IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Cyber Crime Is More Costly Than Ever — What Can Be Done?

How bad was cyber crime in 2021? What are the projections for the next few years? More important, what can you do about it?

Hands typing on a green and blue backlit keyboard
A headline this week from in North Carolina reported that “N.C. cybercrime victims lost $91M in 2021.”

Here’s an excerpt: “The FBI has released new numbers that put a price tag on how much cybercrimes are costing victims in the Carolinas. The FBI report shows North Carolina had the 18th highest number of cybercrime victims in the country, losing $91 million last year. South Carolina ranks 29th, with more than $42 million in total losses.”

Meanwhile, the Los Alamos Reporter highlighted its own perspective from the new statistics with “Latest FBI Internet Crime Report Shows New Mexico Victims Lost Almost $13 Million In 2021”: “More than 2,600 New Mexico victims of internet scams reported losing almost $13 million in 2021, according to the FBI’s Internet Crime Complaint Center (IC3).

“The latest IC3 annual report listed 2,644 victims in New Mexico, with total losses of $12,761,850.

“Business email compromise (BEC)/email account compromise scams accounted for $2.7 million in losses, followed by confidence fraud/romance scams at almost $2 million.”

These are just two of the many state-specific perspectives offered in the latest FBI Internet Crime Report 2021, which was released this past week.

This YouTube video highlights New Hampshire’s Internet crime stats:
Nationwide, the numbers add up to a whopping $6.9 billion that people lost in 2021, according to this CNET summary report: “People lost more than $6.9 billion to internet crimes in 2021, a jump of more than $2 billion from 2020, according to the FBI’s annual Internet Crime Report. The report, released Tuesday, contains ‘information about the most prevalent internet scams’ reported to the federal law enforcement agency’s Internet Crime Complaint Center.

“A total of 847,376 internet crime complaints were filed in 2021, a 7% increase from 2020 but a staggering 81% jump from 2019, according to the FBI. The top three cybercrimes reported last year were phishing scams, non-payment/non-delivery and personal data breaches.”

There are many wondering why this surge is happening. The report discusses pandemic-related factors (like working from home and other process changes), and I like this additional report that highlights several more reasons for the rise in cybercrime.


And as high as these numbers may seem to many, a report from Cybersecurity Ventures and Cybercrime magazine in the “2022 Cybersecurity Almanac” released earlier this year has much more startling stats. For example:
  • “Cybersecurity Ventures expects global cybercrime costs to grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015.
  • Digital ad fraud is rising sharply. The ad industry loses approximately $51 million per day due to ad fraud and by 2023 that number will skyrocket to $100 billion annually, according to an estimate featured in Bloomberg Law.
  • Cybercrimes are vastly undercounted because they aren’t reported — due to embarrassment, fear of reputational harm, and the notion that law enforcement can’t help (amongst other reasons). Some estimates suggest as few as 10 percent of the total number of cybercrimes committed each year are actually reported.
  • Organized cybercrime entities are joining forces, and their likelihood of detection and prosecution is estimated to be as low as 0.05 percent in the U.S., according to the World Economic Forum’s 2020 Global Risk Report.”

The report goes on to describe projected financial losses from ransomware attacks, crypto crime, big other hacks and much more.

Add in other cyber threats, such as these most feared cyber attacks from the BBC, and the online picture gets even more bleak and somewhat overwhelming.

An article from describes our global cyber challenges and situation in detail and brings it all together with this paragraph: “So, to summarize, the contemporary technology environment is being shaped by an ongoing tendency to innovate faster than we can secure, by the growing role of the private sector in national security, and by the slow but steady fracturing of the global internet. There are tons of other factors that matter and that need to be understood; but I think these are three of the most important macro trends from a geopolitical perspective, and I hope this helps you as you read and interpret the daily deluge of tech and national security news.”


This blog covers the wider areas of cybersecurity each week, so this is just intended to get the discussion started.

First, read these reports and strive to understand the current (admittedly complex) global cybersecurity environment. What does it mean to be targeted in cyber space by criminals?

Second, work with the FBI and other law enforcement organizations to report incidents and improve your situation locally. The Internet Crime Complaint Center (IC3) is a great place to start.

You can also work with InfraGard to secure your local business or government networks and systems. Local chapters are always seeking ways to partner with the public and private sectors. A list of local chapters can be found here.

Third, act in your community, business and/or government, with a sense of local accountability. Securing your systems involves responsibility and ownership from more than the technical and security staff — everyone must play a part. Build a culture of cybersecurity, however you interact or conduct business transactions online.


During my return from an out-of-state business trip this past week, I was asked by the parking lot shuttle driver at the airport Detroit, “What do you do for a living?”

I talked about cybersecurity and protecting people from cyber crime for the next five minutes while he drove me to my car. He listened carefully and said, “I have a story for you!”

“I fell for an online scam and lost $600, from someone claiming to be a security pro trying to help me,” he said. “I bought debit cards and much more for this guy — just trying to get my PC fixed. The whole thing took a week, and I felt like such an idiot afterward. What a mess! I don’t trust anyone online anymore.”

As I was getting off the bus, he kept asking me more questions about how to avoid these scams. What could he do now to help?

I explained multifactor authentication and more. Interestingly enough (to me), he had never even heard of MFA. He was very thankful for the advice I could offer.

And I was reminded again that we all need to keep fighting our online battles — helping one person at a time.
Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.