2021 FBI IC3 Report: Callouts and Learnings

2021 IC3 Report: the FBI received over 847,000 internet crime complaints in 12 months, a year-over-year increase of 7 percent. In the same timeframe, cyber-related losses increased 64 percent.

2021 FBI IC3 Report: Callouts and Learnings

2021 IC3 Report: the FBI received over 847,000 internet crime complaints in 12 months, a year-over-year increase of 7 percent. In the same timeframe, cyber-related losses increased 64 percent.

An image of an FBI agent using a computer.2021 FBI IC3 Report: Callouts and Learnings
Written by:

Tom Cronkright

Read time:

5 minutes

Category:

Cybercrime

Published on:

Mar 22, 2022

Editor's Note: This article refers to findings from the 2021 edition of the report. This report has since been updated. For data from 2023, read our findings.

The FBI’s Internet Crime Complaint Center (IC3) released its 2021 Internet Crime Report, showing another sharp increase in cyber-enabled crime, business email compromise, and phishing scams.  According to the report, last year “Americans experienced an unprecedented increase in cyber attacks and malicious cyber activity” as cyber criminals continued to exploit the COVID-19 pandemic and in-person meeting restrictions to breach telework or virtual communication practices between people.  Business email compromise (BEC) losses grew to a staggering total of $2.4 Billion last year, an increase of 33 percent from the year before.  

Below, you will find a summary of the most important findings and trends from the IC3 report and a list of strategies to protect yourself and your customers from fraud. We also include details on how to recover funds if you or someone you know gets defrauded. You can also download our infographic, "Cybercrime on the Rise: Select Findings from the FBI's 2021 Internet Crimes Report."

IC3 Report Summary 

clock icon with the text "37 seconds. In 2021, a cybercrime was reported once every 37 seconds." Under that an envelope icon with a fishhook through it has this text beside it: "34% increase. There was a 34% increase in phishing attacks from 2020 to 2021.

In total, the IC3 received 847,376  total complaints in 2021, a 7 percent increase from the year before. That’s an average of over 2,300 complaints per day or one every 37 seconds.  

Reported losses due to internet crime totaled $6.9 billion last year, a 64 percent increase from 2020, an alarming statistic given that 2020 was the year of complete disruption due to the COVID-19 pandemic. Of that amount, $2.4 billion, or 35 percent of all reported loss, was attributable to BEC, an increase of 33 percent from the year before.  

Title text that reads "$6.9 Billion was lost to cybercrime in 2021." above a pie chart that shows three sections with the following information: "Business Email Compromise $2.4 Billion or 35%, Ransomware $50.5 Million or 0.7%, and Other $4.3 Billion." Below is a house icon with text that reads "$6.9B is the equivalent of over 17,250 houses stolen! The average house costs $400k."

The average BEC loss continues to increase as well. In 2021, cybercriminals diverted an average of $120,277 per BEC incident, up 29% percent from 2020. BEC holds its position as the largest and fastest-growing cybercrime in the country.

Bar graph illustrating how the average Business Email Compromise (BEC) loss continues to rise steadily. Graph begins on the left with $30k in 2016 and build every year until showing $120k in 2021.

Phishing-related scams were on the rise again last year as well. These scams increased by 34 percent from the year before and a concerning 182 percent from 2019. Last year, cybercriminals saw opportunities to create well crafted and timely phishing campaigns around COVID variants, vaccination requirements, work-from-home policies, and other trends to lure people into clicking fraudulent links or opening malicious attachments and providing account credentials. Armed with email or other sensitive account access, cybercriminals may deploy numerous scams against the account holder or others associated with them.  

Bar graph titled "Phishing Victims," with subtitle "The number of phishing attacks have nearly triples since 2019." Three bars increase from left to right starting with $114K in 2019 then $241K in 2020, and finally $324k in 2021.

Takeaway: Cyber criminals continue to harvest billions of dollars each year from businesses and consumers across the country. With seemingly endless opportunities and ultra-high profit margins per scam, multinational fraud syndicates have a compelling economic incentive to continue investing in the talent, technology, and financial infrastructure to grow their operations. This growing threat will require consumers and businesses to become more educated, engaged, and vigilant on the cyber-risks facing their personal and professional lives.   

Who’s At Risk for Fraud? 

While all age categories reported cybercrime losses, 74 percent came from individuals over the age of 40 showing that the generations holding the most disposable income and wealth in the country continue to be top targets for today’s cybercriminals. Here is a breakdown of losses by age: 

  • Under 20: 14,919 complaints and $101,400,000 in losses 
  • 20-29: 69,390 complaints and $431,100,000 in losses 
  • 30-39: 88,448 complaints and $937,300,000 in losses 
  • 40-49: 89,184 complaints and $1,190,000,000 in losses 
  • 50-59: 74,460 complaints and $1,260,000,000 in losses 
  • Over 60: 92,371 complaints and $1,680,000,000 in losses

What States Reported the Most Victim Losses? 

The IC3 received reports of cybercrime from all 50 states, but here’s a list of the top 10 states where the highest amount of losses were reported: 

  1. California: $1,227,989,139 
  2. Texas: $606,179,646 
  3. New York: $559,965,598 
  4. Florida: $528,573,929  
  5. Pennsylvania: $206,982,032
  6. New Jersey: $203,510,341
  7. Illinois: $184,860,704
  8. Michigan: $181,622,993
  9. Virginia: $172,767,012
  10. Washington: $157,454,331

Real Estate Fraud Losses 

Home prices continue to experience year-over-year double-digit price increases with the median sales price of a home exceeding $400,000 at the end of 2021. Rising home values means bigger opportunities for cyber scammers to divert incoming and outgoing wire transfers of closing funds.   

In 2021, a reported 11,578 people were victimized by real estate-related crimes, a 15 percent decrease from 2020.  Despite the decrease in number of reported victims of real estate-related crimes, the total reported losses totaled $350,328,166, an increase of 64 percent over 2020.  

Historically low housing inventory levels have created a heightened level of stress for home buyers and home sellers. This stress is compounded by a lack of experienced talent in the title and settlement industry to keep pace with the historic demand for purchase and refinance closings in 2021. These factors created an environment where all parties in a real estate transaction became more susceptible to being socially engineered and tricked into sending funds to fraudulent bank accounts. Buyers sending in their closing funds via wire transfer experienced devastating losses in 2021. Similarly, we saw a spike in mortgage payoff fraud as cyber criminals intercepted and manipulated mortgage payoff statements in order to divert the transfer of funds from title companies responsible for settling such loans after closing. 

Recently, we sat down with Krista, a victim of real estate wire fraud. As an educated professional and first-time home buyer, she experienced firsthand the frenzy of the current housing market. After placing offers on multiple properties that were rejected, she finally secured a property but had to wait nearly six months for construction to be complete. She safely sent her earnest money deposit to her title company at the beginning of the transaction, but she was defrauded of her life savings of over $20,000 when a fraudster spoofed her title company and convinced her to wire funds to a fraudulent account. CertifID was able to step in and help her recover a large portion of her funds, but the event could have cost her the ability to close on the home. She shared her story and hopes real estate professionals will help better protect their clients from the same thing happening to them. Hear Krista’s story on being a wire fraud victim.  

Click to register for the To Catch a Fraudster webinar series from CertifID

How to Recover Stolen Funds 

As of March 2024, CertifID’s Fraud Recovery Services team has led over 214 successful funds recovery efforts returning more than $69 million to victims of wire fraud. Unfortunately, this year is off to a staggering start regarding BEC and real estate transactions with evidence of mortgage payoff and buyer cash-to-close wires at risk of being stolen.

Our founder and executive chairman, Thomas Cronkright, is a large title agency owner and a wire fraud victim himself. So he knows firsthand what it is like to experience fraud at the hands of cybercriminals. While we hope it is never the case, we have created a complete guide on how to recover from wire fraud to help provide steps on what to do if you believe you’ve been a fraud victim.  

If you or your customer suspects that funds have been stolen, here are the steps you need to take to recover:  

  • Step 1: Contact your bank and initiate a SWIFT recall on the wire transfer that left your account.
  • Step 2: File a complaint with the FBI’s Internet Crime Complaint Center (IC3). 
  • Step 3: Contact your local FBI or U.S. Secret Service field office and provide the IC3 complaint number. 
  • Step 4: Contact all banks that may have also received your funds. 
  • Step 5: Contact local authorities and file a police report. 
  • Final step: Contact your security team, IT department, or consultant and initiate “The Information Technology Kill Chain.”

If you’re looking for additional information on fraud, make sure to check out our Resources page.

Tom Cronkright

Co-founder & Executive Chairman

Tom Cronkright is the Executive Chairman of CertifID, a technology platform designed to safeguard electronic payments from fraud. He co-founded the company in response to a wire fraud he experienced and the rising instances of real estate wire fraud. He also serves as the CEO of Sun Title, a leading title agency in Michigan. Tom is a licensed attorney, real estate broker, title insurance producer and nationally recognized expert on cybersecurity and wire fraud.

Editor's Note: This article refers to findings from the 2021 edition of the report. This report has since been updated. For data from 2023, read our findings.

The FBI’s Internet Crime Complaint Center (IC3) released its 2021 Internet Crime Report, showing another sharp increase in cyber-enabled crime, business email compromise, and phishing scams.  According to the report, last year “Americans experienced an unprecedented increase in cyber attacks and malicious cyber activity” as cyber criminals continued to exploit the COVID-19 pandemic and in-person meeting restrictions to breach telework or virtual communication practices between people.  Business email compromise (BEC) losses grew to a staggering total of $2.4 Billion last year, an increase of 33 percent from the year before.  

Below, you will find a summary of the most important findings and trends from the IC3 report and a list of strategies to protect yourself and your customers from fraud. We also include details on how to recover funds if you or someone you know gets defrauded. You can also download our infographic, "Cybercrime on the Rise: Select Findings from the FBI's 2021 Internet Crimes Report."

IC3 Report Summary 

clock icon with the text "37 seconds. In 2021, a cybercrime was reported once every 37 seconds." Under that an envelope icon with a fishhook through it has this text beside it: "34% increase. There was a 34% increase in phishing attacks from 2020 to 2021.

In total, the IC3 received 847,376  total complaints in 2021, a 7 percent increase from the year before. That’s an average of over 2,300 complaints per day or one every 37 seconds.  

Reported losses due to internet crime totaled $6.9 billion last year, a 64 percent increase from 2020, an alarming statistic given that 2020 was the year of complete disruption due to the COVID-19 pandemic. Of that amount, $2.4 billion, or 35 percent of all reported loss, was attributable to BEC, an increase of 33 percent from the year before.  

Title text that reads "$6.9 Billion was lost to cybercrime in 2021." above a pie chart that shows three sections with the following information: "Business Email Compromise $2.4 Billion or 35%, Ransomware $50.5 Million or 0.7%, and Other $4.3 Billion." Below is a house icon with text that reads "$6.9B is the equivalent of over 17,250 houses stolen! The average house costs $400k."

The average BEC loss continues to increase as well. In 2021, cybercriminals diverted an average of $120,277 per BEC incident, up 29% percent from 2020. BEC holds its position as the largest and fastest-growing cybercrime in the country.

Bar graph illustrating how the average Business Email Compromise (BEC) loss continues to rise steadily. Graph begins on the left with $30k in 2016 and build every year until showing $120k in 2021.

Phishing-related scams were on the rise again last year as well. These scams increased by 34 percent from the year before and a concerning 182 percent from 2019. Last year, cybercriminals saw opportunities to create well crafted and timely phishing campaigns around COVID variants, vaccination requirements, work-from-home policies, and other trends to lure people into clicking fraudulent links or opening malicious attachments and providing account credentials. Armed with email or other sensitive account access, cybercriminals may deploy numerous scams against the account holder or others associated with them.  

Bar graph titled "Phishing Victims," with subtitle "The number of phishing attacks have nearly triples since 2019." Three bars increase from left to right starting with $114K in 2019 then $241K in 2020, and finally $324k in 2021.

Takeaway: Cyber criminals continue to harvest billions of dollars each year from businesses and consumers across the country. With seemingly endless opportunities and ultra-high profit margins per scam, multinational fraud syndicates have a compelling economic incentive to continue investing in the talent, technology, and financial infrastructure to grow their operations. This growing threat will require consumers and businesses to become more educated, engaged, and vigilant on the cyber-risks facing their personal and professional lives.   

Who’s At Risk for Fraud? 

While all age categories reported cybercrime losses, 74 percent came from individuals over the age of 40 showing that the generations holding the most disposable income and wealth in the country continue to be top targets for today’s cybercriminals. Here is a breakdown of losses by age: 

  • Under 20: 14,919 complaints and $101,400,000 in losses 
  • 20-29: 69,390 complaints and $431,100,000 in losses 
  • 30-39: 88,448 complaints and $937,300,000 in losses 
  • 40-49: 89,184 complaints and $1,190,000,000 in losses 
  • 50-59: 74,460 complaints and $1,260,000,000 in losses 
  • Over 60: 92,371 complaints and $1,680,000,000 in losses

What States Reported the Most Victim Losses? 

The IC3 received reports of cybercrime from all 50 states, but here’s a list of the top 10 states where the highest amount of losses were reported: 

  1. California: $1,227,989,139 
  2. Texas: $606,179,646 
  3. New York: $559,965,598 
  4. Florida: $528,573,929  
  5. Pennsylvania: $206,982,032
  6. New Jersey: $203,510,341
  7. Illinois: $184,860,704
  8. Michigan: $181,622,993
  9. Virginia: $172,767,012
  10. Washington: $157,454,331

Real Estate Fraud Losses 

Home prices continue to experience year-over-year double-digit price increases with the median sales price of a home exceeding $400,000 at the end of 2021. Rising home values means bigger opportunities for cyber scammers to divert incoming and outgoing wire transfers of closing funds.   

In 2021, a reported 11,578 people were victimized by real estate-related crimes, a 15 percent decrease from 2020.  Despite the decrease in number of reported victims of real estate-related crimes, the total reported losses totaled $350,328,166, an increase of 64 percent over 2020.  

Historically low housing inventory levels have created a heightened level of stress for home buyers and home sellers. This stress is compounded by a lack of experienced talent in the title and settlement industry to keep pace with the historic demand for purchase and refinance closings in 2021. These factors created an environment where all parties in a real estate transaction became more susceptible to being socially engineered and tricked into sending funds to fraudulent bank accounts. Buyers sending in their closing funds via wire transfer experienced devastating losses in 2021. Similarly, we saw a spike in mortgage payoff fraud as cyber criminals intercepted and manipulated mortgage payoff statements in order to divert the transfer of funds from title companies responsible for settling such loans after closing. 

Recently, we sat down with Krista, a victim of real estate wire fraud. As an educated professional and first-time home buyer, she experienced firsthand the frenzy of the current housing market. After placing offers on multiple properties that were rejected, she finally secured a property but had to wait nearly six months for construction to be complete. She safely sent her earnest money deposit to her title company at the beginning of the transaction, but she was defrauded of her life savings of over $20,000 when a fraudster spoofed her title company and convinced her to wire funds to a fraudulent account. CertifID was able to step in and help her recover a large portion of her funds, but the event could have cost her the ability to close on the home. She shared her story and hopes real estate professionals will help better protect their clients from the same thing happening to them. Hear Krista’s story on being a wire fraud victim.  

Click to register for the To Catch a Fraudster webinar series from CertifID

How to Recover Stolen Funds 

As of March 2024, CertifID’s Fraud Recovery Services team has led over 214 successful funds recovery efforts returning more than $69 million to victims of wire fraud. Unfortunately, this year is off to a staggering start regarding BEC and real estate transactions with evidence of mortgage payoff and buyer cash-to-close wires at risk of being stolen.

Our founder and executive chairman, Thomas Cronkright, is a large title agency owner and a wire fraud victim himself. So he knows firsthand what it is like to experience fraud at the hands of cybercriminals. While we hope it is never the case, we have created a complete guide on how to recover from wire fraud to help provide steps on what to do if you believe you’ve been a fraud victim.  

If you or your customer suspects that funds have been stolen, here are the steps you need to take to recover:  

  • Step 1: Contact your bank and initiate a SWIFT recall on the wire transfer that left your account.
  • Step 2: File a complaint with the FBI’s Internet Crime Complaint Center (IC3). 
  • Step 3: Contact your local FBI or U.S. Secret Service field office and provide the IC3 complaint number. 
  • Step 4: Contact all banks that may have also received your funds. 
  • Step 5: Contact local authorities and file a police report. 
  • Final step: Contact your security team, IT department, or consultant and initiate “The Information Technology Kill Chain.”

If you’re looking for additional information on fraud, make sure to check out our Resources page.

Tom Cronkright

Co-founder & Executive Chairman

Tom Cronkright is the Executive Chairman of CertifID, a technology platform designed to safeguard electronic payments from fraud. He co-founded the company in response to a wire fraud he experienced and the rising instances of real estate wire fraud. He also serves as the CEO of Sun Title, a leading title agency in Michigan. Tom is a licensed attorney, real estate broker, title insurance producer and nationally recognized expert on cybersecurity and wire fraud.

Getting started with CertifID is easy.

Request a Demo