In its latest report, the FBI’s Internet Crime Complaint Center revealed that cybercriminals and scammers stole a record $16.6 billion from Americans in 2024, marking a 33% rise from 2023.
The FBI’s Cyber Division deputy assistant director, Cynthia Kaiser, stated that this figure is likely an underestimation of the true extent of losses from cyber-enabled fraud and scams.
FBI officials confirmed that the reported figure only reflects information and complaints submitted by victims to the IC3, meaning it may not represent the full scope of cybercrime losses.
In 2024, the IC3 received 859,532 complaints about scams, fraud, and other internet crimes. Nearly 83% of the reported losses were attributed to cyber-enabled fraud, which often involved theft of money, data, or identity, or the creation of counterfeit goods and services.
The report highlighted that victims aged 60 and older were the most affected group, with over $4.8 billion in losses reported across more than 147,000 complaints, marking an increase of over 40% compared to 2023.
The report also highlighted that ransomware continued to be the biggest threat to U.S. critical infrastructure in 2024, with complaints increasing by 9% from 2023.
In response to high-profile cyberattacks, federal authorities have urged companies and organizations to strengthen their security measures.
“As nearly all aspects of our lives have become digitally connected, the attack surface for cyber actors has grown exponentially,” the FBI’s Operations Director for Criminal and Cyber B. Chad Yarbrough wrote in the report.
“Scammers are increasingly using the Internet to steal Americans’ hard-earned savings,” Yarbrough added. “And with today’s technology, it can take mere taps on a keyboard to hijack networks, cripple water systems, or even rob virtual exchanges.”
Federal authorities have emphasized that cybercrime poses a “significant and growing threat” to the nation’s national and economic security.
The IC3 report also confirmed that ransomware remains “the most pervasive threat to critical infrastructure.”
“The most reported cyber threats among critical infrastructure organizations were ransomware and data breaches,” the report added.
According to the FBI, ransomware is a type of malicious software that locks a target’s computer files, systems, or networks until a ransom is paid.
Ransomware attacks are one of several types of cyberattacks targeting critical infrastructure, which includes 16 sectors such as chemical plants, communications, energy, food production, transportation, and water systems.
The Cybersecurity and Infrastructure Security Agency (CISA) stated that the “incapacitation or destruction” of critical infrastructure would have a debilitating impact on public health and security.
According to Kaiser, the top sectors targeted by cyberattacks in 2024 were critical manufacturing, healthcare, government facilities, financial services, and information technology.
The FBI expressed concern over the rise in ransomware complaints, especially in light of several high-profile international law enforcement operations aimed at ransomware operators and cybercrime forums in 2024.
“(In 2024), the FBI took significant actions to make it harder, and more costly, for malicious actors to succeed,” Yarbrough wrote in the report. “We dealt a serious blow to LockBit, one of the world’s most active ransomware groups. Since 2022, we have offered up thousands of decryption keys to victims of ransomware, avoiding over $800 million in payments.”
