The Federal Bureau of Investigation's Internet Crime complaint Center (IC3) has published the Annual Internet Crime Report 2022.
The IC3 received a total of 800,944 complaints in 2022, with losses exceeding $10.3 billion. Phishing schemes were the number one crime type with 300,497 complaints, and for the first time, Investment schemes, reported the highest losses to victims, totaling over $3.3 billion. In 2022, the IC3 received 88,262 complaints from victims over the age of 60 with losses in excess of $3.1 billion, as result of the significant impact of scams targeting the elderly, IC3 is planning to release its third annual report focusing entirely on Elder Fraud within the next few weeks.
Besides focus on crime types, International and State statistics, the Threat overviews for 2022 include:
BEC complaints ranked the second largest dollar losses reported to IC3 at over $2.7 billion. Highlights of the continued success of the Recovery Asset Team, assisting in freezing over $433 million in funds for victims who made transfers to US accounts under fraudulent pretenses.
Crypto-investment scams saw unprecedented increases in the number of victims and the dollar losses to these investors. In 2022, investment scam losses were the most (common or dollar amount) scheme reported to the IC3. Investment fraud complaints increased from $1.45 billion in 2021 to $3.31 billion in 2022, which is a 127%. Within those complaints, cryptocurrency investment fraud rose from $907 million in 2021 to $2.57 billion in 2022, an increase of 183%.
Ransomware incidents, although smaller reporting numbers with 2,385 complaints identified as ransomware, the adjusted losses were more than $34.3 million. The IC3 received 870 complaints that indicated organizations belonging to a critical infrastructure sector were victims of a ransomware attack. Of the 16 critical infrastructure sectors, IC3 reporting indicated 14 sectors had at least 1 member that fell victim to a ransomware attack in 2022. The three top ransomware variants reported to the IC3 that victimized a member of a critical infrastructure sector were Lock bit, ALPHV/Blackcoats, and Hive.
Illegal call centers defraud thousands of victims each year. Two categories of fraud reported to the IC3, Tech/Customer Support and Government Impersonation, are responsible for over $1 billion in losses to victims. Almost half the victims report to be over 60 (46%), and experience 69% of the losses (over $724 million).