Financial Losses from Cybercrime Shot Up in 2016

The FBI’s Internet Crime Complaint Center (IC3) recently released its 2016 Internet Crime Report, taking a look at malicious online activity occurring last year. The report contained numerous revelations, not the least of which was a sharp increase in cybercrime activity, resulting in considerable financial losses among victims.

2016 cybercrime levels

It seems not a day goes by in the current cybercrime landscape without reports of a new malware threat or large-scale breach, and last year was no different. Hacker activity has been on the rise for quite a while, but 2016 saw a particularly large increase in activity - up 24 percent compared with the previous year.

According to IC3, this finding was based on the almost 300,000 complaints filed with the agency, including those related to malicious activity impacting victims under 20 years of age and over 60 years of age. Overall, these instances added up to staggering financial loss - the IC3 saw more than 800 complaints a day, resulting in a total of $1.33 billion in victim losses.

Even more worrisome is the fact that this figure may not be completely accurate, and simply reflects the crimes that the IC3 is aware of.

“Millions of people in the United States are victims of Internet crimes each year,” the report stated. “Detection is the cornerstone of determining the larger Internet crime picture. However, only an estimated 15 percent of the nation’s fraud victims report their crimes to law enforcement. This 15 percent figure is just a subset of the victims worldwide.”

Consequently, the actual amount of financial losses due to cybercrime activity would likely well exceed the $1.33 billion victims reported to authorities.

Financial losses by age range

What is perhaps even more telling than the total reported financial losses is the pattern of loss seen among different victim age groups.

Of the more than 280,000 complaints investigated by the IC3 each year, the majority impacted individuals over 60 years of age - 2016 saw more than 55,000 of these victims experiencing total losses of over $3.39 million. Many victims also fell between the ages of 30 and 39, including over 54,000 individuals who experienced more than $1.9 million in losses.

According to IC3 historical data, 2016 saw the highest number of cybercrime complaints in the last five years.

Top cybercrime activity: Hacking strategies

Hackers have an array of cybercrime strategies available at their fingertips, and the reports made to the IC3 show the variety of attacks that continue to take place across the globe.

Overall, non-payment and non-delivery topped the list of crime types, impacting more than 81,000 individuals in 2016. This was followed by personal data breaches, where the sensitive, personal information of an individual is stolen and sold, or used for fraudulent purposes. Last year saw more than 27,000 instances of this type of crime. Other common crimes last year included overpayment, phishing, identity theft, credit card fraud, and harassment or threat of violence.

In addition, less popular crime strategies also continued to emerge last year, including 113 instances of hacktivist activity, 295 reports of online terrorism and 369 crimes connected with health care services.

Raising awareness: 2016’s cybercrime hot topics

The IC3’s report also highlighted several increasingly popular hacking strategies in an effort to educate businesses and consumers about potential online risks. Last year’s hot topics included:

  • Business email compromise: These instances are highly sophisticated scams that look to pinpoint and exploit businesses via their legitimate email communications to support fraudulent wire transfers or fraudulent checks. Hackers are able to tailor the attack to the particular business target and will use the form of payment most common to that organization. Last year, there were more than 12,000 reports of business email accounts compromised, racking up losses of more than $360 million within the corporate community.
  • Ransomware: This has been a prevalent threat for several years, and 2016 did not break the pattern. Ransomware attacks begin once a malicious actor has successfully infiltrated a victim’s computer system, placing strong encryption on sensitive files to prevent authorized user access. When victims attempt to retrieve or view their assets, they receive a notification of the infection that also demands a ransom for the safe return of the encrypted files. Victims must then pay hackers in untraceable Bitcoin. Last year, more than 2,600 instances of ransomware were reported to the IC3, resulting in $2.4 million in losses.
  • Extortion: While ransomware certainly falls under this umbrella, 2016 saw a range of online extortion crimes. This activity included data breaches, impersonation schemes, loan scams and denial-of-service attacks. Overall, more than 17,000 extortion instances were reported last year, totalling $15 million in losses.

Supporting cybercrime investigations with big data analytics

The IC3 report represents just one of many law enforcement efforts centered around the use of big data. By gathering and analyzing information about the types of crimes taking place, organizations like the FBI’s IC3 are in a better position to pinpoint top hacking strategies, as well as identify characteristics of the most common victims.

Big data will continue to play an important role in cybercrime investigations now and into the future. To find out more, talk to us!