Cybercrime Cost US Business $2.7B In 2018

Uploaded on 2019-05-07 in GOVERNMENT-Law Enforcement, FREE TO VIEW

The FBI has been investigating cyber-attacks on US organisations by overseas criminals and terrorists and cyber-crime cost US businesses a collective $2.7 billion in 2018, according to the FBI's latest annual Internet Crime ReportThe bureau received more than 20,000 complaints from organisations about business email compromise, a catch-all phrase for a number of crimes that leverage tactics, like phishing, targeted email spoofing and other forms of credential theft, to facilitate the fraudulent transfer of funds. 

The most frequently reported complaints were for non-payment/non-delivery scams, extortion, and personal data breaches. The most financially costly complaints involved business email compromise, romance or confidence fraud, and investment scams, which can include Ponzi and pyramid schemes.

Reports came in from every US state and territory and involved victims of every age. There was a concentration of victims and financial losses, however, among individuals over the age of 50.

While more sophisticated tools and attack vectors tend to garner sexier headlines, the report made clear that many hackers are still able to make a good living, exploiting common social engineering methods like BEC to the tune of $1.2 billion in lost or stolen profits. In one instance, a New Jersey town victimised by a BEC scam ended up transferring more than $1 million to a fraudulent account. The FBI said its Newark field office worked with the town's financial institution to freeze and eventually return the stolen funds.

Extortion schemes dangling stolen or sensitive data in exchange for money saw an explosion of growth in 2018, with 51,146 complaints and $83 million in adjusted losses. That represents a 242% increase from 2017. 
Cyber criminals are more frequently using those schemes in conjunction with high-profile data breaches, denial-of-service attacks and government impersonation schemes.

As with previous years, the report illustrated how susceptible older Americans are to internet crime. Approximately $1.15 billion and more half the total victims in 2018 were over the age of 50, and Americans over 60 were the most likely to fall prey to such scams.

The FBI received more than 351,000 complaints from businesses and organisations in 2018, or about 50,000 more than it received the year before. That continues what has been a steady trend of increased reporting over the past five years, something officials have said is the result of constant outreach efforts and engagement by FBI officials with the private sector.

"Our No. 1 piece of advice to companies would be to have an incident response plan … and No. 2, and probably very close second if not tied, is to notify us," said Amy Hess, executive director of the FBI's Criminal, Cyber, Response and Services branch at an April 16 public event.

FBI leaders have emphasised just how much of the bureau's work has shifted in recent years to rely on digital forensics and evidence for virtually every type of crime or counterintelligence area it works on. A big part of the new model for success involves building trust in the private sector so companies that are victims of cyber-crime aren't reluctant to share what they know with investigators.

FCW:          SpaceCoastDaily:      Image: Nick Youngson

You Might Also Read: 

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

« Five Eyes Intelligence Chiefs Point The Finger
How Algorithms Are Being Used »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cybsecurity Foundation (CSF)

Cybsecurity Foundation (CSF)

Cybsecurity is a non-profit NGO, which aims to work on improvement of security levels in the Polish cyberspace.

Advenica

Advenica

Advenica develops, manufactures and sells innovative cybersecurity solutions for encryption and secure information exchange.

Texplained

Texplained

Texplained specializes in security audits of microchips to identify vulnerabilities and protect against invasive cyber attacks.

Malware Patrol

Malware Patrol

Malware Patrol provides intelligent threat data that protects against cyber attacks.

Phirelight Security Solutions

Phirelight Security Solutions

Phirelight empowers an enterprise to easily understand how their networks behave, while at the same time assessing and managing cyber threats in real time.

ReFoMa

ReFoMa

ReFoMa is a consultancy and advisory company with a focus on information Security.

Rippleshot

Rippleshot

Rippleshot is a fraud analytics firm that detects mass card compromises faster, allowing issuers to execute more proactive fraud detection strategies.

BHC Laboratory

BHC Laboratory

BHC Laboratory is a cyber capabilities’ development company for a wide range of global customers.

Secure Ideas

Secure Ideas

Secure Ideas is focused on penetration testing and application security including web applications, web services and mobile applications.

WhizHack Technologies

WhizHack Technologies

WhizHack's mission is to not only create a pipeline of cyber security products but also to empower people to sustainable innovation in securing digital assets of tomorrow.

Strike Security

Strike Security

Strike Security offers a continuous penetration testing platform that combines automation with ethical hackers.

Omega Systems

Omega Systems

Omega Systems is a leading managed service provider (MSP) and managed security service provider (MSSP) to mid-market organizations.

Comcast Technology Solutions (CTS)

Comcast Technology Solutions (CTS)

Comcast Technology Solutions delivers proven technologies for global video, media, communications, data applications, and cybersecurity & compliance.

TachTech

TachTech

TachTech is passionate about trust, security and privacy in the digital world. We create tailored security and compliance solutions to improve your business.

Cyberhill Partners

Cyberhill Partners

Cyberhill is a professional engineering services firm solving complex software implementation and integration challenges.

BeamSec

BeamSec

BeamSec is a cybersecurity solutions provider committed to addressing the human element of risk against the evolving landscape of email-based cyber threats.