2022 FBI IC3 Report Shows $2.7 Billion in Losses from Business Email Compromise

Discover the biggest takeaways about business email compromise, pig butchering, and phishing from the 2022 FBI Internet Crime Report.
March 13, 2023

Ransomware attacks might be what makes the biggest headlines, but year after year one attack type remains a leading culprit for massive financial losses: business email compromise (BEC).

Last week, the FBI released its 2022 Internet Crime Report, which summarizes major cyber threat trends from the prior year and breaks down total losses and victim counts for a variety of different cybercrimes.

One important takeaway? More than a quarter of the $10.9 billion in losses reported to the FBI Internet Crime Complaint Center (IC3) was directly attributable to BEC. Read on for more highlights from this year’s report.

The Threat of Business Email Compromise Continues to Grow

First discussed in the 2015 Internet Crime Report, business email compromise (BEC) was the leading cause of financial losses for seven straight years. And while it was dethroned by investment fraud in the most recent report, these attacks were still responsible for $2.7 billion in total losses in 2022—a year-over-year increase of 14.5%.

FBI IC3 Financial Losses Attributable to BEC

Over the past five years, losses from BEC attacks have more than doubled, growing by a staggering 111% between 2018 and 2022. And in the eight years since the FBI IC3 began reporting on BEC, total losses have risen by more than 10x.

Additionally, although investment fraud recorded the highest total losses in 2022, the average amount lost per BEC attack was higher, at just over $125,600—a 300% increase since 2015.

FBI IC3 Average Losses per BEC Attack

Clearly, threat actors are continuing to see success with BEC attacks, which is why we can expect consistent growth in business email compromise for the foreseeable future.

Pig Butchering: An Emerging Type of Investment Fraud You Should Know

Investment fraud is nothing new. Indeed, Ponzi schemes have been around for over a century. But with the increasing pervasiveness of cryptocurrencies throughout the past few years, a new type of investment scam with especially costly consequences has been picking up steam: pig butchering.

Combining investment fraud and social engineering, pig butchering involves tricking targets into making large cryptocurrency investments through fake platforms over the course of several weeks or months. Once the bad actor has “fattened up the pig” (i.e., convinced the target to deposit all of their money into the account), they move forward with “butchering”—withdrawing the funds, closing the account, and blocking the target.

While pig butchering is just one type of investment fraud, its growing popularity along with its potential for higher-than-average payouts likely makes it a major contributing factor to the startling spike in losses attributed to investment scams in recent years. Between 2021 and 2022, the total losses due to investment fraud grew by 127%—from about $1.5 billion to $3.3 billion.

Phishing is Once Again the Most Common Cybercrime

In terms of total losses, phishing falls squarely in the bottom third of all attack types tracked by the IC3. However, what organizations must remember is that phishing is frequently just the first step in a variety of crimes.

Legacy technologies like secure email gateways (SEGs) can stop simple phishing attacks that contain obviously malicious links or attachments, but more advanced phishing messages often easily bypass SEGs. And when an employee engages with a phishing email, it puts the organization at considerable risk, as the information acquired enables threat actors to launch more damaging attacks like BEC, account takeover, and ransomware.

Its success as a “foot in the door” tactic is likely why phishing has been the most common cybercrime reported to the IC3 since 2019.

FBI IC3 Percentage of All Incidents Reported to IC3

And as threat actors have continually found new ways to make phishing attacks more convincing, the number of victims has steadily increased since 2019, only slightly declining between 2021 and 2022.

FBI IC3 Phishing Incidents Reported to IC3

The Need for a Modern Approach to Cybersecurity

What the 2022 Internet Crime Report drives home is how serious the threat of social engineering attacks has become and, as a result, how crucial it is for organizations to invest in innovative technology that can combat these attacks.

Modern cybercriminals are constantly refining their techniques and increasingly leveraging the same business tools that today’s organizations use to identify targets, source information, and craft convincing emails that allow them to trick employees. That means if your company is still relying on solutions that take an approach to email security that essentially hasn’t been updated in nearly two decades, you’re at a significant (and unnecessary) disadvantage.

The most effective way to protect your organization from sophisticated, socially-engineered threats like business email compromise is to implement intelligent email security technology that combines cutting-edge behavioral science with risk-adaptive detection.

See how Abnormal’s cloud email security solution detects and prevents the malicious emails that bypass traditional solutions. Schedule your demo today.

Schedule a Demo
2022 FBI IC3 Report Shows $2.7 Billion in Losses from Business Email Compromise

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.


See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email attacks with Abnormal.

Integrates Insights Reporting 09 08 22

Related Posts

B 1500x1500 Adobe Acrobat Sign Attack Blog
Attackers attempt to steal sensitive information using a fraudulent electronic signature request for a nonexistent NDA and branded phishing pages.
Read More
B 4 15 24 RBAC
Discover how a security-driven RBAC design pattern allows Abnormal customers to maximize their user setup with minimum hurdles.
Read More
B 4 10 24 Zoom
Learn about the techniques cybercriminals use to steal Zoom accounts, including phishing, information stealers, and credential stuffing.
Read More
Social Images for next Cyber Savvy Blog
Explore how Alex Green, the CISO of Delta Dental, safeguards over 80 million customers against modern cyber threats, and gain valuable insights into the cybersecurity landscape.
Read More
B Images for EDB Blog from Sanjay
Abnormal is excited to announce the establishment of a strategic partnership with the Singapore Economic Development Board (EDB).
Read More
B Automotive Data Blog
Research reveals the automotive industry has become a popular target for business email compromise and vendor email compromise attacks. Learn why.
Read More