Blog Post

2019 FBI Internet Crime Report

Richard P. Kusserow | March 2020

Key Points

  • In 2019, there were over $3.5 billion reported in victim losses.
  • In the last 5 years, IC3 received over 1,708,000 complaints with $10 billion in losses.
  • In 2019, the FBI’s Recovery Asset Team recovered over $300 million for victims.

The Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) issued their report for 2019 with data reflecting the cyber-crime threat as evolving and growing. IC3’s mission is to provide the public with a reliable and convenient reporting mechanism to submit information to the FBI concerning suspected internet-facilitated criminal activity, and to develop effective alliances with industry partners. Information is analyzed and disseminated for investigative and intelligence purposes, for law enforcement and for public awareness. Their annual report aggregates and highlights data that the general public provided. The latest report notes that internet-enabled crimes and scams show no signs of slowing down. For 2019, the report shows both the highest number of complaints and highest dollar losses reported since the center was established in May 2000.

IC3 received 467,361 complaints in 2019, an average of nearly 1,300 every day, and recorded more than $3.5 billion in losses to individual and business victims. The most frequently reported complaints were phishing and similar ploys, non-payment/non-delivery scams, and extortion. The most financially costly complaints involved business email compromises, romance or confidence fraud, and “spoofing,” or mimicking the account of a person or vendor known to the victim to gather personal or financial information. The report noted that cyber-criminals are getting more sophisticated in deploying new tactics and techniques to carry out existing scams, making it harder for victims to decipher real items from fake ones. While email is still a common entry point, fraud is also beginning to occur through text messages, a crime called “smishing,” and even fake websites, a tactic called “pharming.” For example, a person may get a text message that appears to be their bank asking for verification of information on their account, or a person may even search a service online and inadvertently end up on a fraudulent site that gathers their bank or credit card information. All these fraudulent activities require being extremely skeptical and doublechecking everything by verifying requests in person or by phone, double-checking web and email addresses, and not following the links provided in any messages. Business email scams resulted in more than $1.7 billion in losses and typically involved a criminal spoofing or mimicking a legitimate email address. For example, an individual will receive a message that appears to be from an executive within their company or a business with which the individual has a relationship. The email will request a payment, wire transfer, or gift card purchase that seems legitimate but funnels money directly to a criminal. In this type of scheme, a company’s human resources or payroll department receives an email appearing to be from an employee requesting to update their direct deposit information for the current pay period. The change instead routes an employee’s paycheck to a criminal.

As a final note, the FBI’s Recovery Asset Team was able to recover over $300 million for victims in 2019.

About the Author

Richard P. Kusserow established Strategic Management Services, LLC, after retiring from being the DHHS Inspector General, and has assisted over 2,000 health care organizations and entities in developing, implementing and assessing compliance programs.

Subscribe to blog