The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 crimes with potential losses of over $12,5 billion in the U.S. only.
The FBI evaluation also provides a perspective on the global threat in cybersecurity. The leading points in terms of damage caused or ransoms are investment fraud and BEC – Business Email Compromise and not, as suspected, ransomware. IC2000, founded in 3, records all data, such as online fraud, hacker attacks, economic espionage, online extortion, international money laundering, identity theft and a growing list of internet-based crimes.
Advertising
2023: $4,57 billion in damage with investment fraud
In 2023, losses reported from investment fraud were the highest of all crime types tracked by IC3. Investment fraud losses increased from $3,31 billion in 2022 to $4,57 billion in 2023, an increase of 38%. Within these figures, cryptocurrency-related investment fraud increased from $2,57 billion in 2022 to $3,94 billion in 2023, an increase of 53%. The aim of these scams is to lure targets with the promise of lucrative returns on their investments.
BEC – Business Email Compromise: $2,9 billion in damage
🔎 The 2023 FBI Internet Crime Report shows that investment fraud and BEC emails cause the most damage - much more than ransomware.
The 21.489 BEC reports recorded show adjusted losses of over $2,9 billion. BEC is a sophisticated scam that targets both businesses and individuals conducting money transfers. These BEC efforts in the past have included compromised supplier emails, requests for W-2 information, targeted attacks on the real estate sector, and fraudulent requests for large quantities of gift cards.
Advertising
Subscribe to our newsletter now
Read the best news from B2B CYBER SECURITY once a month
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.
CleverReach
This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest.
For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
Ransomware continues to grow at 18 percent
Ransomware incidents continued to be severe and costly in 2023. After a brief downturn in 2022, there were nearly 3.000 ransomware incidents. This represents an 18% increase over 2022. Reported losses increased 74% from $34,3 million to $59,6 million. Cybercriminals continue to adapt their tactics, and the FBI has observed new ransomware trends such as deploying multiple ransomware variants against the same victim and using data destruction tactics to increase pressure on victims to negotiate.
A new expert analysis of the North Korean APT group Void Dokkaebi reveals how the group deliberately uses Russian internet infrastructure to commit crypto thefts. ➡ Read more
The pre-installed ASUS DriverHub software contains a critical security vulnerability that allows remote code execution of malware. Due to the faulty checking of ➡ Read more
According to Symantec, the Play ransomware group and allied groups are using an exploit that targets the zero-day vulnerability CVE-2025-29824. The vulnerability was ➡ Read more
The CVE program, funded by the US government, is considered a crucial component in the global detection of software flaws. Now, funding is to be temporarily suspended. ➡ Read more
The BSI has issued a warning about F5 products, as they contain several highly dangerous security vulnerabilities that should be closed. The BIG-IP ➡ Read more
