Internet/Cyber Crime Complaints

A cyber crime is defined as any type of criminal activity committed over the Internet. Cyber crime can be committed against people, the government and property. According to Cyber Crime Watch magazine, nearly three-fourths of all Americans have experienced some sort of cyber crime, whether it be via scam email messages, computer hacking, computer viruses or identity theft.

The CTFs opened 39 OWS investigations in 2015. Approximately 3,650 individual complaints were provided within the 165 referrals and the total victim loss associated with these complaints was approximately $55 million.


Hot Topics for 2015 and 2016


  • Business Email Compromise (BEC)

BEC is defined as a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques to conduct unauthorised transfers of funds.

BEC is linked to other types of criminal activity including romance, lottery, employment, and check scams. Victims of these scams may be used to unknowingly transfer fraudulent funds on behalf of the perpetrators. In 2015, the IC3 received 7,838 BEC complaints with losses of over $263 million


  • Email Account Compromise (EAC)

EAC is a sister scam to BEC (Business Email Compromise). EAC differs from BEC in that it targets individuals or individual professionals instead of businesses.

Some EAC complaints were originally categorized as BEC, but have since further been identified as being 3 Loss is based on adjusted loss. Internet Crime Complaint Center 11 EAC. In 2015, the IC3 received 281 complaints identified as EAC with losses of over $11 million


  • Ransomware

Ransomware is a form of malware that targets both human and technical weaknesses in organizations and individual networks in an effort to deny the availability of critical data and/or systems. Ransomware is frequently delivered through spear phishing emails to end users, resulting in the rapid encryption of sensitive files on a corporate network. When the victim organization determines they are no longer able to access their data, the cyber actor demands the payment of a ransom, typically in virtual currency such as BitCoin, at which time the actor will purportedly provide an avenue to the victim to regain access to their data. Recent iterations target enterprise end users, making awareness and training a critical preventative measure. In 2015, the IC3 received 2,453 complaints identified as Ransomware with losses of over $1.6 million.