New statistics from the FBI show that more than 847,000 complaints of suspected internet-based crime were made in the past year. Credit: Dimitris66 / Getty Images A new report released by the FBI’s Internet Crime Complaint Center (IC3) shows that financial losses due to suspected cybercrime continued to rise sharply over the course of 2021, to a total of $6.9 billion in that year alone, with 847,000 complaints lodged by victims.Five years ago, the same report showed that internet-based crime accounted for $1.4 billion, on 301,580 complaints. The sharpest and most consistent growth was seen in the area of phishing and other types of credential-based attacks, which rose from about 25,000 incidents in 2017 to nearly 324,000 in 2021.By value, the FBI said, the most damaging internet-based crime in 2021 was business email compromise — the IC3 said that nearly 20,000 complaints about email compromises were received in 2021, and placed total adjusted losses at almost $2.4 billion. This type of scam has evolved considerably from its roots in faked emails and fraudulent wire payment transactions, according to the report. “Now, fraudsters are using virtual meeting platforms to hack emails and spoof business leaders’ credentials to initiate the fraudulent wire transfers,” according to the FBI report. “These fraudulent wire transfers are often immediately transferred to cryptocurrency wallets and quickly dispersed, making recovery efforts more difficult.” These attacks can be highly sophisticated, according to the report. When a CEO or CFO’s email is compromised, hackers can use it to invite employees to a video conference. While in the meeting, the attacker uses a deepfake of the executive’s voice, perhaps coupled with a claim that the video isn’t working, to instruct employees to transfer funds, or even just use the email address to send those fraudulent instructions directly.COVID-19, clearly, gave this type of attack much more traction by causing an explosion in the use of teleconferencing of various kinds, and the fact that those business practices haven’t gone away even in the face of the pandemic’s lessening severity means that attacks targeting virtual meetings are likely to stick around, as well. The FBI also issued guidance for victims of email compromise attacks, namely to immediately contact originating financial institutions to request a reversal and a Hold Harmless letter, file a complaint with IC3, and to avoid making any kind of payment change without verifying on the intended recipient’s end.On a state-by-state level, the hardest-hit U.S. jurisdiction in 2021 was California, with a reported $1.2 billion in losses. Second place was held by Texas with $606 million, and New York was in third place at $559 million. Related content brandpost Sponsored by Microsoft Security Want to drive more secure GenAI? Try automating your red teaming Automation can enhance an AI red teamer’s existing domain expertise while offloading tedious tasks. Learn more today. By Microsoft Security Apr 29, 2024 5 mins Security news analysis Marriott admits it falsely claimed for five years it was using encryption during 2018 breach Marriot revealed in a court case around a massive 2018 data breach that it had been using secure hash algorithm 1 and not the much more secure AES-1 encryption as it had earlier maintained. By Evan Schuman Apr 29, 2024 6 mins Data Breach Encryption Legal brandpost Sponsored by Palo Alto Networks Is your hybrid/multicloud strategy putting your organization at risk? For all the flexibility and cost management upsides to hybrid/multicloud infrastructure, there is a major trade-off: Complexity can breed security risks. By Pete Bartolik Apr 29, 2024 4 mins Security news UK’s revamped surveillance rules become law despite industry opposition A new law expanding the Investigatory Powers Act, the UK’s already-controversial surveillance and data access rules, became law last week. By John Leyden Apr 29, 2024 4 mins Government Mobile Security Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe