Australia FBI’s fifth largest source of cybercrime reports in 2019

computer crime scene / hacked / infected / cybercrime / cyberattack
D-Keine / Getty Images

Cybercrime victims in Australia were behind the fifth largest number of complaints to the US Federal Bureau of Investigations (FBI) in 2019. 

Australian consumers and businesses filed 1,298 complaints with the FBI’s Internet Crime Center (IC3) last year, according to the agency’s IC3 2019 Internet Crime Report released today

This volume made it the fourth largest source of complaints from non-US countries over the year, behind the UK, Canada and India.  

The figures need to be put in perspective. For example, Australia’s IC3 complaint ranking doesn’t mean Australians were the fifth largest victim of cybercrime worldwide. It does however mean there were a substantial number of Australian victims of cybercrime who reported incidents to IC3. 

On the other hand, IC3’s figures only represent a portion of incidents affecting Australian organizations and citizens. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) responded to 2,164 incidents in the year after July 1, 2018, which also only account for a portion of cybersecurity incidents affecting Australians.    

Complaints from the UK far outnumbered those from Australia at 93,796 for the year, followed by 3,721 complaints from Canada, and 2,901 complaints from India. 

Other nations in the FBI’s top 10 victim list behind Australia included France, Belgium, Germany, Brazil, Mexico, and Argentina. Across all countries the FBU received 467,361 complaints, mostly from victims within the US. Complaints were up from 351,937 in 2018.

According to the FBI, total losses hit USD$3.5 billion in 2019, up from $2.7 billion in 2018, and $1.4 billion in 2017. 

Almost half of financial losses from cybercrime in 2019 were as a result of business email compromise (BEC) fraudsters, totaling $1.7 billion. BEC scammers often conduct in-depth research on a target organizations behaviors and business practices with the aim of duping individuals within a target to transfer funds to a fraudster-controlled bank account. 

Last year IC3 observed an uptick in complaints about fraud that convinced HR or payroll departments to divert payroll funds. The scam usually involved sending an email appearing to be from an employee requesting an update to their direct deposit information for the current pay period. The funds typically end up in a pre-paid card account. 

However the style of fraud takes many shapes and targets a all industries, including tech, construction, real estate and basically any organization that makes large transactions. 

Tech support scammers continue to be a problem with 13,633 complaints reported last year from victims in 48 countries. Losses associated with tech support fraud exceeded $54 million, up by 40% on 2018 reported losses. The FBI says most victims were over 60 years of age. 

IC3 received 2,047 complaints about ransomware in 2019 and estimated losses of $8.9 million. The figure however is likely to be much higher than what the losses quoted. IC3 notes that ransomware loss estimates don’t include cost losses caused by disruption to business, such as wages, equipment and fees for third-party remediation services. Also, the figure only accounts for what was reported.   

The FBI reiterated its advice for ransomware victims not to pay the attacker because it doesn’t guarantee the victim regains access to their data. 

People over 60 were the largest group of victims, with over 68,000 filing complaints and total losses of over $835,000. 


Copyright © 2020 IDG Communications, Inc.

Microsoft's very bad year for security: A timeline