IC3 Annual Report – 2022 Internet Crime Report

Dear Reader,

Today’s cyber landscape has provided ample opportunities for criminals and adversaries to target U.S. networks, attack our critical infrastructure, hold our money and data for ransom, facilitate large-scale fraud schemes, and threaten our national security. At the FBI, we know “cyber risk is business risk” and “cyber security is national security.” There is no shortage of recent examples showing the wide-ranging economic and national security effects of cyber crimes. We have seen cyber threats emanate from around the world and witnessed the scope and sophistication of these scams and attacks deepen. As these threats increase, we continue to encourage victims to report cyber incidents and cyber-enabled frauds to the FBI so that we may impose risks and consequences on malicious cyber actors.

Because cyberattacks and cyber-enabled frauds continue to affect our everyday lives, the FBI’s Internet Crime Complaint Center (IC3) is critical to combatting the cyber threat. The IC3 serves as a public resource to submit reports of cyberattacks and incidents, which allows us to collect data, identify trends, and pursue the threat at hand. In 2022, the IC3 received 800,944 complaints, which is a 5 percent decrease from 2021. However, the potential total loss has grown from $6.9 billion in 2021 to more than $10.2 billion in 2022.

While the number of reported ransomware incidents has decreased, we know not everyone who has experienced a ransomware incident has reported to the IC3. As such, we assess ransomware remains a serious threat to the public and to our economy, and the FBI and our partners will remain focused on disrupting ransomware actors and increasing the risks of engaging in this activity. In concert, the public can play a crucial role by taking proactive measures to prevent and prepare for a potential cyber attack and, if there is an incident, by reporting it to the FBI through the IC3. Though cybercriminals are continuously seeking to make their attacks more resilient, more disruptive, and harder to counter, public reporting to the IC3 helps us gain a better understanding of the threats we face daily.

The FBI’s commitment to assisting victims of cyber crimes and cyber-enabled frauds, as well as our dedication to working with partners to combat these crimes, allows for continued success through programs such as the IC3’s Recovery Asset Team (RAT). Established in 2018, RAT streamlines communications with financial institutions and FBI field offices to assist freezing of funds for victims. In 2022, RAT initiated the Financial Fraud Kill Chain (FFKC) on 2,838 Business Email Compromise (BEC) complaints involving domestic-to-domestic transactions with potential losses of over $590 million. A monetary hold was placed on approximately $433 million, which represents a 73 percent success rate. In 2022, RAT saw a 64 percent increase in FFKCs initiated compared to 2021.

While the cyber threat is ever-growing, the FBI remains appreciative of those individuals and entities who report cyber incidents to the IC3, as that valuable information helps fill in gaps that are crucial to advancing our investigations. Your efforts are critical to our ability to pursue the perpetrators and share intelligence to protect your fellow citizens. Cyber is the ultimate team sport, and we are in this fight together. The FBI is relentlessly focused on promoting safety, security, and confidence into our digitally connected world, and we are eager to continue working with the American public to bring cybercriminals to justice around the globe.

Timothy Langan
Executive Assistant Director
Federal Bureau of Investigation

Read the full report here: https://www.ic3.gov/Media/PDF/AnnualReport/2022_IC3Report.pdf