The United States (US) Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) has released its annual report, which outlines the trends in criminal cyber activity in 2020, based on data provided by the general public through complaints.
The IC3’s reports generally contain information about the most prevalent internet crimes affecting the American people and provide guidance on how to prevent and combat them. The documents also highlight the FBI’s work in addressing these threats, and the body serves as a reliable and convenient mechanism to report suspicious cyber activity to authorities.
Over the past year, the agency received 791,790 complaints of suspected internet crimes, marking a significant jump of more than 69% from 2019’s 467,361 complaints. The report found that the top three crimes reported by victims were phishing scams, non-payment or non-delivery scams, and extortion. People lost the most money to business email compromise (BEC) scams (~1.8 billion), romance and confidence schemes (~600 million) and investment fraud (336 million). The total losses in 2020 to cybercrime is estimated to be $4.2 billion, up from $3.5 billion in 2019 and $1.5 billion in 2016.
In terms of cybercrimes per state, California had the greatest number of victims (69,541), followed by Texas (38,640). On the other end, Vermont, North Dakota, and South Dakota had the least victims with less than 1,000 each.
Unsurprisingly, the COVID-19 pandemic emerged as a “hot topic” for fraudsters, who sought to exploit the crisis and obtain monetary gains from individuals as well as businesses. The IC3 received over 28,500 complaints related to the coronavirus pandemic and said that the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) was a prime target for financial crime, specifically focused on provisions like stimulus funds, unemployment insurance, Paycheck Protection Program (PPP), and Small Business Economic Injury Disaster Loans, among others.
“These criminals “used phishing, spoofing, extortion, and various types of internet-enabled fraud to target the most vulnerable in our society – medical workers searching for personal protective equipment, families looking for information about stimulus checks to help pay bills and many others,” the report said, noting that victims often did not realise they had been affected until they tried to file their own legitimate claims for the benefits. “At that time, they received a notification from the state unemployment insurance agency, received an IRS Form 1099-G showing the benefits collected from unemployment insurance, or were notified by their employer that a claim had been filed while the victim is still employed,” it added.
The report also notes the rise in government impersonators in 2020. It states that offenders are reaching out to people via social media, emails, or phone calls, pretending to represent the government with personal information and money gained via charade or threats. Scams focused on COVID-19 vaccinations have also been unearthed, wherein people have been asked to pay for the shots out of pocket or provide scammers with personal information for an appointment.
The EC3 recommends that people protect themselves from such fraudsters by being extra vigilant, which includes verifying email addresses in detail, avoiding opening attachments from unknown sources, questioning anyone offering you something “too good to be true” thoroughly, and relying solely on verified and trusted sources (like government websites) for information.
You can read the full report here.