back to article Crypto scams more costly to the US than ransomware, Feds say

The FBI says investment fraud was the form of cybercrime that incurred the greatest financial loss for Americans last year. Investment scams, often promising huge returns, led to reported losses of $4.57 billion throughout the year – a 38 percent increase from $3.31 billion in 2022. The vast majority prey on those looking to …

  1. Sora2566 Bronze badge

    Er... is that last paragraph technically inviting vigilante action? Is that the sort of thing the Reg could get in trouble for?

    1. Catkin Silver badge

      Vigilantism doesn't necessarily mean law breaking, it's just a potential occurrence.

  2. Joe Dietz

    Yeah, that is some bad ransomware data.... and sort of calls into question the rest of the report. Ransomware from chain analysis was at least $1.1_BILLION last year. (https://www.chainalysis.com/blog/ransomware-2024/) 2X from 2022. That does NOT include the MASSIVE costs of incident response with or without paying a ransom. I think you could find single incidents that might have costs more than $52m last year.

    1. sitta_europea Silver badge

      "...I think you could find single incidents that might have costs more than $52m last year."

      In fact The Register has reported some of them.

  3. SVD_NL Silver badge

    Not reporting ransomware attacks?

    I'm pretty sure any company operating in Europe must report ransomware attacks, at least as a potential PII leak as per the GDPR.

    It's surprising to me that the US doesn't have similar rules, but at the same time it doesn't surprise me at all.

    1. Joe Dietz

      Re: Not reporting ransomware attacks?

      The SEC has reporting rules now. They are being used by attackers as leverage to get people to pay ransom now.... pay or we'll turn you in. Even dumber though is that recently a health care provider was issued a fine after reporting an attack... for exposing patient records (to the attacker). As with most regulation, reporting largely doesn't accomplish what was intended and has some really perverse incentives built into it. Blaming the victim is probably not the solution.

      1. Anonymous Coward
        Anonymous Coward

        Re: Not reporting ransomware attacks?

        1. If someone has had data stolen by attackers, they're expected to say so. Concealing it should carry a fine.

        2. If the reason the attack was successful was poor security (i.e. not up to standard levels), then fining them for their poor security is reasonable. (Sometimes the security is good but the attack succeeds anyway; don't fine those folks.)

        So, blaming the victim for being a victim isn't cool, but blaming them for their own actions (poor security and concealing the attack) is!

      2. Anonymous Coward
        Anonymous Coward

        Re: Not reporting ransomware attacks?

        The security at Change Healthcare (a division of Optum, a division of UHC) is abysmal. In violation of HIPPA abysmal. They should most definitely be fined, and a lot.

  4. druck Silver badge
    Stop

    You can't...

    You can't ban stupidity.

    You can't ban criminality.

    But you can ban crypto.

  5. evamendes88

    Information I got from a company that offers pro hacking services (spirassp . com) reveals that the crypto scam is bound to rise by 50% if care is not taken. Anyone familiar with the quadriga scheme in Canada back in 2016 will know they come at their victims in different ways. Quadriga was never listed but started selling shares and stopped publishing audits. They were later banned from selling shares after BCSC issued a cease trade order (CTO) for not submitting audit. What kind of entity operates like this?

    Crypto scammers come at their victims in diverse ways so every one has to stay vigilant and beef up on cybersecurity as much as possible.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like