FBI: Cyber Criminals Took from Victims in the US Over $6.9 Billion in 2021

News

Ransomware attacks, business e-mail compromise and criminal use of cryptocurrency were last year on the rise in the United States and exposed the dangers malign cyber actors pose to individuals, companies, banks, and governments.

March 29, 2022

While the U.S. has made progress in cyber security, the costs of the already alarmingly high number of cybercrimes are still rising and in 2021 exceeded US$6.9 billion, a report by the FBI’s Internet Crime Complaint Center (IC3) said.

Last year, the Miami-based IT firm Kaseya was infiltrated by the REvil/Sodinokibi ransomware, which is based in a Commonwealth of Independent States country. The attackers requested $70 million in bitcoin but the company declined, opting to cooperate with the authorities. A few days later, Kaseya obtained a decryption key.

Ransomware scams hijack victims’ devices with the help of malicious software and try to force them to pay for tools that would allow them to unlock their data.

In the United States, three ransomware apps targeted members of critical infrastructure sectors, including the defense industrial base, energy, and government facilities. Last year, the three top apps CONTI, LockBit and REvil/Sodinokibi attacked at least 196 members, or about 30 percent of the victims.

According to the complaints, members of the Healthcare and Public Health, Financial Services, and Information Technology sectors were the most targeted by ransomware apps.

In 2022, IC3 expects to see an increase in critical infrastructure victimization. One of the pushing factors might be that the Russian government is allegedly exploring options for potential cyberattacks on critical infrastructure in the United States in retaliation for sanctions and other punishments as the war in Ukraine grinds on.

Business email compromise is a financial scheme that mostly targets companies working with foreign suppliers and do wire transfer payments. Email account compromise, on the other hand, targets individuals to convince them to wire money to bank accounts controlled by scammers.

Criminals send a message that appears to come from a known source making a legitimate request, exploiting the fact that people rely on email to conduct business. In late 2019, a U.S. operation arrested 281 suspects for alleged email scamming. Usually, criminals scam elderly, real estate buyers and job hunters.

Today, cryptocurrency leaves a big door open for various types of fraud, including romance scams. The scammers contact their victims through dating apps or social media platforms, gain their confidence and trust, and, finally, claim to have an emergency or knowledge of a cryptocurrency investment that will result in significant profits. Last year, IC3 received more than 4,300 complaints, with losses over $429 million.

A victim told the FBI that she had coughed up US$2 million. The money went to an online suitor she had never met. She said that “there’s a big part of me that doesn’t believe that…if he’s a scammer, I’ve been so brainwashed…I’ve lost everything. It’s all I had. It’s any inheritance that I could have passed on to my daughter.”

The FBI advised people to go slowly and be careful. Special Agent Christine Beining said “they’ll develop a relationship very quickly. They’ll try to endear themselves to the victims. They’ll say whatever the victim wants to hear.”