Cybercriminals made $7bn in pure profit in 2021, says FBI

Another year, another batch of record-setting cybercrime losses

The FBI's latest yearly cybercrime report is bad news for those of us trying to stay safe: The criminals continue to have a leg up, leading to record financial losses.

The FBI's Internet Crime Complaint Center (IC3) released its annual report compiled from 847,376 complaints it received in 2021. It said businesses lost in excess of $6.9bn from the attacks.

Those nearly one million complaints in 2021 were a 7 percent increase from 2020, in which 791,790 complaints were filed. Go back a year further and that number was just 467,361, meaning there was a big jump in 2020 that shows no signs of slowing to pre-pandemic numbers. 

The report credits the jump, and persistent increase in 2021, to the COVID-19 pandemic and the shift to remote work and school, which has in turn paved ther way for new attack vectors.

Vectors opened during the COVID-19 pandemic don't necessarily affect the types of crimes, or the proportion in which they're committed. Phishing and related crimes (live vishing and smishing) have held a solid control as the most popular attack method since 2019, when they leapt past non-payment/non-delivery (NP/ND) scams. Following phishing in 2021 (in descending order) were NP/ND, personal data breaches, identity theft and extortion.

The IC3 report breaks the most popular scams down into five areas, sorted here not by the most frequent, but by total estimated losses.

Business email compromise

There were 19,954 BEC complaints to the IC3 in 2021 that accounted for approximately $2.4bn in losses. There is a bright spot here in the form of the IC3 Recovery Asset Team.

The IC3 RAT is a group with streamlined access to financial institutions that is designed to freeze funds as soon as a compromise is reported. To date, the RAT has recovered $328.32m and said it was successful in 74 percent of the cases it was involved in. 

Cryptocurrency scams

While criminal use of cryptocurrency has reportedly been declining in proportion to its legitimate user base, but it still accounts for massive amounts of illicit funds being moved, to the tune of $1.6bn in 2021. 

That's a seven-fold increase in the amount of cryptocurrency stolen in 2021 versus 2020, despite a decrease in the number of complaints year-over-year. 

Confidence and romance scams

While it's the second highest in terms of number of attacks, confidence and romance tricksters only made it to third place in total earnings, with $956m stolen as a result of extortion. 

The FBI said that cryptocurrency scams have become a popular endgame for romance and confidence tricksters, with $429m of total crypto losses in 2021 attributable to their cons.

Tech support scams

The greatest in number, with 29,903 reports in 2021, were tech support scams, which famously target older, less tech-savvy people. In 2021 cybercriminals earned $347m from such activities, a 137 percent increase from 2020. 

Unsurprisingly, the FBI said that nearly 60 percent of tech support victims are over 60 years of age, and account for 68 percent of the total losses in this category.


Despite it repeatedly being a top news story, ransomware only accounted for 3,279 complaints in 2021, totalling just $49.2m in losses. The Conti ransomware variant was the most popular.

IC3 took time to point out which critical infrastructure sectors were most hit in 2021, with healthcare far and away reporting the most attacks. Financial services followed, then IT, critical manufacturing and government facilities. ® 

Other stories you might like

  • World Economic Forum wants a global map of online crime
    Will cyber crimes shrug off Atlas Initiative? Objectively, yes

    RSA Conference An ambitious project spearheaded by the World Economic Forum (WEF) is working to develop a map of the cybercrime ecosystem using open source information.

    The Atlas initiative, whose contributors include Fortinet and Microsoft and other private-sector firms, involves mapping the relationships between criminal groups and their infrastructure with the end goal of helping both industry and the public sector — law enforcement and government agencies — disrupt these nefarious ecosystems.  

    This kind of visibility into the connections between the gang members can help security researchers identify vulnerabilities in the criminals' supply chain to develop better mitigation strategies and security controls for their customers. 

    Continue reading
  • Google: How we tackled this iPhone, Android spyware
    Watching people's every move and collecting their info – not on our watch, says web ads giant

    Spyware developed by Italian firm RCS Labs was used to target cellphones in Italy and Kazakhstan — in some cases with an assist from the victims' cellular network providers, according to Google's Threat Analysis Group (TAG).

    RCS Labs customers include law-enforcement agencies worldwide, according to the vendor's website. It's one of more than 30 outfits Google researchers are tracking that sell exploits or surveillance capabilities to government-backed groups. And we're told this particular spyware runs on both iOS and Android phones.

    We understand this particular campaign of espionage involving RCS's spyware was documented last week by Lookout, which dubbed the toolkit "Hermit." We're told it is potentially capable of spying on the victims' chat apps, camera and microphone, contacts book and calendars, browser, and clipboard, and beam that info back to base. It's said that Italian authorities have used this tool in tackling corruption cases, and the Kazakh government has had its hands on it, too.

    Continue reading
  • NSO claims 'more than 5' EU states use Pegasus spyware
    And it's like, what ... 12, 13,000 total targets a year max, exec says

    NSO Group told European lawmakers this week that "under 50" customers use its notorious Pegasus spyware, though these customers include "more than five" European Union member states.

    The surveillance-ware maker's General Counsel Chaim Gelfand refused to answer specific questions about the company's customers during a European Parliament committee meeting on Thursday. 

    Instead, he frequently repeated the company line that NSO exclusively sells its spyware to government agencies — not private companies or individuals — and only "for the purpose of preventing and investigating terrorism and other serious crimes."

    Continue reading

Biting the hand that feeds IT © 1998–2022