New statistics from the FBI show that more than 847,000 complaints of suspected internet-based crime were made in the past year. Credit: Dimitris66 / Getty Images A new report released by the FBI’s Internet Crime Complaint Center (IC3) shows that financial losses due to suspected cybercrime continued to rise sharply over the course of 2021, to a total of $6.9 billion in that year alone, with 847,000 complaints lodged by victims.Five years ago, the same report showed that internet-based crime accounted for $1.4 billion, on 301,580 complaints. The sharpest and most consistent growth was seen in the area of phishing and other types of credential-based attacks, which rose from about 25,000 incidents in 2017 to nearly 324,000 in 2021.By value, the FBI said, the most damaging internet-based crime in 2021 was business email compromise — the IC3 said that nearly 20,000 complaints about email compromises were received in 2021, and placed total adjusted losses at almost $2.4 billion. This type of scam has evolved considerably from its roots in faked emails and fraudulent wire payment transactions, according to the report.“Now, fraudsters are using virtual meeting platforms to hack emails and spoof business leaders’ credentials to initiate the fraudulent wire transfers,” according to the FBI report. “These fraudulent wire transfers are often immediately transferred to cryptocurrency wallets and quickly dispersed, making recovery efforts more difficult.” These attacks can be highly sophisticated, according to the report. When a CEO or CFO’s email is compromised, hackers can use it to invite employees to a video conference. While in the meeting, the attacker uses a deepfake of the executive’s voice, perhaps coupled with a claim that the video isn’t working, to instruct employees to transfer funds, or even just use the email address to send those fraudulent instructions directly.COVID-19, clearly, gave this type of attack much more traction by causing an explosion in the use of teleconferencing of various kinds, and the fact that those business practices haven’t gone away even in the face of the pandemic’s lessening severity means that attacks targeting virtual meetings are likely to stick around, as well. The FBI also issued guidance for victims of email compromise attacks, namely to immediately contact originating financial institutions to request a reversal and a Hold Harmless letter, file a complaint with IC3, and to avoid making any kind of payment change without verifying on the intended recipient’s end.On a state-by-state level, the hardest-hit U.S. jurisdiction in 2021 was California, with a reported $1.2 billion in losses. Second place was held by Texas with $606 million, and New York was in third place at $559 million. Related content news Top cybersecurity product news of the week New product and service announcements from Coro, Descope, Genetec, Varonis, Cloudbrink, Databarracks, and Security Journey By CSO staff Dec 07, 2023 22 mins Generative AI Generative AI Machine Learning news analysis Attackers breach US government agencies through ColdFusion flaw Both incidents targeted outdated and unpatched ColdFusion servers and exploited a known vulnerability. By Lucian Constantin Dec 06, 2023 5 mins Advanced Persistent Threats Cyberattacks Vulnerabilities news BSIMM 14 finds rapid growth in automated security technology Embrace of a "shift everywhere" philosophy is driving a demand for automated, event-driven software security testing. By John P. Mello Jr. Dec 06, 2023 4 mins Application Security Network Security news Almost 50% of organizations plan to reduce cybersecurity headcounts: Survey While organizations are realizing the need for knowledgeable teams to address unknown threats, they are also looking to reduce their security headcount and infrastructure spending. By Gagandeep Kaur Dec 06, 2023 4 mins IT Jobs Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe