FBI Report Shows People Lost US$1.4 Billion to Cyber Criminals
People targeted by cyber criminals have lost over US$1.4 billion in 2017, most of it in relation to romance and confidence schemes and hacked email accounts, an FBI report released Monday shows.
The most prevalent crimes and those with the highest reported losses include “non-payment/ non-delivery, personal data breach, phishing, business email compromise and confidence/ romance fraud.”
The FBI’s Internet Crime and Complaint Center, IC3, receives about 800 complaints per day.
The service started receiving complaints in 2015 about a scheme that impersonated executives of major US banks such as JPMorgan Chase and fabricated US documents.
Individuals living in West Africa impersonated bank officials and financial consultants to convince their victims to invest tens and even hundreds of thousands of dollars in opportunities that would allegedly generate them millions.
In order to gain their confidence, the scammers used false domain names so it would appear that their emails are connected to the US banks and recruited US citizens to pose as bank representatives during in-person meetings.
For victims not based in the US, they orchestrated pretend visits to US embassies and consulates and faked documents to convince them that the US government was sponsoring the investments.
Once the money was transferred to US bank accounts, it would be liquidated and moved to West Africa through wire transfers, cash withdrawals and luxury vehicle purchases.
Victims from more than 20 countries lost over 7 million through this scheme.
In one case, victims shipped high end clothing and jewelry without ever receiving compensation. In another, someone posed as a famous university football player and threatened female victims with physical harm if they did not send him inappropriate photographs.
By hacking email accounts of businesses that regularly make large-sum wire transfers, fraudsters stole over $675 million in 2017. This can range from a fake email from a CEO requesting a money transfer to hacked personal emails sending requests for money to vendors in their contact list.
Victims also reported receiving emails from law firms instructing them to make “secret or time-sensitive wire transfers,” messages from hacked business accounts asking for their tax forms, and fake realtors asking for real estate transactions.
Cyber criminals often use phishing emails to install “ransomware” that makes sensitive data on a corporate network inaccessible through encryption. They then ask the company to pay them a ransom fee in order to regain access to their data, which the FBI does not recommend to do.
The FBI’s IC3 received 1,783 complaints with adjusted losses of over 2.3 million resulting from ransomware attacks.
Fraudsters often target the elderly. The IC3 received almost 50,000 complaints of victims over 60 reporting losses in excess of $342 million in 2017 alone.
In a statement released in February, Attorney General Jeff Sessions said: “When criminals steal the hard-earned life savings of older Americans, we will respond with all the tools at the Department’s disposal – criminal prosecutions to punish offenders, civil injunctions to shut the schemes down, and asset forfeiture to take back ill-gotten gains.”
Cyber criminals have extorted over $15 million in 2017 by threatening to murder people or their families, releasing sensitive info in exchange for sexual images, favors or money, and impersonating debt collectors.
Most criminals demand payment in cryptocurrencies such as Bitcoin because this provides them with an additional layer of anonymity.
The total number of complaints in 2017 filed with IC3 was more than 300,000, about 40,000 more than in 2013.
Outside the US, most complaints come from Canada, India and the United Kingdom. Within the US, California, Florida, New York and Texas have the most victims.
In cases of confidence and romance fraud “a perpetrator deceives a victim into believing the perpetrator and the victim have a trust relationship, whether family, friendly or romantic.
“As a result of that belief, the victim is persuaded to send money, personal and financial information, or items of value to the perpetrator or to launder money on behalf of the perpetrator.”