New statistics from the FBI show that more than 847,000 complaints of suspected internet-based crime were made in the past year. Credit: Dimitris66 / Getty Images A new report released by the FBI’s Internet Crime Complaint Center (IC3) shows that financial losses due to suspected cybercrime continued to rise sharply over the course of 2021, to a total of $6.9 billion in that year alone, with 847,000 complaints lodged by victims.Five years ago, the same report showed that internet-based crime accounted for $1.4 billion, on 301,580 complaints. The sharpest and most consistent growth was seen in the area of phishing and other types of credential-based attacks, which rose from about 25,000 incidents in 2017 to nearly 324,000 in 2021.By value, the FBI said, the most damaging internet-based crime in 2021 was business email compromise — the IC3 said that nearly 20,000 complaints about email compromises were received in 2021, and placed total adjusted losses at almost $2.4 billion. This type of scam has evolved considerably from its roots in faked emails and fraudulent wire payment transactions, according to the report. “Now, fraudsters are using virtual meeting platforms to hack emails and spoof business leaders’ credentials to initiate the fraudulent wire transfers,” according to the FBI report. “These fraudulent wire transfers are often immediately transferred to cryptocurrency wallets and quickly dispersed, making recovery efforts more difficult.” These attacks can be highly sophisticated, according to the report. When a CEO or CFO’s email is compromised, hackers can use it to invite employees to a video conference. While in the meeting, the attacker uses a deepfake of the executive’s voice, perhaps coupled with a claim that the video isn’t working, to instruct employees to transfer funds, or even just use the email address to send those fraudulent instructions directly.COVID-19, clearly, gave this type of attack much more traction by causing an explosion in the use of teleconferencing of various kinds, and the fact that those business practices haven’t gone away even in the face of the pandemic’s lessening severity means that attacks targeting virtual meetings are likely to stick around, as well. The FBI also issued guidance for victims of email compromise attacks, namely to immediately contact originating financial institutions to request a reversal and a Hold Harmless letter, file a complaint with IC3, and to avoid making any kind of payment change without verifying on the intended recipient’s end.On a state-by-state level, the hardest-hit U.S. jurisdiction in 2021 was California, with a reported $1.2 billion in losses. Second place was held by Texas with $606 million, and New York was in third place at $559 million. Related content feature The biggest data breach fines, penalties, and settlements so far Hacks and data thefts, enabled by weak security, cover-ups or avoidable mistakes have cost these companies a total of nearly $4.4 billion and counting. By Shweta Sharma and Michael Hill Apr 26, 2024 16 mins Data Breach Security news New CISO appointments 2024 Keep up with news of CSO, CISO, and other senior security executive appointments. By CSO Staff Apr 26, 2024 14 mins CSO and CISO IT Jobs IT Governance news Top cybersecurity product news of the week New product and service announcements from Forcepoint, Ionix, Amplifier Secutiry and Torq. By CSO staff Apr 26, 2024 81 mins Generative AI Security feature Looking outside: How to protect against non-Windows network vulnerabilities Security administrators who work in Windows-based environments should heed the lessons inherent in recent vulnerability reports. By Susan Bradley Apr 25, 2024 7 mins Windows Security Network Security Security Practices PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe