Skip to main content

FBI: Over $4.2 billion officially lost to cybercrime in 2020

 


The Federal Bureau of Investigation has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year.

The Internet Crime Complaint Center (IC3) received last year 791,790 complaints — up by 69% from 2019 — of suspected internet crime causing more than $4 billion in losses.

While most complaints were for phishing, non-payment/non-delivery scams, and extortion, about half of the losses are accounted by business email compromise (BEC), romance and confidence scams, and investment fraud.

According to the IC3 report, BEC or email account compromise (EAC) scams recorded 19,369 complaints in 2020, which is 19% less than last year. However, this type of cybercrime alone caused $1.8 million in losses, up from $1.7 billion in 2019.

Crane Hassold, senior director of threat research at Agari, told BleepingComputer that the difference could be explained by many threat actors “pivoting to unemployment/SBA/PPP fraud in the middle of the year.”

Referring to BEC scams, the Hassold said that when considering spoofing as a subset of this cybercriminal activity, the financial impact is closer to $2.1 billion.

BEC scams are carried out by compromising business email accounts and to modify transaction details so that funds are transferred to a bank account controlled by the attacker.

A trend observed in 2020 was the use of identity theft and converting funds to cryptocurrency. In these cases, an initial victim (extortion, tech support, romance scam) provided their ID to the fraudster.

BEC scammers would use the ID to open bank accounts and receive BEC funds that would be quickly converted to cryptocurrency to lose track of the money.

Since 2018, the FBI has a Recovery Asset Team specialized in freezing accounts used for unauthorized BEC transfers and recovering money that can still be tracked.

Las year, RAT was able to freeze and recover a little over 82% from almost $463 million in losses reported in 1,303 incidents.

One case involved an illegal wire transfer of $60 million from a victim company in St. Louis to a bank account in Hong Kong controlled by the fraudsters.

One type of cybercrime that is grossly misrepresented in FBI’s annual report is ransomware, with 2,474 complaints and adjusted losses of more than $29.1 million.

Although the figures are small, they represent an increase compared to 2019, when IC3 received 2,047 complaints and the losses were above $8.9 million.

Ransomware is a multi-billion cybercriminal business that has not stopped growing, with some actors’ demands averaging upward of $1million.

In just five months, the Netwalker ransomware gang made $25 million from paying victims last year. One of its affiliates, charged in the U.S., is believed to have made more than $27 million from this activity.

Other ransomware operations — Maze, Conti, Egregor, REvil, Ryuk, Doppel Paymer — were responsible for a larger number of attacks last year and higher profits.

These gangs target big-revenue companies that would stand to lose more from downtime or data leaks than from paying the ransom. Many of these attacks remain unreported to avoid legal complications.

Looking at the raw figures in FBI’s Internet Crime Complaint Center latest report, cybercrime has recorded a significant growth in 2020, both in terms of filed complaints and money lost by victims in the U.S.

Originally published at https://www.bleepingcomputer.com.

Comments

Popular posts from this blog

Ransomware's Dangerous New Trick Is Double-Encrypting Your Data

  Ransomware groups have always taken a more-is-more approach . If a victim pays a ransom and then goes back to business as usual-hit them again. Or don’t just encrypt a target’s systems; steal their data first, so you can threaten to leak it if they don’t pay up. The latest escalation? Ransomware hackers who encrypt a victim’s data twice at the same time. Double-encryption attacks have happened before, usually stemming from two separate ransomware gangs compromising the same victim at the same time. But antivirus company Emsisoft says it is aware of dozens of incidents in which the same actor or group intentionally layers two types of ransomware on top of each other. “The groups are constantly trying to work out which strategies are best , which net them the most money for the least amount of effort,” says Emsisoft threat analyst Brett Callow. “So in this approach you have a single actor deploying two types of ransomware. The victim decrypts their data and discovers it’s not act...

Babuk ransomware is back, uses new version on corporate networks

  After announcing their exit from the ransomware business in favor of data theft extortion, the Babuk gang appears to have slipped back into their old habit of encrypting corporate networks. The criminals are currently using a new version of their file-encrypting malware and have moved the operation to a new leak site that lists a handful of victims. Gang’s still in the game The Babuk ransomware group became known at the beginning of the year but the gang says that their attacks had started in mid-October 2020, targeting companies across the world and demanding ransoms typically between $60,000 and $85,000 in bitcoin cryptocurrency. In some cases, victims were asked hundreds of thousands for data decryption. One of their most publicized victims is the Washinton DC’s Metropolitan Police Department (MPD). This attack likely pushed the threat actor into announcing its retirement from the ransomware business only to adopt another extortion model that did not include encryption....

Microsoft Teams Phishing Attack Targets Office 365 Users

  Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a “missed chat” from Microsoft Teams. Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. In reality, the attack aims to steal Office 365 recipients’ login credentials. Teams is Microsoft’s popular collaboration tool, which has particularly risen in popularity among remote workforces during the pandemic  — making it an attractive brand for attackers to impersonate. This particular campaign was sent to between 15,000 to 50,000 Office 365 users, according to researchers with Abnormal Security on Thursday. “Because Microsoft Teams is an instant-messaging service, recipients of this notification might be more apt to click on it so that they can respond quickly to whatever message they think they may have missed based on the notification,” said researchers in a Thursday analysis . The initial phishing email displays the name ...