According to the annual report released Monday by the FBI’s Internet Crime Complaint Center (IC3), cyber fraud accounted for $17.6 billion in losses in 2025. These fraudulent activities represent the vast majority of total reported losses for the year.
The report indicates that the IC3 received over one million complaints last year, with 45% involving cyber fraud. Investment scams were the most financially devastating, totaling $8.6 billion in losses. Business Email Compromise (BEC) followed with over $3 billion in losses, while tech support scams accounted for $2.1 billion.
Ransomware Threat Continues to Escalate
Taushiana Bright, a section chief in the FBI’s Cyber Division, stated during a media briefing that ransomware remains one of the most significant challenges facing law enforcement. The FBI is currently investigating more than 200 ransomware variants and the criminal syndicates behind them.
Data shows that 63 new ransomware variants emerged last year, leading to 3,611 complaints and more than $32 million in direct financial losses. Bright emphasized that criminals no longer discriminate in their targeting, with hospitals, emergency response agencies, schools, and even entire municipal governments falling victim. Last year, 14 of the 16 critical infrastructure sectors in the U.S. were hit by ransomware attacks.
As technology evolves, the use of new criminal tools is becoming increasingly common. The report highlights that approximately 22,000 complaints involved the use of artificial intelligence, resulting in nearly $893 million in losses. Furthermore, cryptocurrency has become the primary vehicle for criminals to launder stolen funds, with related theft losses reaching $11.3 billion.
In terms of demographics, individuals aged 60 and older were hit hardest, filing 201,266 complaints with reported losses of approximately $7.7 billion. Geographically, California, Texas, and Florida recorded the highest volume of complaints, with Texas leading the nation at 97,912 reports.
Bright cautioned that the cases handled by the IC3 represent only a fraction of the vast cybercrime ecosystem. As criminal tactics continue to evolve, the digital security landscape remains precarious for both businesses and individuals.
