Reported losses due to internet enabled crime last year totaled $1.3 billion, according to the FBI’s Internet Complaint Center.
The 2016 Internet Crime Report,” according to Scott Smith, assistant director, cyber division of the FBI stated that the reports, “highlights the IC3’s efforts in monitoring trending scams such as Business Email Compromise (BEC), ransomware, tech support fraud, and extortion.”
The report was based on 298,728 complaints registered with the bureau by U.S. residents in 2016. Top three crime types reported by victims were non-payment and non-delivery, personal data breach and payment scams.
The FBI estimates that only 15 percent of nation’s fraud victims report their crimes to law enforcement, however publishing the report will enable law enforcement recognize and response to developing trend in internet enabled crime.
Below is a selection of some of the top attacks logged by IC3, including 2016 losses
- Business email compromise ($360.5 million): Attackers trick an employee into making a wire-transfer payment. “These sophisticated scams are carried out by fraudsters compromising email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfer of funds,” the FBI says.
- Confidence fraud/romance ($219.8 million): Tricking an individual into thinking they’re in a relationship – family, friendly or romantic – to extract funds, personal information or other assistance from them.
- Corporate data breach ($95.9 million): When confidential, sensitive or private business data leaks or is spilled.
- Advanced fee ($60.5 million): Scammers trick an individual into paying money, for the promise of receiving an even greater amount of money in return. Victims typically receive “significantly less than expected or nothing,” the FBI says.
- 419/overpayment ($56 million): The “419” term refers to a section of Nigerian law associated with fraud. The scammers request help, as well as money transfers. “The sender offers a commission or share in the profits, but will first ask that money be sent to pay for some of the costs associated with the transfer,” according to the FBI. The “overpayment” variation involves attackers sending some money to victims, instructing them to retain some and forward on the rest to a designated individual or business.
- Payment card fraud ($48.2 million): Theft and fraud involving payment cards as well as payment mechanisms such as ACH, EFT and recurring charges.
- Employment ($40.5 million): Scams that trick individuals into believing they are legitimately employed, but which lead to them losing money or laundering money or items while “employed.”
- Phishing/vishing/smishing/pharming ($31.7 million): Using unsolicited email, text messages or telephone calls – from purportedly legitimate firms – to steal individuals’ personal details or financial or online access credentials.
- Extortion ($15.8 million): Extracting money or property from an individual via “intimidation or undue exercise of authority,” according to the FBI. “It may include threats of physical harm, criminal prosecution or public exposure.”
- Tech-Support fraud ($7.8 million): Schemes that trick users into paying for unnecessary and often bogus technical support.
- Malware/scareware ($3.9 million): Malicious codes designed to steal personal information, threaten users or trick them into paying subscription fees, for example, for fake anti-virus software.
- Ransomware ($2.4 million): Malware designed to crypto-lock a computer and instruct victims to pay a ransom to receive a decryption key.
- Hacktivist ($55,500): An individual who hacks in the pursuit of promoting a social or political cause.