the last year. Healthcare, financial services, and IT companies have been the most frequent victims, and IC3 predicts an increase in such critical infrastructure attacks in 2022.

Of the known ransomware variants reported to IC3, the top three variants deployed against critical infrastructure companies were Conti (87), LockBit (58), and REvil/Sodinokibi (51). ®

Previous The Chick in Miami serves the best margarita in Florida, according to the website
Next TikTok launches 'Pulse' ad program for top content