More than 900 times each day in 2018, someone complained to the Federal Bureau of Investigation about a cyber-related crime. During the 12 months that ended in December 2018, nearly 352,000 incidents were reported to investigators that resulted in more than $2.7B in losses, just short of double the $1.4B in losses identified the previous year.
Losses due to business email compromise (BEC)
The number of crimes reported and the dollar values involved have grown each year since 2014. In the 19 years since the FBI started tracking cyber-related crimes, nearly 35% have been reported in the past five years. Business email compromise (BEC) fraud – defined as when a legitimate business e-mail account is used to conduct unauthorized transfers of funds – is far and away the most expensive form of cybercrime.
FBI Internet Crime Report
By way of comparison, BEC fraud losses tallied ~$1.3B in 2018 compared to $362M for second place “confidence and romance fraud.” “Corporate data breaches” – while headline grabbing – only represent $117M in actual fraud losses, just ahead of “Identity Theft” at $100M.
In announcing the latest FBI Internet Crime Report, FBI officials made clear the trends are not moving in the right direction. “The 2018 report shows how prevalent these crimes are. It also shows that the financial toll is substantial and a victim can be anyone who uses a connected device,” noted Donna Gregory, chief, IC3.
That’s the bad news. The good news is the FBI has launched an effort to return stolen money to businesses. In less than one year, the new Recovery Asset Team has recovered more than $192M for companies swindled out of funds transferred after receiving a spoofed email.
Strategies to Avoid Cyberattack and Corporate Email Hacking.
Prevention is always the best strategy for avoiding cyberattacks and fraud, but even the most sophisticated organizations fall short of their protection goals. That’s why the FBI report also includes advice on what to do if you fall victim to a fraud scheme:
Contact the originating Financial Institution as soon as fraud is recognized to request a recall or reversal as well as a Hold Harmless Letter or Letter of Indemnity. · File a detailed complaint with the FBI at www.ic3.gov. It is vital the complaint contain all required data in provided fields, including banking information.
Verify with the intended recipient before making any payment changes; verify email addresses are accurate when using mail on a cell phone or other mobile device. You can learn more about the state of cyber-related crime by reading the FBI’s 2018 Internet Crime Report.
Clearnetwork reduces the burden on overworked and understaffed IT teams. We lower risks and costs so you can focus on protecting your business.