The number of reported Internet crimes and the costs incurred by those crimes are on the rise, according to the FBI Internet Crime Complaint Center’s (IC3) recently released 2016 Internet Threat Report.

When compared with the numbers from the previous year, 2016 saw nearly 11,000 more crimes reported and a loss of $380 million more. According to the report, the “hottest” Internet crimes of 2016 were business email compromise (BEC), ransomware, tech support fraud, and extortion.

“Business Email Compromise (BEC) is defined as a sophisticated scam targeting businesses working with foreign suppliers and/or businesses who regularly perform wire transfer payments. The scam is carried out when a subject compromises legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds,” the report said. “In 2016, the IC3 received 12,005 BEC/EAC complaints with losses of over $360 million.”

In recent months, ransomware has garnered a lot of attention through the May WannaCry attack and ransomware attacks on hospitals and private entities.

“In 2016, the IC3 received 2,673 complaints identified as ransomware with losses of over $2.4 million,” the report said.

In cases of tech support fraud, in which a malicious actor claims to work for a security or software company and offers technical support to gain access to a computer, the IC3 found that older Internet users tend to be more vulnerable, though they received reports from victims from all ages. In 2016, the IC3 received 10,850 tech support fraud complaints with losses in excess of $7.8 million.

“They’ll trick you into letting them into your computer,” said IC3 Unit Chief Donna Gregory. “You open the door and allow them in. You may think you’re just watching them install a program to get rid of a virus, but they are really doing a lot of damage behind the scenes.”

The report found that extortion can be used in a wide variety of Internet criminal schemes, for which the IC3 received 17,146 complaints in 2016.

“Extortion is defined as an incident when a cyber criminal demands something of value from a victim by threatening physical or financial harm or the release of sensitive data. Extortion is often used in various schemes reported to the IC3, including Denial of Service attacks, hitman schemes, sextortion, Government impersonation schemes, loan schemes, and high-profile data breaches,” the report said.

According to the report, California has the highest number of reported complaints as well as the highest loss of funds in 2016.

“Be aware of what you are clicking on and also what you’re posting on social media. Always lock down your social media accounts as much as possible,” Gregory said. “Try to use two-factor authentication, and use safe passwords or things more difficult to guess. The tougher the password, the harder it is for someone to crack.”

Read More About
More Topics
Jessie Bur
Jessie Bur
Jessie Bur is a Staff Reporter for MeriTalk covering Cybersecurity, FedRAMP, GSA, Congress, Treasury, DOJ, NIST and Cloud Computing.