The IC3 report in its breakdown of losses said $1,866,642,107 was lost to BEC/EAC; overpayment $51,039,922; Confidence fraud/romance $600,249,82; Ransomware $29,157,405; Investment $336,469,000; Healthcare-related $29,042,515; Non-payment/Non-delivery $265,011,249 and Civil matter $24,915,958.
Others are Identity theft $219,484,699; Misrepresentation $19,707,242; Spoofing $216,513,728; Malware/scareware/virus $6,904,054; Real estate/Rental $213,196,082; Harassment/threats violence $6,547,449; Personal data breach $194,473,055;Copyright/Counterfeit $5,910,617; Tech support $146,477,709; Charity $4,428,766; Credit card fraud $129,820,792;Gambling $3,961,508; Corporate data breach $128,916,648; Re-shipping $3,095,265; Government Impersonation $109,938,030 and Crimes Against Children $660,044.
Victims also lost $512,127 to denial of service; Advanced Fee $83,215,405; Hacktivist $50; Extortion $70,935,939; Employment $62,314,015; Lottery/sweepstakes/Inheritance $61,111,319 Phishing/vishing/smishing/pharming $54,241,075 and Descriptors Social Media $155,323,073.
The report said, “In 2020, the IC3 received thousands of complaints reporting emerging financial crime revolving around CARES Act stimulus funds, specifically targeting unemployment insurance, Paycheck Protection Program loans, and Small Business Economic Injury Disaster Loans, as well as other COVID-related fraud.
“Most of the IC3 complaints related to CARES Act fraud involved grant fraud, loan fraud, and phishing for Personally Identifiable Information. Complaints have been filed from citizens in several states describing fraudulently submitted online unemployment insurance claims using their identities. Many victims of this identity theft scheme did not know they had been targeted until they attempted to file their own legitimate claim for unemployment insurance benefits.”
The FBI further said the IC3 received 19,369 Business Email Compromise / Email Account Compromise complaints with adjusted losses of over $1.8bn, noting that the centre observed an increase in the number of BEC/EAC complaints related to the use of identity theft and funds being converted to cryptocurrency accounts.
The report noted, “Over the years, the scam evolved to include compromise of personal emails, compromise of vendor emails, spoofed lawyer email accounts, requests for W-2 information, the targeting of the real estate sector, and fraudulent requests for large amounts of gift cards.
“In 2020, the IC3 In these variations, we saw an initial victim being scammed in non-BEC/EAC situations to include extortion, tech support, romance scams, etc., that involved a victim providing a form of ID to a bad actor. That identifying information was then used to establish a bank account to receive stolen BEC/EAC funds and then transferred to cryptocurrency accounts.”
