The FBI’s Internet Crime Complaint Center (IC3) has reported over 800,000 cybercrime-related complaints in 2022, with losses exceeding $10 billion, which marks an increase from the $6.9 billion in losses reported in 2021.
The top five types of cybercrime complaints in 2022 were phishing, personal data breaches, non-payment/non-delivery scams, extortion, and tech support scams. Business email compromise (BEC) attacks accounted for over 21,000 of the total complaints and resulted in losses of $2.7 billion.
The IC3’s Recovery Asset Team (RAT) reported a 73% success rate in helping victims of BEC attacks recover their funds. Of the $590 million in losses reported, the agency managed to freeze $433 million.
Investment scams surpassed BEC attacks in losses, with $3.31 billion reported in 2022, primarily due to a rise in cryptocurrency investment fraud, which increased from $907 million in 2021 to $2.57 billion in 2022.
Ransomware attacks were also prevalent in 2022, with the FBI receiving more than 2,300 complaints, resulting in adjusted losses of over $34 million. Critical infrastructure sectors were among the most targeted organizations, with healthcare, critical manufacturing, government facilities, and IT sectors being the most impacted.
LockBit, BlackCat, and Hive were the most commonly seen ransomware operations targeting critical infrastructure, with Hive being recently disrupted by law enforcement.
Lastly, call center fraud, including tech support and government impersonation scams, caused losses exceeding $1 million for 44,000 victims in 2022.
