Annual cybercrime losses climbed to nearly $20.9 billion last year, marking a significant 26% surge compared to 2024. This data comes from the FBI’s Internet Crime Complaint Center (IC3) annual report, released Tuesday, which paints a grim picture of escalating digital threats and their financial consequences.
The report reveals that the total cybercrime losses have increased by almost 400% since 2020, when the figure stood at $4.2 billion. Over the past five years, cumulative losses have now surpassed $71.3 billion. The IC3, established in 2000 as a central U.S. hub for reporting cybercrimes, is experiencing an unprecedented volume of cases, averaging nearly 3,000 complaints daily, according to Jose Perez, the FBI’s operations director for criminal and cyber investigations.
Escalating Trends in Cybercrime Losses
The FBI’s annual report details persistent and growing trends in the landscape of digital crime. However, the full extent of cybercrime’s impact remains challenging to quantify, as many victims do not report the incidents they experience. This underreporting means the reported figures likely represent only a fraction of the actual financial damage.
Last year, the FBI received over one million cybercrime complaints. Individuals aged 60 and older were the most frequent reporters of crimes, and this age group also sustained the largest financial losses. The report indicates that victims in this demographic filed 201,000 complaints, with losses totaling approximately $7.75 billion, accounting for about 37% of all reported cybercrime losses.
Dominant Cybercrime Schemes and Modus Operandi
Investment-related fraud emerged as the leading category of cybercrime losses in 2025, with figures reaching nearly $8.65 billion. Business email compromise schemes followed, resulting in losses of almost $3.05 billion, while tech support scams accounted for over $2.1 billion in damages.
Cryptocurrency served as the primary method for facilitating fraud in investment and tech support scams during the past year. In contrast, wire transfers were the most common transaction method associated with business email compromise fraud, according to the report.
Phishing was identified as the most frequently reported type of cybercrime. It was followed by extortion, investment scams, and personal data breaches. The FBI recorded $122.5 million in losses from extortion and $32.3 million from ransomware attacks last year.
Ransomware and Other Emerging Threats
The FBI also documented more than 75,000 reports of sextortion, with over 5,700 of these cases being referred to the National Center for Missing and Exploited Children. These figures highlight the diverse and often deeply personal nature of cyberattacks.
The top five cyber threats reported to IC3 in 2025 included data breaches at 39%, ransomware at 36%, SIM swapping at 10%, malware at 9%, and botnets at 7%. These statistics indicate a complex threat environment requiring multifaceted defense strategies.
More than 3,600 ransomware complaints were filed with the FBI last year. The most prevalent ransomware variants identified were Akira, Qilin, INC, BianLian, and Play. Critically, all 16 sectors designated as critical infrastructure experienced ransomware attacks, with healthcare, manufacturing, financial services, government, and information technology sectors being the most targeted.
While the IC3 primarily collects complaints from within the United States, it also received reports from over 200 countries last year, contributing to nearly $1.6 billion in aggregated losses. This demonstrates the global reach of cybercriminal operations.
Looking Ahead: Continued Vigilance and Evolving Threats
Despite the rising tide of financial losses and the sheer volume of cybercrime, the FBI continues to work on disrupting and deterring malicious cyber actors, aiming to shift the financial burden from victims back to the perpetrators. Perez stressed the escalating importance of individual diligence regarding cybersecurity practices, social media activity, and electronic interactions.
The FBI anticipates that cyber threats and cyber-enabled crimes will continue to evolve. This evolution is expected to be further influenced by the increasing adoption of emerging technologies such as artificial intelligence. The next steps will likely involve continued law enforcement efforts to combat these threats and the development of new strategies to address the evolving tactics of cybercriminals.