Cybersecurity Awareness Month 2021 – Cybercrime in Utah
We’ve been sharing information about how you can DO YOUR PART – BE CYBER SMART throughout the month of October.
We thought we’d close out this Cybersecurity Awareness Month with information about cybercrime in Utah and throughout the nation.
In Utah in 2020, there were 4,926 victims of cybercrime (50% increase from 2019), and $47,113,946 in losses (1.4% increase).
Top Utah Crimes by Victim Count in 2020:
- Extortion 959
- Non-payment/ non-delivery 835
- Personal Data Breach 422
- Phishing/Vishing/Smishing/Pharming 309
- Confidence Fraud/Romance 296
Top Utah Crimes by Victim Loss in 2020:
- Business Email Compromise $13,186,099
- Confidence Fraud/Romance $6,036,574
- Non-payment/ non-delivery $3,099,967
- Personal Data Breach $2,018,413
- Real Estate/Rental $1,960,429
National level trending topics in 2020
- COVID-19 Fraud
- Business Email Compromise
- Nationwide: 19,369 victims, $1,866,642,107 in loss
- Utah: 175 victims, $13,186,099 in loss
- Tech Support Fraud
- Nationwide: 15,421 victims, $146,477,709 in loss
- Utah: 133 victims, $782,354 in loss
- Nationwide: 2,474 victims, $29,157,405
- Utah: 21 victims, $1,185,619 in loss
** Ransomware loss numbers do not include estimates of lost business, time, wages, files, or equipment, or any third-party remediation services acquired by a victim. In some cases, victims do not report any loss amount to the FBI, thereby creating an artificially low overall ransomware loss rate. Lastly, the number only represents what victims report to the FBI via the IC3 and does not account for victim direct reporting to FBI field offices/agents.
FBI Cybercrime Definitions
- Business Email Compromise (BEC) and Email Account Compromise (EAC) BEC is defined as “a scam targeting businesses (not individuals) working with foreign suppliers and/or businesses regularly performing wire transfer payments.” EAC is a “similar scam which targets individuals.” BEC and EAC are “carried out by fraudsters compromising email accounts through social engineering or computer intrusion techniques to conduct unauthorized transfer of funds.”
- Confidence Fraud/Romance defined as where an “individual believes they are in a relationship (family, friendly, or romantic) and are tricked into sending money, personal and financial information, or items of value to the perpetrator or to launder money or items to assist the perpetrator.”
- Phishing/Vishing/Smishing/Pharming defined as the “use of unsolicited email, text messages, and telephone calls purportedly from a legitimate company requesting personal, financial, and/or login credentials.”
- Non-Payment/Non-Delivery defined as when “goods and services are shipped, but payment is never rendered” or when “payment is sent, but goods and services are never received.”
- Extortion defined as the “[u]nlawful extraction of money or property through intimidation or undue exercise of authority. It may include threats of physical harm, criminal prosecution, or public exposure.”
- Real Estate/Rental: Loss of funds from a real estate investment or fraud involving rental or timeshare property.
- Tech Support Fraud continues to be a growing problem. This scheme involves a criminal claiming to provide customer, security, or technical support or service to defraud unwitting individuals. Criminals may pose as support or service representatives offering to resolve such issues as a compromised email or bank account, a virus on a computer, or a software license renewal. Recent complaints involve criminals posing as customer support for financial institutions, utility companies, or virtual currency exchanges. Many victims report being directed to make wire transfers to overseas accounts or purchase large amounts of prepaid cards