A special unit inside the FBI helped victims of cybercrime recover $300 million of the roughly $3.5 billion in reported losses in 2019, according to a top bureau official.
Tonya Ugoretz, a deputy assistant director in the cyber division at the FBI, said Monday the Internet Crime Complaint Center (IC3) responded to more than 467,000 complaints in 2019, up from 351,937 complaints in 2018. Each one of the nearly 500,000 complaints submitted to the FBI was analyzed by an individual human who then determined whether to begin an investigation and, in some cases, try to recover stolen funds, Ugoretz said.
The FBI first quantified the figures from last year in its annual IC3 report, published earlier this month. The same report included details about how reported losses from ransomware attacks doubled in the past year to $8.9 million, though the true figure likely is much higher, and that attacks increasingly are aimed at businesses and the managed service providers who work with dozens of companies, making them an especially valuable target.
“To achieve the maximum possible payout, [scammers] are targeting organizations like managed service providers to target not just one victim at a time, but multiple,” Ugoretz said of attacks against MSPs during a speech at San Francisco CyberTalks, a CyberScoop event. “It’s a difference between stealing a set of keys from one apartment to burglarize it, and stealing the superintendent’s master key to target hundreds of apartments in a building at the same time.”
Of the $3.5 billion reported stolen, some $1.7 billion was taken via business email compromise scams, when attackers use spoofed or hacked emails to impersonate a trusted associate and request financial transfers. In one case, a New Jersey home buyer who believed he was transferring $785,000 to a financial lender to purchase a new property actually sent cash to an imposter masquerading as a bank.
The stolen cash was “small in comparison to the 3.5 billion lost in total, but incredibly significant to this individual,” she said. In this case, personnel from the Recovery Asset team, an IC3 unit established by the FBI in February 2018, acted as a third party who sought to convince the bank in question to recover the stolen funds after thieves distributed the $785,000 into various bank accounts throughout the world.
“This was not an easy case to resolve,” Ugoretz said.
Four months after the theft, the Recovery Asset team had brought $665,000 of the stolen $785,000 back into the victim’s hands, with the understanding that a cyber insurance policy would help replace the remaining cash.