Email Security Blog

The FBI’s Latest Report on Cybercrime: What You Need to Know

The FBI’s Internet Crime Complaint Center (IC3) has its hands full. As the nation’s direct outlet for reporting cybercrimes, the team has received more than 6.5 million complaints since its inception in 2000. Aside from handling reports of cybercrime, the agency is also responsible for alerting the public of apparent cyberthreats, collecting and analyzing cybercrime data, assisting in the recovery of assets, and much more.

As you might imagine, the numbers are staggering. In the last five years, the U.S. has seen a steady increase in the number of incidents, the average loss per incident, and the total annual loss reported. In 2021, damages from cyberattacks totalled $6.9 billion – which represents an increase of 64.3% from the prior year.

Businesses across the country and in every major sector have been victims of cybercrime. If you’re considering exploring ways to better protect your company from these types of threats, here are a few 2021 cybercrime statistics from the FBI’s most recent report that might persuade you to do so:

  • For the third year straight, Phishing is the most commonly used tactic by cybercriminals.
  • In 2021, with more than 323,000 victims, phishing attacks represented 38.2% of all reported cybercrimes.
  • Business Email Compromise (BEC) losses totalled nearly $2.4 billion. BEC also known as Email Account Compromise (EAC) involves the unauthorized transfer of funds.
  • 2021 thefts involving cryptocurrency increased seven times over prior year totals and accounted for more than $1.6 billion in total losses.
  • Ransomware saw adjusted losses of more than $49.2 million and included members of critical infrastructure sectors.
  • Malware and virus incidents accounted for $5.6 million in losses.
  • While corporate data breaches were down in 2021, they still accounted for $151.6 million in losses. Per breach, losses were more than $117,700.
  • Fraudulent tech support scams accounted for almost $348 million in losses.
  • 14 of the U.S.’s 16 critical infrastructure sectors fell victim to a ransomware attack in 2021, with the top three sectors being Healthcare and Public Health, Financial Services, and Information Technology.
  • Spoofing or impersonation cyber scams saw total losses of $82.2 million.
  • The U.S. reports more victims of cybercrime than any other country. Second in line is the United Kingdom, though they have nearly 267 million fewer citizens.
  • The top four states with the highest number of victims were also those to report the highest financial losses. They include California (1.228B), Florida ($528.6M), Texas ($606.2M), and New York ($560M).
  • Government impersonations were particularly successful, averaging losses of $12,584 per incident.
  • Of those tracked, 36,034 cybercrimes were committed with the help of social media.

There is some good news, thanks to the IC3’s Recovery Asset Team (RAT). According to the FBI, the RAT functions as a liaison between law enforcement and financial institutions supporting statistical and investigative analysis. Their successful investigative and recovery efforts in 2021 led to the recovery of $328.32 million in stolen funds. Of course, while hundreds of thousands of dollars are recovered by law enforcement each year, the majority of the money is lost. And while the FBI and IC3 teams are to be applauded, the key message here is that prevention is much wiser than recovery.

If you want to protect yourself and your company from making the list of IC3 cybercrime statistics in the coming years, you need to consider INKY. Whether you are using Microsoft 365, G-Suite, Microsoft Exchange, or another email solution, INKY is the industry’s best solution for the security of your email.

INKY offers a relentlessly effective level of email security, capable of detecting and stopping phishing threats – including all types that made the FBI’s list last year. INKY’s powerful combination of computer vision, artificial intelligence (AI), and machine learning sit downstream from Secure Email Gateways (SEGs) to search for signs of fraud and catch phishing attacks that other email security programs miss. From there, INKY injects an HTML banner with one or more of nearly 60 warning messages to educate the recipient with specifics of the threat. INKY also works on any device and can be implemented quickly, regardless of whether your employees work at the office or remotely.

Based on the current trajectory, cybercrime in 2022 is sure to outpace that of 2021. Take the next best step today and learn more about what INKY can do to protect you. Schedule a free demonstration today.


INKY is an award-winning, cloud-based email security solution developed to proactively eliminate phishing emails and malware while simultaneously providing real-time assistance to employees handling suspicious emails so they can make safer decisions. INKY’s patented technology incorporates sophisticated computer vision, machine learning models, social profiling, and stylometry algorithms to effectively sanitize emails, rewrite malicious links, detect and block security threats, mitigate sender impersonation, and more. Cost-effective and powerful, the INKY platform was developed for mobile-first IT organizations and works seamlessly on any device, operating system, and mail client. Learn more about INKY™ or request an online demonstration today.

Data found in this article was retrieved from the IC3’s Annual 2021 Report.