Cybercrime Cost US Business $2.7B In 2018

The FBI has been investigating cyber-attacks on US organisations by overseas criminals and terrorists and cyber-crime cost US businesses a collective $2.7 billion in 2018, according to the FBI's latest annual Internet Crime ReportThe bureau received more than 20,000 complaints from organisations about business email compromise, a catch-all phrase for a number of crimes that leverage tactics, like phishing, targeted email spoofing and other forms of credential theft, to facilitate the fraudulent transfer of funds. 

The most frequently reported complaints were for non-payment/non-delivery scams, extortion, and personal data breaches. The most financially costly complaints involved business email compromise, romance or confidence fraud, and investment scams, which can include Ponzi and pyramid schemes.

Reports came in from every US state and territory and involved victims of every age. There was a concentration of victims and financial losses, however, among individuals over the age of 50.

While more sophisticated tools and attack vectors tend to garner sexier headlines, the report made clear that many hackers are still able to make a good living, exploiting common social engineering methods like BEC to the tune of $1.2 billion in lost or stolen profits. In one instance, a New Jersey town victimised by a BEC scam ended up transferring more than $1 million to a fraudulent account. The FBI said its Newark field office worked with the town's financial institution to freeze and eventually return the stolen funds.

Extortion schemes dangling stolen or sensitive data in exchange for money saw an explosion of growth in 2018, with 51,146 complaints and $83 million in adjusted losses. That represents a 242% increase from 2017. 
Cyber criminals are more frequently using those schemes in conjunction with high-profile data breaches, denial-of-service attacks and government impersonation schemes.

As with previous years, the report illustrated how susceptible older Americans are to internet crime. Approximately $1.15 billion and more half the total victims in 2018 were over the age of 50, and Americans over 60 were the most likely to fall prey to such scams.

The FBI received more than 351,000 complaints from businesses and organisations in 2018, or about 50,000 more than it received the year before. That continues what has been a steady trend of increased reporting over the past five years, something officials have said is the result of constant outreach efforts and engagement by FBI officials with the private sector.

"Our No. 1 piece of advice to companies would be to have an incident response plan … and No. 2, and probably very close second if not tied, is to notify us," said Amy Hess, executive director of the FBI's Criminal, Cyber, Response and Services branch at an April 16 public event.

FBI leaders have emphasised just how much of the bureau's work has shifted in recent years to rely on digital forensics and evidence for virtually every type of crime or counterintelligence area it works on. A big part of the new model for success involves building trust in the private sector so companies that are victims of cyber-crime aren't reluctant to share what they know with investigators.

FCW:          SpaceCoastDaily:      Image: Nick Youngson

You Might Also Read: 

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

« Five Eyes Intelligence Chiefs Point The Finger
How Algorithms Are Being Used »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Virtustream

Virtustream

The Virtustream Enterprise Class Cloud provides a secure, highly available, Infrastructure as a Service (IaaS) to enterprises and government customers.

Astra

Astra

Astra's website security solution provides real-time protection against malware, hackers, SQLi, XSS, DDoS, LFI and RFI.

Focal Point Data Risk

Focal Point Data Risk

Focal Point is a pure-play data risk management provider capable of offering end-to-end consulting, implementation, and training services.

Forter

Forter

Forter provides new generation fraud prevention to meet the challenges faced by modern enterprise e-commerce.

MASS

MASS

MASS provides world-class capabilities in electronic warfare operational support, cyber security, information management, support to military operations and law enforcement.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

TechForing Ltd.

TechForing Ltd.

TechForing Ltd. works for business organization's cyber security and cyber crime incident managements. We help business to secure their business online.

SecurityGate

SecurityGate

SecurityGate.io is the only Integrated Risk Management platform built for OT/ICS cybersecurity.

MVP Tech

MVP Tech

MVP Tech designs and deploys next generation infrastructures where Security and Technology converge.

Kontex

Kontex

Kontex is a Cyber Security consultancy creating resilient solutions. From Strategy, Advisory and Implementation to Management and everything in between.

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

IronClad Encryption (ICE)

IronClad Encryption (ICE)

Ironclad Encryption is Dynamic Encryption. The encryption sequence changes continuously so there is never a correlation between data sent and data received.

Albania Lab

Albania Lab

Albania Lab is a consulting company focused on the development and delivery of digital solutions and IT services including cybersecurity.

CSIOS Corp.

CSIOS Corp.

At CSIOS we help our customers achieve and sustain information and cyberspace superiority through a full range of defensive and offensive cyberspace operations and cybersecurity consulting services.

First Focus

First Focus

First Focus is a managed service provider for medium-sized organisations.

CyberTest

CyberTest

CyberTest offers cybersecurity consulting and penetration testing services that helps organizations and businesses securing their assets.