The Bureau received over 28,000 reports of COVID-19-themed scams last year
Authored by Amer Owaida, security writer at ESET
The United States’ Federal Bureau of Investigation (FBI) received a record-breaking 791,790 cybercrime complaints in 2020 that were responsible for over US$4.2 billion in losses, according to the Bureau’s 2020 Internet Crime Report (ICR). Compared to 2019, the number of complaints made by victims of various flavors of cybercrime rose by a whopping 69%.
As could be expected, last year saw a surge in scams exploiting the various aspects of the COVID-19 pandemic, with the FBI’s Internet Crime Complaint Center (IC3) receiving over 28,500 complaints. The majority of cases revolved around aid and pandemic relief packages and stimulus funds, with many victims reporting that they didn’t find out that scammers had submitted online unemployment insurance claims with their stolen identities until they submitted their own paperwork.
Once governments started rolling out COVID-19 vaccination programs, many cybercriminals switched gears and started circulating various vaccine scams, including fraudulent ads offering a chance to buy the vaccines.
Business Email Compromise (BEC) once again remains the costliest type of fraud on the FBI’s list; however, the number of victims actually decreased from almost 24,000 in 2019 to some 19,000 last year. Over the years, fraud tactics have evolved as well. Cybercriminals use various scams such as extortion, tech support, or romance scams to trick victims into parting with their IDs. These were then used to open bank accounts and receive stolen funds that were swapped for cryptocurrency.
Tech support fraud is increasingly becoming a larger problem, with losses from scams surpassing US$146 million, which is a 171% year-on-year increase. Con artists usually try to defraud their victims by offering to resolve non-existent technical issues, such as a software license expiring, or warning them that their email or bank accounts have been “compromised”.
Recently, scammers have also taken to impersonating customer support personnel for financial institutions, utility companies, and even virtual currency exchanges. The elderly are disproportionally affected by tech support fraud, with victims aged over 60 accounting for at least 66% of all victims and experiencing over 80% of the losses.
Meanwhile, losses emanating from ransomware more than tripled compared to 2019, reaching US$29.1 million. This is a worrying trend if we consider that the losses of US$9 million in 2019 represented a tripling of those incurred in 2018. And while the number of victims reporting ransomware incidents increased as well, the growth seems to be much more linear with IC3 registering only 427 more complaints than the previous year.
Phishing, non-payment/non-delivery scams, and extortion remain the top three most reported crimes by victims for the second year running. However, it bears mentioning that the number of reports for each crime has almost doubled compared to 2019.
To end on a more positive note, the FBI’s Recovery Asset Team (RAT) was able to retrieve over US$380 million lost in various fraud schemes. The RAT dealt with 1,303 incidents that caused losses in excess of US$462 million, giving it a success rate of 82%.