Security & Infrastructure Tools
FBI: Americans lost a record $21 billion to cybercrime last year
The FBI reports that Americans lost a record $21 billion to cybercrime last year, an increase of 26% over 2024’s $16.6 billion. The losses were driven mainly by investment scams, business email compromise, tech‑support fraud, and data breaches, with cryptocurrency attacks causing the largest loss (over $11 billion). The Internet Crime Complaint Center received more than a million complaints, up from 859,000, with phishing, extortion, and investment scams being the most common. Older adults (60+) suffered the greatest losses, while AI‑related scams also appeared in the report for the first time. The FBI has intensified efforts to block attacks, freeze stolen funds, and notify victims, highlighting the need for cautious verification of urgent requests and reporting incidents to IC3.
Record $21 Billion Lost to Cybercrime in 2025: FBI Report
In 2025, the United States faced a record-breaking financial toll from cyber-enabled crimes, with victims losing nearly $21 billion. The gain in losses — about 26% higher than the $16.6 billion reported for 2024 — underscores how rapidly cybercrime has evolved and diversified. The trend mirrors a rise in the number of complaints received by the Internet Crime Complaint Center (IC3), which surpassed one million incidents last year, up from roughly 859,000 in the prior year.
The most frequent complaint categories continued to drive the lion’s share of losses. Phishing remained the leading mode of attack, generating about 191,000 reports. Extortion and investment scams each accounted for substantial portions of the total, with 89,000 and 72,000 reports respectively. While these figures reflect billions in losses, other serious attack types also left a notable mark: business email compromise (BEC) was cited in about 24,700 cases, data breaches in 3,900 cases, ransomware incidents in 3,600 cases, and SIM swapping in 971 cases. Each of these categories contributed to the overall financial impact in different ways, illustrating the broad scope of threats facing individuals and organizations.
Investment fraud stood out as the single-largest driver of scam-related incidents, accounting for 49% of all such events and resulting in losses of approximately $8.6 billion. Meanwhile, cybercrime targeting cryptocurrency produced the largest single loss, exceeding $11 billion spread across 181,565 reported cases. The IC3’s 2025 data also show that cyber-enabled fraud touched 453,000 complaints and accounted for about $17.7 billion of the total losses submitted to the center that year.
Age-specific impact revealed that Americans over 60 bore a disproportionate burden, with reported losses totaling around $7.7 billion — a 37% increase from the previous year. This demographic pattern raised additional concerns about the effectiveness of protections for older adults against evolving scam tactics.
A notable development in 2025 was the introduction of AI-related scams into the FBI’s annual assessment. The agency reported 22,300 complaints tied to AI-enabled schemes, culminating in roughly $893 million in losses. These scams leveraged voice cloning, fake profiles, forged documents, and deepfake videos to mislead victims and facilitate fraud at scale.
Two incidents involving critical infrastructure were described as data breaches, indicating the potential for cyber intrusions to touch essential services. The FBI identified the most-targeted critical infrastructure sectors as healthcare, manufacturing, financial services, information technology, and government facilities, highlighting areas where defensive investments could yield outsized protection.
FBI efforts to counter these threats have grown in scope and sophistication. In 2025, the bureau initiated 3,900 Financial Fraud Kill Chain (FFKC) interventions, successfully blocking a portion of fraudulent transactions. Of the $1.16 billion that attackers targeted, the FBI reported freezing $679 million. This proactive work forms part of a broader strategy to disrupt fraud ecosystems, seize illicit proceeds, and reduce victimization.
Moreover, initiatives such as Operation Level Up were launched at the start of the year to preemptively identify and alert potential victims about cryptocurrency investment fraud. This proactive approach complemented ongoing investigations and incident response efforts. In 2025, 3,780 victims were notified through these proactive measures, with 78% of them unaware that they were being scammed at the time of notification.
The FBI continues to emphasize practical steps for individuals and organizations to reduce risk. Key guidance remains to resist pressure tactics, avoid hasty decisions on urgent requests, and take advantage of all available verification methods before sending money or sharing sensitive information. When compromise is suspected, the bureau urges reporting to ic3.gov with as many details as possible, to support rapid response and, when possible, the recovery of stolen assets.
Taken together, the 2025 FBI/IC3 data paint a picture of a crime landscape that is both broad in the types of attacks and deep in the losses they inflict. Phishing, extortion, and investment scams remain prevalent, while new avenues such as cryptocurrency-focused fraud and AI-driven schemes are expanding the toolkit available to criminals. The rise in losses among older adults and the persistence of data breaches and ransomware illustrate why a layered approach to security — combining user education, robust technical controls, and rapid reporting — remains essential. The FBI’s ongoing push to disrupt fraud networks, freeze illicit funds, and alert potential victims reflects a public-private effort to curb this evolving threat and reduce the overall cost of cybercrime to American households and businesses.