FBI reports 12x surge in phishing complaints over the past 5 years
Atlas VPN's analysis reveals that phishing in the US soared over 12 times in the last five years, hitting a record 241,342 complaints in 2020.
This data is provided by the Federal Bureau of Investigation’s (FBI) branch called Internet Crime Complaint Center (IC3). This branch was established in May 2000 as a center to receive complaints of Internet crime.
IC3 groups phishing/vishing/smishing/pharming into the same category and describes it as a type of cybercrime where criminals use email, text messages, and telephone calls, pretending to be a legitimate company. Threat actors then request sensitive personal, financial, information, and login credentials.
In 2016, the FBI's crime center received 19,465 phishing reports, while in 2020, the number jumped to 241,342, representing an 1140% increase. Phishing-related monetary damages amounted to $54 million in 2020.
Phishing complaints increased by more than 110% when comparing 2020 to the previous year.
Yet, the biggest year-by-year jump was from 26,379 reports in 2018 to 114,702 in 2019, constituting a 335% surge. Moving further back in time, IC3 received 25,344 phishing complaints in 2017 and 19,365 in 2016.
The FBI states that the global COVID-19 pandemic caused a record-high number of phishing attacks because cyber criminals took advantage of the fact that so many people became dependent on technology.
2020 internet crimes by type
The Federal Bureau of Investigations reports that they received a record number of reports from US citizens in 2020 at 791,790, a 69% growth from 2019.
Moreover, losses due to internet crime increased by $700 million from $3.5 billion in 2019 to $4.2 billion in 2020.
The American public was mostly attacked by phishing/vishing/smishing/pharming attacks. The second most common internet crime in the US is non-payment or non-delivery, at 108,889 complaints in 2020, amounting to $265 million in losses.
The third most commonly reported cyber crime is extortion, having $76,741 complaints and causing $71 million in financial losses. Next up is personal data breaches, at 45,330 reports and $194 million in monetary damages to US citizens.
Identity theft is the 5th most common internet crime experienced by Americans, with 43,330 complaints that caused $219 million in losses. Sixth is spoofing, which accounts for nearly 217 million in losses from 28,218 reports.
7th place goes to misrepresentation scams. The IC3 received 24,276 complaints and victims reported nearly $20 million in monetary damages. Furthermore, 23,751 people fell victim to romance/confidence fraud and lost a staggering $600 million in 2020 alone.
Online harassment and threats of violence also make the top 10 list, causing nearly 7 million in damages from 20,604 reports.
Finally, the FBI reports that business email compromise (BEC) and email account compromise (EAC) crimes resulted in a whopping $1.87 billion in damages from 19,369 complaints.
BEC/EAC scams are sophisticated and target either businesses or individuals. The crime is carried out when the cyber criminal compromises business email accounts and carries out a sequence of actions that result in an unauthorized transfer of funds to the criminal's account.
In 2020, the Federal Bureau of Investigations noticed an increase in BEC/EAC complaints where the funds were converted into cryptocurrencies.
The fact is that when the funds are converted into cryptocurrencies and sent through countless wallets and payment processors, they become increasingly harder to track.
In a nutshell, the FBI data only confirms what most of our other reports found when looking back at 2020. Last year cyber criminals went on an internet crime spree and caused more damages than ever before.
Cybersecurity Researcher and Publisher at Atlas VPN. My mission is to scan the ever-evolving cybercrime landscape to inform the public about the latest threats.