3-20-2022 1:28am

New Jerseyans Lost Over $98 Million to Cybercrime in 2020 – How to Protect Yourself

Chris Connors Editor

The FBI's Internet Crime Complaint Center (IC3) was established in May of 2000 to receive complaints of internet crime.

“Since 2000, the IC3 has received complaints crossing the spectrum of cybercrime matters, to include online fraud in its many forms including Intellectual Property Rights (IPR) matters, Computer Intrusions (hacking), Economic Espionage (Theft of Trade Secrets), Online Extortion, International Money Laundering, Identity Theft, and a growing list of Internet-facilitated crimes.” – Internet Crime Complaint Center

Over 5.6 million complaints have been reported to the IC3 since its inception. Since 2016, the IC3 has received an average of 440,000 complaints per year. The complaints address a wide array of internet scams affecting victims across the globe.

According to a 2020 IC3 Report, the Top 5 reported crimes:

Phishing – a type of social engineering where an attacker sends a fraudulent message designed to trick a person into revealing sensitive information to the attacker or to deploy malicious software on the victim's infrastructure like ransomware.
Non-payment/Non-delivery – In non-payment situations, goods and services are shipped, but payment is never rendered. In non-delivery situations, payment is sent, but goods and services are never received.
Extortion – Unlawful extraction of money or property through intimidation or undue exercise of authority. It may include threats of physical harm, criminal prosecution, or public exposure.
Personal Data Breach – A leak/spill of personal data which is released from a secure location to an untrusted environment. Also, a security incident in which an individual’s sensitive, protected, or confidential data is copied, transmitted, viewed, stolen, or used by an unauthorized individual.
Identity Theft – Someone steals and uses personal identifying information, like a name or Social Security number, without permission to commit fraud or other crimes and/or (Account Takeover) a fraudster obtains account information to perpetrate fraud on existing accounts.

Common Scams of 2020…

The year 2020 will forever be remembered as the year of the COVID-19 pandemic.

The global impact was unlike anything seen in recent history, and the virus permeated all aspects of life.

Fraudsters took the opportunity to exploit the pandemic to target both businesses and individuals.

In 2020, the IC3 received over 28,500 complaints related to COVID-19.

Fraudsters targeted the Coronavirus Aid, Relief, and Economic Security Act (CARES Act), which included provisions to help small businesses during the pandemic.

The IC3 received thousands of complaints reporting emerging financial crime revolving around CARES Act stimulus funds, specifically targeting unemployment insurance, Paycheck Protection Program (PPP) loans, and Small Business Economic Injury Disaster Loans, as well as other COVID-related fraud.

Most of the IC3 complaints related to CARES Act fraud involved grant fraud, loan fraud, and phishing for Personally Identifiable Information (PII).

Complaints have been filed from citizens in several states describing fraudulently submitted online unemployment insurance claims using their identities.

Many victims of this identity theft scheme did not know they had been targeted until they attempted to file their own legitimate claim for unemployment insurance benefits.

At that time, they received a notification from the state unemployment insurance agency, received an IRS Form 1099-G showing the benefits collected from unemployment insurance, or were notified by their employer that a claim had been filed while the victim is still employed.

Protecting yourself from scammers…

People are encouraged to protect themselves from scammers by:

Using extreme caution in online communication. Verify the sender of an email. Criminals will sometimes change just one letter in an email address to make it look like one you know. Also, be very wary of attachments or links. Hover your mouse over a link before clicking to see where it is sending you.
Questioning anyone offering you something that is “too good to be true” or is a secret investment opportunity or medical advice.
Relying on trusted sources, like your own doctor, the Center for Disease Control, and your local health department for medical information and agencies like the Federal Trade Commission and Internal Revenue Service for financial and tax information.

One of the most prevalent schemes seen during the pandemic has been government impersonators. Criminals are reaching out to people through social media, emails, or phone calls pretending to be from the government.

The scammers attempt to gather personal information or illicit money through charades or threats.

As the response to COVID-19 turned to vaccinations, scams emerged asking people to pay out of pocket to receive the vaccine, put their names on a vaccine waiting list, or obtain early access.

Fraudulent advertisements for vaccines popped up on social media platforms, or came via email, telephone calls, online, or from unsolicited/unknown sources.

Do not give out your personal information to unknown sources. If you are a victim of an online crime involving COVID-19, report it.

BEC and financial transactions…

Business Email Compromise (BEC) is a sophisticated scam targeting businesses and individuals performing transfers of funds.

BEC/EAC scams routinely began with the hacking or spoofing of the email accounts of chief executive officers or chief financial officers, and fraudulent emails were sent requesting wire payments be sent to fraudulent locations.

Over the years, the scam evolved to include compromise of personal emails, compromise of vendor emails, spoofed lawyer email accounts, requests for W-2 information, the targeting of the real estate sector, and fraudulent requests for large amounts of gift cards.

In 2020, the IC3 received 19,369 BEC complaints with losses of over $1.8 billion. IC3 also observed a significant increase in BEC complaints related to the use of identity theft and funds being converted to cryptocurrency.

Overall, in 2020 the FBI's IC3 received over 2,000 internet crime complaints every day with over $4.2 billion in victim losses for the year.

41% of internet crime reports came from victims over 50-years of age. Of the billions in losses, victims over 60-years-old lost a reported +$9.66 million.