The FBI’s Internet Crime Complaint Center reported a record $16.6 billion in cybercrime losses in 2024, representing a significant increase of 33% compared to the previous year. The IC3 Internet Crime Report 2024 highlighted that the majority of these losses stemmed from cyber-enabled fraud, accounting for 38% of complaints and a staggering 83% of the total recorded losses.
Among the various types of internet crimes, investment fraud emerged as the most costly for the third consecutive year, amounting to $6.5 billion in losses. This marked a significant surge from $4.5 billion in 2023. Following closely behind was business email compromise (BEC) at $2.7 billion, which saw a slight decline from the previous year’s $2.9 billion in losses. Tech support scams and personal data breaches also contributed substantially to the overall financial toll, each amounting to $1.4 billion in losses.
Despite the rise in cybercrime losses, the FBI noted with concern that significant efforts had been made in the previous year to impede malicious actors and increase the costs of their activities. However, these measures did not seem to deter cybercriminals as much as anticipated, leading to the continued escalation of financial losses due to various forms of internet crime.
In a surprising turn of events, while ransomware attacks witnessed an increase in reported incidents in 2024, the losses incurred from these attacks plummeted significantly compared to the previous year. Ransomware attack reports to the FBI surged to 3156, up from 2825 in 2023. Despite ransomware being identified as the most prevalent threat to critical infrastructure, the reported losses decreased from $59.6 billion in 2023 to $12.4 billion in 2024.
This decline in ransomware losses resonated with findings from other recent research studies. Chainalysis reported a 35% decrease in ransomware payments in 2024, while Blackfog highlighted a record-breaking quarter for disclosed ransomware attacks in Q1 2025, with victims increasingly resisting payment demands. Possible reasons for this resistance include improved cyber resiliency among organizations, allowing them to explore alternative recovery options before resorting to paying a ransom.
Moreover, law enforcement actions targeting prominent ransomware groups such as LockBit resulted in a fragmented ransomware landscape dominated by smaller groups and independent actors. This shift in focus from high-value targets to smaller entities has contributed to the changing dynamics of ransomware attacks and payment trends.
The FBI’s identification of 67 new ransomware variants in 2024, including prominent ones like Fog, Lynx, Cicada 3301, Dragonforce, and Frag, underscores the evolving nature of cyber threats and the challenges faced by law enforcement agencies in combating cybercrime. Despite efforts to curb illicit activities, the resilience and adaptability of cybercriminals continue to pose a significant threat to individuals, organizations, and critical infrastructure.