Written by Rob Tharle, Head of Product 

Last week we saw the eagerly awaited arrival of the FBIs IC3 Internet Crimes report for 2022. It was largely overshadowed by what was going on with SVB, but here’s a review of this important report. 

Key points: 

• Total reported losses up 49% to $10.3bn vs. 2021 
• Total reported cases down 5% to 800,944 

• Phishing still the top attack type by volume, but small downward trend 
• Personal data breaches are up 13%, now second by volume 
• Cryptocurrency related crime reports* now $3.8bn for 2022 

These numbers tell some interesting stories. 

Investment scams have overtaken business email compromise (BEC) attacks by value and by quite a large margin. There will be multiple reasons for this. Taking BEC first, cases are up 9%, while losses are up 14%. 

Investment Frauds have skyrocketed, more than doubling to $3.3bn. It’s also clear that crypto has been a large driver here (and this likely includes some romance scams/pig butchering too).  Here, we see the age ranges skewing younger that many other scam types.  

Tech support cases also went up by over 50%, with losses up 132%.  These scams typically target the older population, likely due to their reliance on phone calls and lack of digital skills. 

Let’s dig in a little further.  

Firstly, losses are up big time and with case volumes down a bit this means the individual case values are going up a lot.  

Secondly, do we really think case volumes have dropped? It’s likely that there is still under reporting for various reasons. For example, there is too much effort for the lower value cases, people are embarrassed to admit they have fallen for it, their expectation of getting money back is low. 

Having said that, there is also a handy comparison of reporting across the globe that shows the US and the UK orders of magnitude higher volumes that elsewhere. This will be a mixture of both greater reporting (good) and higher levels of scams. In my experience the majority of jurisdictions are suffering from these scams.  More needs to be done to increase reporting across the global. 

Moving on, one section that is particularly interesting is the age group statistics. It’s clear for all to see that these scams are no longer targeting the old, vulnerable and naive, but are targeting everyone. It’s now time that everyone woke up to the menace caused by these frauds and scams and that the investment needed to help reduce and disrupt them from all parts of the ecosystem is found. 

What should we be doing to reduce this threat?  

This is not a situation that we can educate our way out of. Whilst opportunism rife, these frauds and scams are undertaken by organised crime and run as a business. Different gangs work together to make them work, yet the ability of the private and public sectors to work together still needs more work. 

What’s required is a multi-layered approach across multiple stakeholders. This needs to focus on: 

• Making it easier for victims to report quickly and once – increasing timely reporting to aid freezing, recover, repatriation  
• Helping LEAs to be able to freeze and repatriate funds faster and easier 
• Increased investment across private and public sectors, this means there needs to be relevant incentives to do so 

• Renewed focus on the beneficiary side of the scams, covering mule accounts and wallets to prevent onward transmission of funds and increase recovery rates 
• Looking across the fraud chain to add controls, including with the enablers 

• Ensure platforms, ad platforms, social media, dating sites etc. do more to detect and prevent abuse  
• Keep disrupting fake sites and apps 
• Limiting abuse of telco systems 

Click here to see how CYBERA’s solutions can help you protect your customers and yourselves from the impact of scams 

*P22 Cryptocurrency and cryptocurrency wallets