The FBI’s Internet Crime Complaint Center (IC3) reported an increase in the number of complaints from 301,580 in 2017 to 351,000 in 2018, with losses exceeding $2.7 Billion.

Over the years of 2014 to 2018, IC3 received a total of 1,509,679 complaints and a total loss of $7.45 billion. Hot topics included Business Email Compromise (BEC), Payroll Diversion scam, tech support fraud and extortion. 

Business Email Compromise: 

The IC3 received 20,373 BEC/E-mail Account Compromise (EAC) complaints with adjusted losses of over $1.2 billion. In 2018, the IC3 received an increase in the number of BEC/EAC complaints requesting victims purchase gift cards. The victims received a spoofed email, a spoofed phone call or a spoofed text from a person in authority requesting the victim purchase multiple gift cards for either personal or business reason. 

Payroll Diversion Scams:

In 2018, the IC3 received approximately 100 complaints with a combined reported loss of $100M. In the Payroll Diversion scam, cybercriminals target employees through phishing emails designed to capture an employee’s login credentials. Institutions most affected by this scam have been education,
healthcare and commercial airway transportation.

Tech Support Fraud:

Tech support fraud continues to be a growing problem. In 2018, the IC3 received 14,408 complaints related to tech support fraud from victims in 48 countries. The losses amounted to nearly $39 million, which represents a 161 percent increase in losses from 2017. The majority of victims reported to be over 60 years of age.


In 2018, the IC3 received 51,146 extortion-related complaints with adjusted losses of over $83 million which represents a 242 percent increase in extortion related complaints from 2017. Extortion occurs when a criminal demands something of value from a victim by threatening physical or financial harm or the release of sensitive data. Extortion is used in various schemes reported to the IC3, including Denial of Service attacks, government impersonation schemes and high-profile data breaches.