The Heavy Toll of Phishing in 2020 - What the FBI Results Show

Those keeping an eye on the state of phishing threats in the U.S. had their worst fears confirmed with the release of the FBI’s 2020 Internet Crime Report. Cybercrime has been on the rise ever since the FBI’s Internet Crime Complaint Center (IC3) opened in 2000, though few could have foreseen the huge jump in incidents as the world contended with the COVID-19 pandemic. Call them what you will – fraudsters, cybercriminals, hackers, phishers, or black hats – they came out in droves to take advantage of unsuspecting individuals and businesses.

What prompted 2020’s rise in cybercrime?

Chalk it up to a plethora of opportunities, but in 2020 cybercriminals were presented with a virtual treasure trove of new vulnerabilities as the world faced a deadly pandemic. In fact, the FBI had to add a sad new statistic to their annual Internet Crime Report this year – the number of COVID-19 related cybercrimes. 28,500 to be exact.¹

Here are just a few of the events that added to the cyber chaos:

• Declares a Public Health Crisis, which quickly turns to a National Emergency
• Travel bans are put into place
• Schools close down and learning becomes virtual
• State-wide ‘Stay and Shelter’ orders are issued
• Non-essential businesses are ordered to close and millions of employees begin working remotely
• Shortages of protective equipment become apparent
• Supply chains in just about every industry are disrupted
• Centers for Medicare & Medicaid Services (CMS) expanded Telehealth
• Economic stimulus packages are issued by the government
• The Senate passed the Coronavirus Aid, Relief, and Economic Security (CARES) Act, providing relief to businesses
• Social distancing and the use of masks are mandated for businesses
• News of vaccine trials, and later vaccine offerings are everywhere

Every item on this list played to the fears and vulnerabilities of individuals, companies, and employees worldwide – creating new opportunities for hackers to convince unsuspecting users to fall for phishing emails designed to infect, invade, and steal.

10 Need-to-Know Cybercrime Stats from 2020

So, just how bad was it? Here are 10 statistics from the most recent FBI Internet Crime Report you should know about:¹

1. Victim’s losses due to cybercrime in 2020 totaled $4.2 billion.
2. In 2020, the IC3 received 19,369 Business Email Compromise (BEC)/Email Account Compromise (EAC) complaints with adjusted losses of over $1.8 billion.
3. In 2020 Business Email Compromise (BEC) tactics reached a new high, with victims being tricked into providing a form of ID to a bad actor. That ID was then used to establish a bank account to receive stolen BEC/EAC funds before transferring them into a cryptocurrency account.
4. In 2020, the IC3 received 15,421 complaints related to Tech Support Fraud from victims in 60 countries. The losses amounted to over $146 million, which represents a 171 percent increase in losses from 2019.
5. In 2020, the IC3 received 2,474 complaints identified as ransomware with adjusted losses of over $29.1 million.
6. The hardest-hit age range of cybercrime in 2020 were those over 60 years old. More than $966,000,000 was taken from this group.
7. States that were hit the hardest by cybercrime in 2020 included California, Texas, Florida, and New York.
8. In terms of crime type, email phishing was at the very top of the list, accounting for more than 241,000 victims and more than $54,000,000 in losses.
9. Reported phishing crimes were more than nine times higher than what they were just two years prior. Phishing scams jumped from 26,379 in 2018 to 241,342 in 2020.
10. Corporate data breaches, which often begin with a phishing email, accounted for nearly $129 million in losses.

Sadly, the numbers don’t lie. From email phishing to business email compromise, cybercriminals are getting smarter and their scams are becoming more and more sophisticated. Phishing attacks also apply to every industry – leaving us all at risk.

The average Business Email Compromise (BEC) crime cost its victims $96,372 in 2020. If that’s a dollar figure you don’t want to even think about parting with, you need to seriously consider the protection a third-party email security company provides. An award-winning cloud-based email security software, INKY recognizes phishing emails that the human eye could never see. Driven by computer vision, machine learning, and artificial intelligence, INKY blocks malicious emails, many of which your secure email gateways (SEGs) and virus protection software programs can’t detect.

INKY integrates seamlessly with any email platform. With robust reporting features, INKY allows administrators to review phishing threats that have been identified and see how employees are handling them. You can even conduct your own phishing simulations.

If you’d like to learn more about the phishing threats facing your company and how best to protect against them, a great first step is to schedule a demonstration.

INKY® is the emerging hero in the war against phishing. An award-winning cloud-based email security solution, INKY® prevents the most complex phishing threats from disrupting or even immobilizing your company’s day-to-day business operations. Using computer vision, artificial intelligence, and machine learning, INKY® is the smartest investment you can make in the security of your organization. INKY® is a proud winner of the NYCx Cybersecurity Moonshot Challenge and finalist in the 2020 RSAC Innovation Sandbox Competition. Learn more about INKY® or request an online demonstration today.

¹Source: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf