Americans lost more money to cybercrime in 2024 than ever before. The FBI’s Internet Crime Complaint Center received over 859,000 complaints last year, with reported losses reaching a record $16.6 billion — a 33% surge from the year before. The US cybercrime losses record reflects not just more attacks, but more damaging ones, with the average victim losing nearly $19,400.
A 25-Year-Old Warning System Reaches a Grim Milestone
The IC3 has been collecting cybercrime reports for 25 years. In its early days, it processed around 2,000 complaints per month. Today, it handles more than 2,000 every single day. That shift captures something important: cybercrime is no longer an edge-case risk. It is a daily reality for millions of Americans.
Of the 859,532 complaints filed in 2024, just over 256,000 involved actual financial losses. That means a significant share of incidents go unresolved, unreported in full, or are caught before money changes hands. But for those who did lose money, the damage was severe.
FBI Operations Director for Criminal and Cyber, B. Chad Yarbrough, described the figures bluntly: “Last year saw a new record for losses reported to IC3, totaling a staggering $16.6 billion. Fraud represented the bulk of reported losses in 2024, and ransomware was again the most pervasive threat to critical infrastructure.”
Investment Fraud and Crypto Scams Drive the Biggest Losses
Investment fraud was the single most costly crime category in 2024, responsible for $6.57 billion in losses. Cryptocurrency sat at the center of it. Nearly 150,000 complaints involved digital assets, generating $9.32 billion in losses across all fraud types — a 66% increase from 2023.
Crypto’s appeal to fraudsters is straightforward. Transactions are difficult to reverse, hard to trace across borders, and move fast. So-called “pig butchering” schemes, where criminals build fake romantic or investment relationships before draining victims’ accounts, drove a large share of these losses.
Business email compromise came in second for total damage, costing victims $2.77 billion. These scams work because they exploit routine. A spoofed email, a convincing impersonation of a colleague or vendor, and a single rushed wire transfer can cost a business six figures in minutes.
Older Americans Bore the Heaviest Burden
No demographic was harder hit than Americans over 60. This group filed 147,127 complaints and reported losses of nearly $4.8 billion — the highest of any age group. Tech support fraud, romance scams, and investment schemes were the most common traps.
The pattern is consistent year over year. Older adults tend to hold more savings, may be less familiar with evolving scam tactics, and are more likely to be targeted through channels they trust, such as phone calls, emails, and even fake government impersonations.
Phishing and spoofing remained the most reported crime type overall, with 193,407 complaints filed. Extortion followed with 86,415 complaints, and personal data breaches generated 64,882 reports. Tech support scams caused $1.46 billion in losses on their own.
Ransomware Kept Targeting Critical Infrastructure
Ransomware complaints rose 9% compared to 2023, and the threat concentrated heavily on critical sectors. Healthcare was among the hardest hit, with 238 ransomware complaints filed by healthcare and public health entities alone.
The IC3 tracked 67 new ransomware variants in 2024. The most active groups by complaint volume were Akira, LockBit, RansomHub, Fog, and Play. Despite a law enforcement crackdown on LockBit during the year, new groups filled the gap quickly.
Cyber-enabled fraud — crimes where the internet is used as the vehicle for theft or deception — accounted for 83% of all reported losses. That comes to roughly $13.7 billion stripped from victims through tactics that often require no sophisticated hacking at all. Social engineering, fake websites, and deceptive emails did most of the damage.
The FBI Recovered Some Funds — But Only a Fraction
The FBI’s Recovery Asset Team worked to claw back stolen money through a process called the Financial Fraud Kill Chain, which flags suspicious wire transfers before funds leave reach. In 2024, the team froze $561.6 million — a 66% success rate on cases where it intervened.
That figure is meaningful. But it represents a small slice of the $16.6 billion total. Once money moves into cryptocurrency or reaches overseas accounts, recovery becomes extremely difficult. Speed matters enormously: the sooner a victim reports fraud, the better the chances of intervention.
FBI Director Kash Patel reinforced the importance of reporting:
“Reporting is one of the first and most important steps in fighting crime so law enforcement can use this information to combat a variety of frauds and scams.”
What This Means for Everyday Users
The US cybercrime losses record is not just a national statistic. It reflects individual people losing retirement savings, small businesses collapsing after a single fraudulent transfer, and hospitals forced offline by ransomware attacks.
Several steps can meaningfully reduce personal risk. Using a reputable VPN on public or unsecured networks limits exposure to credential theft and man-in-the-middle attacks. Strong, unique passwords combined with multi-factor authentication block the vast majority of account takeover attempts. Scepticism toward unsolicited contact — whether by email, phone, or text — remains one of the most effective defences available.
The scale of 2024’s losses makes one thing clear. Cybercriminals are not slowing down. The tactics are getting sharper, the targets broader, and the financial damage deeper. Staying protected requires consistent habits, not occasional caution.
Final Thoughts
The FBI’s latest IC3 data paints a stark picture of the current threat landscape. US cybercrime losses reached a record $16.6 billion in 2024, driven by investment fraud, crypto scams, business email compromise, and relentless ransomware campaigns. Older Americans suffered the most, but no group was untouched.
The gap between what was lost and what was recovered is enormous. That gap closes only through faster reporting, stronger personal security habits, and tools that limit exposure in the first place. The numbers will keep climbing until both individuals and organisations treat cybersecurity as a baseline necessity rather than an afterthought.
