Cybercriminals scammed victims out of $16.6 billion in 2024, marking the highest-ever losses from internet crime, according to the newly released FBI Internet Crime Report 2024. The figure reflects a 33% surge from 2023, when reported losses reached $12.5 billion.
Despite fewer total complaints—859,532 in 2024 vs. 880,418 in 2023—the financial damage spiked sharply. This trend suggests criminals are getting more effective, using smarter, more lucrative attack methods.
“We made it harder for them, but they still found ways to succeed,” wrote B. Chad Yarbrough, the FBI’s cyber operations director, in the report.
The FBI emphasized its 2024 efforts to disrupt major ransomware groups like LockBit, arrest top developers, and distribute thousands of decryption keys—preventing an estimated $800 million in ransom payments.
Phishing, Extortion, and Data Breaches Dominate Complaints
In 2024, phishing and spoofing remained the most reported cybercrimes, with 193,407 complaints. Extortion followed with 86,415, and personal data breaches came in third with 64,882. These numbers show that social engineering continues to dominate over technical exploits.
Together, phishing and extortion accounted for over 280,000 cases, making them the top two cybercrime tactics. According to Andrew Costis from AttackIQ, these crimes work so well because they target human error—not technology.
“Attackers are exploiting people, not systems,” Costis said.
The report also revealed that 83% of all financial losses came from cyber-enabled fraud. These include schemes that use the internet to steal money, data, identities, or sell fake goods and services.
Older adults remain the most common victims. People over 60 filed 147,127 complaints, reporting $4.8 billion in losses. On the other hand, those under 20 made only 17,993 complaints, with $22.5 million in losses.
Ransomware, while accounting for just 3,156 complaints, continues to threaten critical infrastructure. Ransomware incidents rose 9% year-over-year, and the FBI labeled it the most pervasive threat to essential services.
Top ransomware families reported in 2024 include Akira, LockBit, RansomHub, Fog, and Play. The FBI also identified 67 new ransomware variants, with Fog, Lynx, Cicada 3301, DragonForce, and Frag among the most active.
Despite the relatively low number of ransomware complaints, these attacks are especially damaging. The report lists direct ransomware-related financial losses at $12.5 million, excluding collateral costs like downtime and data loss.
FBI Urges Public to Report & Prepare for Breaches
Another major concern was the surge in data breach complaints, which ranked just behind phishing in frequency. In 2024, the IC3 received 263,455 breach-related reports, with $1.7 billion in combined losses. Over 4,800 of these affected critical infrastructure sectors, such as healthcare, finance, and energy.
The FBI continues to stress the importance of reporting cybercrime. Every complaint helps law enforcement identify patterns and track threat actors more effectively.
“We can’t fight what we don’t know exists,” Yarbrough emphasized.
Security experts also recommend companies adopt an “assume breach” mindset, which means operating under the idea that intrusions will happen—and preparing accordingly. Costis advises businesses to test their defenses regularly and evaluate how well their systems detect and respond to real-world threats.
The FBI Internet Crime Report 2024 serves as a clear warning. While enforcement agencies are making strides, cybercriminals are evolving faster. Stronger public awareness, proactive security planning, and early incident reporting remain critical in the fight against cyber-enabled crime.
