On June 22, the Federal Bureau of Investigation presented its annual Internet Crime Report for the year of 2016. The FBI analyzed the victim reports at the Internet Crime Complaint Center (IC3) and used the information from their database to publish the annual study. It is important to mention that, according to the Department of Justice’s research, only an estimated 15 percent of the U.S. fraud victims reported their crimes to law enforcement.
The FBI highlighted multiple “hot topics” regarding internet crimes for the year of 2016. This included Business Email Compromise (BEC), which resulted in the loss of $360 million from victims, currently standing in first place in the category of most damage caused. BEC is a sophisticated scam targeting companies working with international or foreign businesses or suppliers who conduct wire transfer payments at regular intervals.
Ransomware, an emerging “business form” among cyber criminals, was specially mentioned in the report. When launching such attacks, the hackers target electronic devices — mostly computers and laptops — with malware that locks up the data of the machines. After the criminals successfully breach the systems of the victims, they demand ransom from them. According to the FBI, in most cases, the ransom is paid in digital currencies, such as bitcoin. In 2016, the IC3 identified 2,673 complaints connected to ransomware attacks, with an estimated loss of over $2.4 million.
Another featured sort of internet crime was tech support fraud demanding approximately $7.8 million from the victims. The scam occurs when the criminals impersonate technical support agents from a computer software, security, cable or internet company. After the hackers get in contact with the victims, they convince them to provide remote access to their devices. Once the criminals have control over their systems, additional criminal activity occurs. Multiple companies, including Microsoft and Mozilla, alerted their customers on their websites regarding such fraudulent activities.
The IC3 recorded 17,146 cases of extortion with losses over $15 million, which occurred using the internet. By the FBI’s description, in extortion cases, cyber criminals “demand something of a value from a victim by threatening physical or financial harm or the release of sensitive data.” The agency identified various forms of the crime, including denial of service attacks, hitman schemes, “sextortion,” government impersonation schemes, loan schemes and high-profile data breaches. According to the FBI, cyber criminals often demand the payments in cryptocurrencies from the victims, which provides the perpetrators an additional layer of security since they are easy to send but harder to trace.
Compared to the previous year, the number of reported internet crime cases increased by 3.7 percent in 2016, with the damage caused to the victims rising by $380 million. Excluding the United States, the top five countries affected by internet crime are ranked in the following order: Canada (3,722 cases), India (2,188 cases), the United Kingdom (1,509 cases), Australia (936 cases) and France (568 cases). Among the states of the U.S., California had the most victims (39,547) followed by Texas (21,441) and Florida (21,068).
The FBI also compared the age groups affected by internet crime. Victims aged above 60 had the most damage ($339 million) and the most cases (55,043). People between the ages of 30 and 39 had the second most cases (54,670); however, they lost only 56 percent ($190 million) to the criminals compared to those over 60. Young persons under the age of 20 had both the least amount of cases (10,004) and damage ($6.7 million).