Takeaways from the 2022 FBI IC3 Report

by | Jun 9, 2023 | Cyber Risk

The FBI IC3 serves as a public resource for organizations to submit reports of cyberattacks and incidents. This information is analyzed and, in return, generates a report providing valuable insights into the evolving landscape of internet crimes. The goal of FBI C3 is to raise awareness about potential risks and protective measures to adopt.

In 2022, cybercrime increased substantially, resulting in massive financial losses worldwide. Phishing was the most frequently reported type of cybercrime, followed by personal data breaches, non-payment/non-delivery, extortion, and tech support. The total number of reported crimes across those totaled around 483,000 cases. To combat these crimes, the Internet Crime Complaint Center (IC3) developed the Recovery Asset Team (RAT) in 2018. RAT serves as a bridge between law enforcement and financial institutions. It identifies potentially fraudulent accounts, stays on top of new fraud trends, and builds a mutually beneficial relationship where information is appropriately shared.

Key Takeaways:

  • Business Email Compromise (BEC) was a significant threat in 2022 as it received 21,832 complaints totaling more than $2.7 billion in adjusted losses. BEC methods have developed from straightforward email account hacking or spoofing to W-2 information requests.BEC attacks target the real estate industry in particular. 
  • Ransomware is another threat that cannot be ignored. The IC3 received 2,385 ransomware complaints in 2022, with total losses exceeding $34.3 million. The top three initial infection vectors for ransomware instances reported to the IC3 include phishing emails, Remote Desktop Protocol (RDP) exploits, and software flaws.
    • The IC3 received 870 reports that indicated organizations belonging to a critical infrastructure sector were victims of a ransomware attack. 
    • Healthcare and Public Health led with 210 victims each, followed by Manufacturing with 157 victims, and Government Facilities with 115 victims. 
    • The top three ransomware variants reported to IC3 that hit critical infrastructure were LockBit, ALPHV/Blackcoats, and Hive.
  • Call center fraud costs victims over $1 billion. There were two types of call center fraud identified: tech/customer support and government impersonation. Elderly victims were disproportionately targeted, with 69% of damages (over $724 million) and 46% of victims over 60. India is the primary source of South Asian call center fraud.

Work with Cowbell to Protect Yourself
Cowbell offers its policyholders access to a wealth of resources to help manage their cyber risk and reduce the chances of being seriously, and sometimes irreparably, harmed by a ransomware attack. These resources include real-time risk ratings and insights, access to Cowbell’s dedicated risk engineering team, employee cybersecurity awareness training, and access to Cowbell’s vendor marketplace of best-in-class cybersecurity providers through Cowbell Rx. Ransomware is an epidemic that is not going anywhere soon, but there are steps you can take today to mitigate risk, and Cowbell is here to help. Learn more at cowbell.insure/for-businesses.

Related Posts

Cowbell Blog

Grow your cyber IQ with our insights into cyber insurance, cyber risk, and cyber security.

See How Cowbell Can Protect Your Business