skip to Main Content
+44 (0) 1628 308038

Cyberattacks in 2019 Cost over $3.5 Billion in Victim Losses with Business Email Compromise Taking in Half

Cyber Attacks

The FBI’s annual year-in-review breaks down how 467,000 cyber attacks succeeded in taking consumers and businesses alike for billions of dollars.

The data provided by the FBI each year gives us an unfiltered glimpse into which kinds of attacks were most prevalent, how successful they were, and what was the damage. In their 2019 Internet Crime Report, the latest data provides some insight of where cybercriminals believe “the money is” and, thus, engage in the more lucrative attack types.

According to the report:

  • Business Email Compromise (BEC) only represented 5% of all attacks, but netted nearly $1.8 Billion in losses
  • Phishing/Vishing/Smishing/Pharming was the number one crime, representing 24% of all attacks
  • Spoofing attacks netted over $300 Million in losses
  • Of the top 20 crime types (based on total victim loss amount), 17 involved some form of social engineering

It’s evident from this data that email is the medium of choice, providing cybercriminals an unlimited opportunity to scam consumers and businesses using simple to sophisticated social engineering tactics.

The BEC number is staggering and should be seen as a very large flashing red warning light for every organisation. The average scam took about $75,000 – and, while that may not be particularly newsworthy, it’s a material amount of money for most organisations.

User access to email must be done within the context of security; organisations need to educate users with Security Awareness Training so the user work with a sense of vigilance, always interacting with email with a security mindset, lowering the organization’s risk of a successful phishing attack.

Request Your Security Awareness Training Demo


New-school Security Awareness Training is critical to enabling you and your IT staff to connect with users and help them make the right security decisions all of the time. This isn’t a one and done deal, continuous training and simulated phishing are both needed to mobilise users as your last line of defence.

Request your one-on-one demo of KnowBe4’s security awareness training and simulated phishing platform and see how easy it can be!

PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser:

Close search


Back To Top