In five years, the annual bill for cybercrime in the United States has increased from $4.2 billion to $20.9 billion. We are facing a constant growth. The annual report from the IC3, published this Tuesday by the FBI, targets 2025 as the year of all records.
A million complaints, nearly 3,000 per day
The Internet Crime Complaint Center has never received so many reports. Over a million cases were opened last year, nearly 150,000 more than in 2024. “We now handle an average of 3,000 complaints daily,” reveals Jose Perez, director of operations for the FBI’s criminal and cyber division in this document.
Investment frauds top the list with $8.65 billion lost. Compromised professional emails come in second at $3.05 billion, followed by technical support scams at $2.1 billion. Cryptocurrency runs through all these schemes like a thread, with $11 billion in losses directly attributed to scams involving digital assets.
Seniors are the primary victims
Those over 60 years old alone account for 37% of reported losses, totaling $7.75 billion out of $20.9 billion, from 201,000 filed complaints. This figure illustrates a well-established strategy among cybercriminals. They often target individuals less familiar with digital mechanisms, who are more isolated and therefore more vulnerable to scenarios of urgency.
The FBI emphasizes a behavioral mechanism present in all scams: artificial urgency.
– A transaction to validate instantly.
– Compromised account security.
– A loved one in danger.
All scenarios rely on the same mechanical form – neutralizing judgment before the victim has time to verify the information.
AI enters the fraudster’s toolbox
For the first time in its history, the IC3 report dedicates a section to AI-assisted frauds. Voice cloning to mimic a loved one or a bank authority, forging documents in seconds, fake videos presenting false executives in crisis situations… These techniques resulted in losses of nearly $900 million in 2025.
This figure deserves context, as while $900 million may seem modest compared to the $8.65 billion in investment fraud, this category barely existed three years ago.
3,600 reports of ransomware in 2025, resulting in losses of $32.3 million. The most active variants include Akira, Qilin, INC, BianLian, and Play. All 16 critical infrastructure sectors have been targeted at least once, with a focus on healthcare, manufacturing, and financial services.
