Cybercrime losses break the $20 billion mark

Online crime continues to generate rising financial losses, with totals reaching $20.877 billion in 2025. The FBI’s Internet Crime Complaint Center (IC3) report shows a 26% increase in total reported losses from the previous year.

(Source: FBI)

More than one million complaints were submitted during the year, with fraud accounting for the majority of losses. Cyber-enabled fraud totaled $17.7 billion, representing 85% of all reported financial damage.

Complaint counts show a different pattern. Phishing or spoofing incidents recorded 191,561 complaints, the highest number of reports. Extortion incidents recorded 89,129 complaints. Investment scams recorded 72,984 complaints.

“Since our founding reporting to IC3 has surged. We received a few thousand complaints per month in our early days. We now average almost 3,000 complaints per day,” said Jose Perez, Operations Director for the Bureau’s Criminal and Cyber Branch.

Investment scams generated the largest share of losses at $8.6 billion. BEC and tech support scams followed, each accounting for billions in reported losses.

Cryptocurrency remained a central element in fraud-related activity, with losses totaling $11.3 billion. Investment scams involving cryptocurrency accounted for $7.2 billion of that total, reflecting continued reliance on digital assets in financial fraud schemes.

“These scams are largely perpetrated by organized criminal enterprises based in Southeast Asia using victims of human trafficking as forced labor to run the scam operations,” the FBI noted.

AI-related fraud, ransomware activity and recovery efforts continue

For the first time in its nearly 25-year history, the IC3 report includes a section on AI, linking more than 22,000 complaints to nearly $893 million in losses. These cases included investment scams, impersonation campaigns, and tech support fraud, indicating the use of AI in communication and identity-based deception. In 2025, businesses lost more than $30 million to AI-related BEC scams.

Ransomware activity continued during the year, with losses exceeding $32 million. Dozens of new ransomware variants were identified, reflecting ongoing development of threat capabilities and sustained incident reporting.

The IC3 Recovery Asset Team initiated 3,900 fraud response actions tied to attempted theft totaling more than $1.1 billion. A total of $679 million was frozen, resulting in a 58% success rate.

Cybercrime reporting extended beyond domestic activity, with complaints submitted from more than 200 countries. These reports contributed nearly $1.6 billion in losses outside the United States.

“It has never been more important to be diligent with your cybersecurity, social media footprint, and electronic interactions. Cyber threats and cyber-enabled crime will continue to evolve as the world embraces emerging technologies such as artificial intelligence,” concluded Perez.