FBI: U.S. lost record $12.5 billion to online crime in 2023

FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a 22% increase in reported losses compared to 2022, amounting to a record of $12.5 billion.

The number of relevant complaints submitted to the FBI in 2023 reached 880,000, 10% higher than the previous year, with the age group topping the report being people over 60, which shows how vulnerable older adults are to cybercrime.

Both figures continue a worrying trend seen by the agency since 2019, where complaints and losses rise yearly.

For 2023, the types of crimes that increased were tech support scams and extortion, whereas phishing, personal data breach, and non-payment/non-delivery scams slightly waned.

Losses per type

IC3's 2023 Internet Crime Report highlights four online crimes that caused the most financial losses in the United States last year: Business Email Compromise (BEC), investment fraud, ransomware, and tech/customer support and government impersonation scams.

In 2023, BEC scams resulted in over $2.9 billion in losses from 21,489 complaints, with the agency observing the trend of fraudsters using cryptocurrency platforms for quick fund dispersal.

Investment fraud increased by 38% last year, causing confirmed losses of $4.57 billion. This was primarily driven by a 53% rise in cryptocurrency scam losses of $3.94 billion.

"In 2023, the losses reported due to Investment scams became the most of any crime type tracked by the IC3," explained the 2023 Internet Crime Report.

The FBI recorded 2,825 complaints linked to ransomware last year, impacting critical infrastructure sectors, including healthcare, manufacturing, government, and IT. The total amount of losses is estimated to have exceeded $59.6 million.

However, it should be noted that this number reflects only reported payments and is likely far lower than the total number of ransom demands paid by companies in 2023.

The majority of ransomware attack reports concerned attacks from LockBit (175), ALPHV/BlackCat (100), Akira (95), Royal (63), and Black Basta (41).

Finally, in 2023, tech/customer support and government impersonation scams, targeting mostly the elderly, led to more than $1.3 billion in losses.

It is important to note that all figures mentioned in the present report are based on known cases of internet crime that were reported by victims or discovered by independent law enforcement action.

As such, they are only a portion of the actual losses caused by cybercrime each year in the U.S., as many incidents pass undetected or aren't reported to the authorities.

Recovery efforts

IC3 operates a Recovery Asset Team (RAT) that links law enforcement and financial institutions to assist in freezing funds transferred under fraudulent conditions based on statistical and investigative analysis.

The report mentions that RAT managed to trace some stolen funds from incidents reported to the agency in 2023, highlighting the reversal of a $50 million payment made to BEC actors by a New York-based organization, a $426,000 BEC loss in Connecticut, and the freezing of nearly $45 million linked to internet crimes.

Since its establishment in February 2018, RAT has had a success rate of over 71% in the incidents it handled, freezing $538.4 million in stolen funds.