Over 300k consumers announced cyber-fraud attacks to the FBI’s Internet Crime Complaint Center (IC3) in 2017, with reported losses exceeding USD 1.4 billion.
Top threats include well-worn trends like whaling, phishing and ransomware, but also tech support fraud, confidence games involving romance themes, non-payment scams and also straightforward extortion.
Whaling, or business email compromise, accounted for adjusted losses of more than USD 675 million, affecting 15,690. In these cases, criminals masquerade as company executives to request a change in account information for wire transfers in order to siphon off money to their own accounts, or to request for personally identifiable information.
In addition, IC3 said for Threat Post that the bad actors are now changing up their tactics to use phishing emails with malicious links or fraudulent account charges to lure their victims. They are also offering new “services,” such as income tax assistance, GPS help, printer support, cable company updates or support for virtual currency exchanges.
The IC3 also uncovered a few “long-cons” that indicate the lengths to which fraudsters will go to scam their marks.
Such an example would be the case of an international investment scheme involving the impersonation of Branch Banking & Trust (BB&T) and JPMorgan Chase executives, the fabrication of US government documents, the creation of fraudulent investment agreements in the name of the banks, and the purchase of luxury vehicles to launder the proceeds of the scheme. It resulted in losses of more than USD 7 million from victims in more than 20 countries.