Americans lost over $4.2 billion to cybercrime in 2020 — here’s how to keep yourself safe
Nicole Johnson •
Cybercrimes continue to grow in number. The FBI’s Internet Crime Complaints Center (IC3), founded in 2000, received an astounding number of complaints in 2020: 791,790. The loss associated with these complaints was staggering, coming in excess of $4.1 billion.
To help provide a clear picture of cybercrime and its impact, Twingate looked at data from the FBI’s IC3. The top-10 crime types with the highest monetary losses were selected from the FBI’s Internet Crime Complaints Center’s (IC3) Internet Crime Report 2020. The number of total victims was also included for each of the 10 crime types.
An IC3 analyst reviews and categorizes each of these complaints. The top cybercrime reported to the IC3 in 2020 was phishing/vishing/smishing/pharming. There was a significant amount of fraud around the Coronavirus Aid, Relief, and Economic Security Act (CARES Act). The age group with the highest rate of victimization, according to the number of complaints, were those over 60 with 105,301, with a total loss of $966,062,236.
While cybercrime is extremely prevalent, continued awareness surrounding online activities remains critical to protect yourself. Read on to find out more about the top cybercrimes in 2020 and what steps you can take to stay safe.
ZTNA: What is Zero Trust Network Access?
Credit card fraud
- Total loss in 2020: $129,820,792
- Total victims in 2020: 17,614
According to the FBI, “Credit card fraud is the unauthorized use of a credit or debit card, or similar payment tool (ACH, EFT, recurring charge, etc.), to fraudulently obtain money or property.” Criminals can gain access to credit and debit card information in identity theft schemes or by stealing them from websites that aren’t secure. Anyone can be targeted when it comes to credit card fraud.
A digital payment survey by American Express found 42% of consumers reported having been a victim of credit card fraud with someone attempting to use their credit card or other payment information. Protection comes with vigilance and taking steps like only purchasing from reputable sources and ensuring transactions are secure when sending credit card information via the internet. Other steps to protect yourself include not sharing credit card numbers, reviewing your monthly credit card bill, setting up text alerts on your phone so you receive reports of suspicious credit card activity, and trusting your instincts—if something appears too good to be true, it probably is.
Tech support fraud
- Total loss in 2020: $146,477,709
- Total victims in 2020: 15,421
This type of fraud can occur when a tech support scammer reaches out to offer services to protect or fix your computer. They may try to entice consumers to click on pop-ups that warn of security issues and provide a phone number to call. They may also ask for access to your computer or credit card information.
According to the Internet Crime Report 2020, at least 66% of the victims of this type of fraud were over the age of 60. The best way to protect yourself from this type of scam is to ignore pop-ups and avoid calling any numbers, restarting your computer, or clicking on any links. They could contain malware that allows scammers to access your computer or credit card information.
Personal data breach
- Total loss in 2020: $194,473,055
- Total victims in 2020: 45,330
A personal data breach is a security breach where protected, sensitive, or confidential information is transmitted, processed, stolen, or viewed by an individual or party who is not authorized to do so. Many types of personal information can be compromised in a breach such as credit card information, email addresses, and other sensitive information. Data breaches can happen when a hacker accesses a computer and steals files, through ransomware or malware attacks, phishing scams, or denial of service.
Preventing a personal breach is possible though. Creating complex passwords and changing them frequently, setting up account alerts, using multifactor authentication, and shopping with a credit card are all helpful steps to prevent such breaches and to keep your personal information safe.
Zero Trust vs. VPNs: It’s Time to Kill Your VPN
Real estate fraud
- Total loss in 2020: $213,196,082
- Total victims in 2020: 13,638
Loan flipping is a predatory practice that happens when a lender convinces a homeowner to repeatedly refinance their mortgage, accruing high fees and points with each refinance. It is just one type of real estate fraud to watch out for. Escrow wire fraud, rental scams, moving scams, and foreclosure relief also qualify as real estate fraud.
Homebuyers and real estate agents should be especially diligent. Keep personal information secure, use licensed lenders and realtors for all transactions, never pay upfront fees for home services, and educate yourself on how to spot a scam. Be aware of anyone pressuring you to make quick decisions, and be wary of improper documentation and requests for wire transfers of large sums of money.
- Total loss in 2020: $216,513,728
- Total victims in 2020: 28,218
Spoofing occurs when a cybercriminal attempts to present themselves as another person, company, or entity, such as a trusted source like a bank, to gain access to personal information or commit other malicious acts. They can do this in a variety of ways from spoofing websites, phone numbers, and email addresses to spoofing Domain Name Servers (DNS), Address Resolution Protocol (ARP), or IP addresses.
To detect website spoofing, make sure the website uses the HTTPS encryption prefix and includes a padlock, and look for errors in spelling or broken links, or suspicious contact information. Email spoofing can also be detected by looking for errors or suspicious-looking attachments or links, which should not be clicked. Protecting yourself from this type of cybercrime means remaining aware, regularly changing passwords, calling and following up before submitting personal information online, and avoiding opening attachments or clicking on links that appear suspicious.
Principle of Least Privilege: How to Stop Hackers in Their Tracks
- Total loss in 2020: $219,484,699
- Total victims in 2020: 43,330
Identity thieves steal personal information using various methods, including malware, social engineering, and phishing. Once they have this information, they take over the person’s identity and conduct malicious and fraudulent activities like applying for jobs, and opening credit cards and other accounts, in that person’s name.
During the COVID-19 pandemic, unemployment benefits were a target for identity thieves. There are several types of identity theft including tax, financial, medical, senior, employment, and even child. Protection comes with awareness, and there are several simple steps people can take to stay safe. Monitor your credit, use passwords that are not easy to guess and change them often, use security software on your computer, and use a digital wallet.
Non-payment and non-delivery scams
- Total loss in 2020: $265,011,249
- Total victims in 2020: 108,869
These cyberscams were the second most reported crime, according to the FBI’s IC3. Non-delivery occurs when paid-for items aren’t received. Non-payment occurs when items aren’t paid for even though they have been shipped.
Avoid getting caught in these types of scams by securing tracking numbers when ordering online, only buying from reputable websites that utilize the HTTPS encryption prefix, being cautious when purchasing merchandise from outside your country, using credit cards to pay for things online—and making sure to always check credit card statements. Experts suggest using extra caution online during the holidays.
- Total loss in 2020: $336,469,000
- Total victims in 2020: 8,788
The illegal or purported sale of financial instruments is considered investment fraud, according to the FBI. Ponzi schemes, pyramid schemes, advance fee schemes, and market manipulation are all types of investment fraud. Scammers often target elderly people—particularly older men who take risks—because they tend to have pensions and other retirement plans, according to a research study by AARP. Affinity fraud is another type of investment scam that targets members of specific groups like ethnic or religious communities.
To protect yourself and your investments, do your research and only work with companies and professionals that are legitimate. When dealing with countries outside of the one you live in, be cautious, make sure to understand terms and conditions, and do not be afraid to ask questions.
- Total loss in 2020: $600,249,821
- Total victims in 2020: 23,751
Confidence fraud finds a scammer assuming an online identity to befriend someone or forge a personal connection. The scammer can gain the victim’s trust over months or years before attempting to access their bank account or other personal information, or ask them for money or gifts. One such scam involves an offer of free money. Elderly people are a common target for such scams, according to the FBI, who believe that this may be due to their trusting nature, their potential financial savings, and the fact they often don’t report the crime because they don’t know how to or they are ashamed.
Never give financial information to anyone you haven’t met face-to-face or whom you’ve only met online, and take the time to check out whether the person connecting with you is legitimate. One way to do this is by performing a reverse image search on photos.
- Total loss in 2020: $1,866,642,107
- Total victims in 2020: 19,369
Weak passwords, clicking on malicious links, or downloading a file or app you shouldn’t can lead to a compromised email—as can phishing scams or forgetting to log out on a shared computer. A hacked email also increases the risk for other types of fraud like credit card or bank account fraud or identity theft. Once your email is compromised, hackers can take over and log you out of your own email or use your email to send spam or other malicious content to your email contacts or to access accounts.
Criminals target both businesses and individuals in this type of scam, but there are several steps to prevent a compromised email. Make sure to log out of your email account everywhere, especially on public computers. Block phishing and spoofing attempts by typing a website’s URL instead of entering through an email link, use caution at public hotspots, and don’t log into email or other unsecured sites. Additionally, never open email attachments that appear suspicious or that are from people you do not know.