By Brad Atkin, CPA, CISA, CITP – Shareholder, Audit and IT Security Assurance Services

On Oct. 12, 2017, the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (“IC3”) received its four millionth consumer internet crime complaint.

IC3 recently published its 2017 Internet Crime Report highlighting trends and statistics during 2017. The report includes approximately 300,000 complaints that have led to losses over $1.4 billion. The report emphasizes the IC3’s efforts in monitoring trending scams of four “hot topics” which includes:

1. Business Email Compromise (“BEC”): BEC is a sophisticated scam targeting businesses that often work with foreign suppliers and/or businesses and regularly perform wire transfer payments. This also can include email account compromise, which targets the individuals performing the wires. Once compromised, these email accounts are used to initiate fraudulent funds transfers to route through accounts in multiple countries. Typically victims are contacted through by subjects posing as CEOs, CFOs and lawyers. The IC3 reported 15,690 BEC complaints with adjusted losses of over $675 million in 2017.

2. Ransomware: This category of attack refers to specialized malware targeting weaknesses in an effort to make critical data and or systems inaccessible. This attack can rapidly encrypt sensitive data, and includes a ransom to receive your information back. The FBI notes it does not support paying ransoms to adversaries, citing instances where the victim paid the ransom but never received decryption keys. In all cases, the FBI encourages contact with the local FBI field office immediately. The IC3 reported 1,783 ransomware complaints in 2017 with adjusted losses of over $2.3 million.

3. Tech Support Fraud: This attack is a widespread scam in which criminals target individual consumers by claiming to provide customer, security or technical support to elicit fraudulent payments or access to consumers’ computers. There are many variations of this scam, but it can include telephone calls, malicious pop-up screens, URL hijacking, fraudulent account charges and phishing emails. In addition to eliciting payments from victims, if the attackers are able to connect to the victim’s device, they download personal information including financial accounts, passwords and Social Security numbers. The IC3 reported 10,949 tech support fraud complaints with adjusted losses of approximately $15 million in 2017, which represents a 90 percent increase from 2016.

4. Extortion: This category of attack refers to threatening physical harm, financial harm or the release of sensitive data unless the victim provides something of value. The report notes extortion-related complaints in 2017 included reports of denial of service attacks, hitman schemes, sextortion, government impersonation schemes, loan schemes and high-profile data breaches. In 2017, the IC3 reported 14,938 extortion-related complaints with adjusted losses of over $15 million.

With cybercrime on the rise, it’s important to protect your business from becoming a victim. To help you achieve this goal, Doeren Mayhew offers a wide range of information technology security services, including vulnerability and penetration testing. Contact us today to avoid becoming a statistic in the FBI’s 2018 Internet Crime Report

Source: FBI’s 2017 Internet Crime Report