Privacy Ninja



        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

FBI: Over $4.2 Billion Officially Lost To Cybercrime In 2020

FBI: Over $4.2 Billion Officially Lost To Cybercrime In 2020

The Federal Bureau of Investigation has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year.

The Internet Crime Complaint Center (IC3) received last year 791,790 complaints – up by 69% from 2019 – of suspected internet crime causing more than $4 billion in losses.

While most complaints were for phishing, non-payment/non-delivery scams, and extortion, about half of the losses are accounted by business email compromise (BEC), romance and confidence scams, and investment fraud.

According to the IC3 report, BEC or email account compromise (EAC) scams recorded 19,369 complaints in 2020, which is 19% less than last year. However, this type of cybercrime alone caused $1.8 million in losses, up from $1.7 billion in 2019.

Also Read: PDPA Singapore Guidelines: 16 Key Concepts For Your Business

Crane Hassold, senior director of threat research at Agari, told BleepingComputer that the difference could be explained by many threat actors “pivoting to unemployment/SBA/PPP fraud in the middle of the year.”

Referring to BEC scams, the Hassold said that when considering spoofing as a subset of this cybercriminal activity, the financial impact is closer to $2.1 billion.

BEC scams are carried out by compromising business email accounts and to modify transaction details so that funds are transferred to a bank account controlled by the attacker.

A trend observed in 2020 was the use of identity theft and converting funds to cryptocurrency. In these cases, an initial victim (extortion, tech support, romance scam) provided their ID to the fraudster.

BEC scammers would use the ID to open bank accounts and receive BEC funds that would be quickly converted to cryptocurrency to lose track of the money.

Since 2018, the FBI has a Recovery Asset Team specialized in freezing accounts used for unauthorized BEC transfers and recovering money that can still be tracked.

Las year, RAT was able to freeze and recover a little over 82% from almost $463 million in losses reported in 1,303 incidents.

One case involved an illegal wire transfer of $60 million from a victim company in St. Louis to a bank account in Hong Kong controlled by the fraudsters.

One type of cybercrime that is grossly misrepresented in FBI’s annual report is ransomware, with 2,474 complaints and adjusted losses of more than $29.1 million.

Although the figures are small, they represent an increase compared to 2019, when IC3 received 2,047 complaints and the losses were above $8.9 million.

Ransomware is a multi-billion cybercriminal business that has not stopped growing, with some actors’ demands averaging upward of $1million.

In just five months, the Netwalker ransomware gang made $25 million from paying victims last year. One of its affiliates, charged in the U.S., is believed to have made more than $27 million from this activity.

Other ransomware operations – Maze, Conti, Egregor, REvil, Ryuk, Doppel Paymer – were responsible for a larger number of attacks last year and higher profits.

These gangs target big-revenue companies that would stand to lose more from downtime or data leaks than from paying the ransom. Many of these attacks remain unreported to avoid legal complications.

Looking at the raw figures in FBI’s Internet Crime Complaint Center latest report, cybercrime has recorded a significant growth in 2020, both in terms of filed complaints and money lost by victims in the U.S.

Also Read: Data Protection Officer Singapore | 10 FAQs



Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection


We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.


Click one of our contacts below to chat on WhatsApp

× Chat with us