Cyber Losses Hit $6.9B in 2021

America experienced an unprecedented increase in cyberattacks and malicious cyber activity as U.S. consumers lost $6.9 billion to internet crime in 2021, according to the latest report from the FBI’s Internet Crime Complaint Center (IC3).

According to the report, the FBI received 847,376 cybercrime complaints in 2021, an increase of 7 percent from the year before. That amounts to one complaint every 37 seconds. Losses relating to Business Email Compromise (BEC) and Email Account Compromise (EAC) increased by 33 percent over the previous year, with the per-incident loss increasing from $92,932 in 2020 to $120,277 in 2021. BEC and EAC scams accounted for nearly 35 percent of all losses reported to the IC3 in 2021.

Real estate/rental cybercrime losses reached $350 million in 2021, up from $213 million in losses in 2020. The number of victims, however, decreased to 11,578 from 13,638 in 2020.

“Companies in the title and settlement industry continue to follow policies and procedures to help safeguard real estate funds,” Dian Tomb, ALTA’s chief executive officer. “Unfortunately, cyber criminals continue to get smarter and are focused on larger amounts to divert to fraudulent accounts. Homebuyers paying cash for properties may have a higher risk of being tricked into sending funds to fraudulent accounts. Working with our partners involved in the real estate transaction, along with government officials, our members continue to educate people about how they can protect their money when purchasing a home or refinancing a mortgage, so they continue to trust and have confidence in our digital world.”

ALTA’s advocacy team recently secured a  win on the crucial legislative priority of wire fraud in real estate. Report language ALTA requested was included in the 2022 Omnibus Appropriations bill, which was recently passed by Congress and signed into law. This language directs the FBI to release a public report on the threat of BEC scams and to increase collaboration with industry and other private sector partners.

“We are eager to continue work with federal agencies on this issue and help the title insurance industry deal with the onslaught of these scams that harm consumers,” Tomb said. “These efforts build on ALTA’s strategic priority to address threats to our customers’ privacy and investment.”

Cybercrime was reported across all age groups but victims over the age of 40 accounted for 74 percent of reported losses. As the real estate sector was hit hard by BEC and EAC scams last year, victims between the ages of 20 and 29 reported losses that were 118 percent higher than the prior year—the greatest increase of all age groups tracked in the report. This age group accounts for a large portion of first-time home buyers and work-from-home employees, which may account for the sharp year-over-year increase.

A low inventory level for existing homes has created one of the tightest housing markets in U.S. history, which adds stress to buyers seeking to enter the market. By the end of the process, buyers are often fatigued and exhausted, making them more susceptible to falling victim to a wire fraud as they are asked to send money for their closing. Education, awareness and securely exchanging wiring instructions can help lower the wire fraud risk. 

“Buyers are under tremendous pressure to present the most competitive offer possible, or they face losing the opportunity to secure a home,” said Tom Cronkright, executive chairman of CertifID. “This has resulted in more buyers paying cash for properties, which places their closing funds at risk of being stolen by wire fraud scams.”

Reports of cryptocurrency being used in cyber-related crime increased by nearly 550, percent as reported losses climbed from $246 million in 2020 to $1.6 billion in 2021.  Cryptocurrency is becoming the preferred method of payment for all types of cyber scams according to the report. 

Ransomware experienced another sharp increase in reported losses, which totaled $49.2 million – a 69 percent increase over 2020.  The three most common ransomware variants that targeted critical infrastructure companies were CONTI, LockBit and REvil/Sodinokibi according to the FBI. 

“These cyberattacks compromised businesses in an extensive array of business sectors as well as the American public,” said Paul Abbatte, deputy director of the FBI. “As the cyber threat evolves and becomes increasingly intertwined with traditional foreign intelligence threats and emerging technologies, the FBI continues to leverage our unique authorities and partnerships to impose risks and consequences on our nation’s cyber adversaries.”