The FBI’s annual Internet Crime Report is out and it shows that hackers and other cybercriminals ran wild during 2020, breaking new records and likely costing Americans billions of dollars.
The bureau says it received “a record number of complaints” and reported losses through its Internet Crime Complaint Center (IC3), which collects, analyzes, and publicizes data connected to cybercrime. The agency, which offers a portal where businesses and individuals can report suspected criminal activity, says that the total number of received complaints shot up 69% from 2019, with reported losses exceeding $4.1 billion.
While this crime wave affected all age groups, an unfortunate majority share of it was targeted at older individuals—with people over the age of 60 being the group with the heaviest financial losses ($966,062,236 last year). It’s been well-known for some time that scammers like to target this demographic because they aren’t necessarily digital natives, and they may be more vulnerable to online manipulation.
Last year, business email compromise/email account compromise (BEC/EAC) attacks remained one of the most prominent forms of criminal activity. In such attacks, a hacker will typically gain access to a company’s email account or spoof one, then manipulate employees into making fraudulent money transfers. In 2020, the IC3 received 19,369 BEC/EAC complaints, the financial losses from which reportedly totaled some $1.8 billion.
Other common forms of cybercrime, including phishing scams and ransomware, have continued to be popular enterprises, too. IC3 received a total of 241,342 complaints related to phishing scams in 2020, with adjusted losses that crested $54 million; meanwhile, 2,474 complaints came in related to ransomware, with a reported price-tag of over $29.1 million in losses.
Perhaps the most novel forms of crime to emerge last year involved ongoing online exploitation of the CARES Act, the federal economic relief package designed to help small businesses amidst the pandemic. As has been previously reported, CARES became a hotbed for hackers and online fraudsters looking to cash in on the free-flowing spigot of federal dollars. Organized fraud groups commonly submitted fake online unemployment claims in bulk, using stolen personal data or other means—and ultimately netted millions of dollars, in some cases. The report states:
“Fraudsters targeted the Coronavirus Aid, Relief, and Economic Security Act (CARES Act), which included provisions to help small businesses during the pandemic. The IC3 received thousands of complaints reporting emerging financial crime revolving around CARES Act stimulus funds, specifically targeting unemployment insurance, Paycheck Protection Program (PPP) loans, and Small Business Economic Injury Disaster Loans, as well as other COVID-related fraud.”
Since its inception in 2000, submissions to the IC3 have only continued to climb. Complaints filed to the agency have more than doubled since 2016, as have the reported profits lost as a result of those crimes. In the last five years alone, some $13.3 billion has been reported lost, the agency states. The lesson here? Stay away from malicious links, keep your personal data safe, and if you get a random email from someone asking for money, probably best just to send it to your spam folder.