The FBI’s Internet Crime Complaint Center (IC3) saw 50,357 more complaints involving cybercrime in 2018 then they saw in 2017, amounting to a 17% increase.
According to the IC3’s annual Internet Crime Report, 351,936 complaints were received in 2018—more than 900 per day on average. These accounted for losses of roughly $2.7 billion, which averages out to about $2,700 per complaint.
Here are some more findings of the report:
- Business email compromise (BEC) proved the most financially damaging, with these attacks resulting in $1.3 billion in losses across just more than 20,000 incidents.
- Social engineering scams of some kind snagged 72 victims per day on average in 2018, costing about $48 million.
- But it’s not just about phishing. Personal data breaches were a leading trend, with leaks of personal data and cyberattacks targeting and successfully compromising this information affecting about 50,000 people and costing roughly $148 million.
- Losses from malware and ransomware attacks totaled about $11 million.
“The 2018 report shows how prevalent these crimes are,” IC3 Chief Donna Gregory said. “It also shows that the financial toll is substantial and a victim can be anyone who uses a connected device. Awareness is one powerful tool in efforts to combat and prevent these crimes.”
We’re glad Gregory mentioned awareness, though we might be thinking of it a little differently then she is. Real-world statistics like this are perfect fodder for making the case for both an awareness training program overall and for helping employees understand that this stuff matters.
These findings also lend more credence to the argument that security awareness training should not and cannot be just about phishing. Companies need a more comprehensive approach that provides coverage of a larger threat landscape.