FBI IC3 2025 Internet Crime Report: 10 Important Takeaways

The FBI’s Internet Crime Complaint Center (IC3) has just released its 2025 Annual Report, and it’s a record-breaker in the worst way. For the first time in IC3’s 25-year history, complaints crossed the one-million mark, with total losses surpassing $20 billion. AI is making scams harder to detect, ransomware variants are multiplying, and the financial damage to ordinary people, from children to retirees, is accelerating.

IC3 is the FBI’s central hub for internet-enabled crime reports. Since 2000, it has collected over 10 million complaints, averaging nearly 3,000 per day. That data drives real investigations, fund freezes, and law enforcement priorities at every level.

Below are the 10 most important takeaways from the FBI IC3 2025 report and what security teams, business leaders, and everyday users should pay attention to next.

1. Reported Losses Reached a Record $20.877 Billion

The biggest takeaway from the FBI IC3 2025 report is the scale of the damage. IC3 received 1,008,597 complaints in 2025, making it the first year to cross the one-million threshold. Reported losses reached $20.877 billion, up 26% from 2024.

That increase is even more striking over a longer time horizon. In 2015, IC3 reported roughly $1 billion in losses. Ten years later, reported losses have grown more than twentyfold. The average loss per complaint now stands at $20,699, although the figure is heavily influenced by high-dollar fraud categories such as investment scams and Business Email Compromise.

The true cost is likely much higher. Many victims never report cybercrime because they feel embarrassed, do not realize they were targeted, or assume reporting will not help. That means IC3’s annual totals should be viewed as a baseline rather than a full measure of the problem.

2. Investment Fraud Caused the Largest Financial Losses

Investment fraud remained the costliest crime category in the report by a wide margin. In 2025, victims reported $8.648 billion in losses tied to investment scams, accounting for more than 40% of all losses recorded by IC3.

Cryptocurrency-related investment schemes drove most of that total. The report attributes $7.2 billion to scams built around fake investment platforms, fabricated returns, and prolonged social engineering. Criminals typically approach victims through text messages, social media, or dating apps, then shift the conversation to private messaging platforms and introduce what appears to be a profitable opportunity.

These scams often follow the same pattern. The victim sees fake gains, invests more over time, and may even take out loans to increase their position. When they try to withdraw funds, the scammer introduces fake taxes, fees, or compliance requirements. By then, the money has already been moved.

The report also points to organized criminal networks in Southeast Asia as major enablers of these schemes. That adds an important layer to the story: this is not just isolated online fraud. In many cases, it is industrialized crime supported by large-scale scam infrastructure.

3. Seniors and Children Faced Very Different but Serious Risks

The FBI IC3 2025 report highlights two especially vulnerable groups: older adults and minors.

Adults aged 60 and older filed 201,266 complaints in 2025, up 37% year over year. Their reported losses reached $7.748 billion, a 59% increase from 2024. The average loss for this age group was $38,500, nearly double the overall average. A total of 12,444 seniors each lost more than $100,000.

The most damaging crime types affecting older adults were investment fraud ($3.5 billion), tech support scams ($1.04 billion), and confidence or romance scams ($584 million).

Minors faced a very different threat landscape. IC3 received 13,168 complaints involving children and teenagers age 17 and under. Many of these cases were linked to sextortion, coercion, and online exploitation rather than direct financial theft. The report notes more than 75,000 sextortion-related submissions, along with more than 5,700 submissions involving minors referred to the National Center for Missing & Exploited Children.

This contrast is one of the report’s most sobering points. Older adults are often losing retirement savings, while children are facing coercion, grooming, and severe emotional harm. The report also points to the FBI’s active investigation into the violent online group 764, which coerces children into self-harm, animal cruelty, and suicidal acts on livestream, sometimes with fatal outcomes. Security awareness efforts need to account for both realities.

Government Impersonation: A Fast-Growing Threat to Older Adults

Government impersonation also stood out. 8,628 seniors filed complaints in that category alone, with $413 million in losses. Across all age groups, government impersonation complaints nearly doubled from 17,367 in 2024 to 32,424 in 2025, and the financial and psychological pressure often lands hardest on seniors who are more likely to respond quickly to authority-based deception.

4. AI Is Making Fraud More Convincing and More Scalable

Artificial intelligence moved from a background concern to a documented threat in the 2025 report. IC3 received more than 22,000 complaints with an AI-related nexus, with adjusted losses exceeding $893 million.

That figure likely understates the problem. In many scams, victims have no reliable way to know whether AI helped generate the messages, voices, images, or videos used against them.

According to the report, criminals are using AI in several practical ways:

• Voice cloning to imitate relatives, executives, or public officials
• AI-generated phishing content tailored to specific targets
• Deepfake videos that appear to show celebrity or executive endorsements
• Synthetic identities used to build fake social media personas and investment communities

Government impersonation complaints nearly doubled from 17,367 in 2024 to 32,424 in 2025, and AI likely played a role in making those scams more believable. The report also notes $632 million in AI-linked investment fraud losses, more than $30 million tied to AI-related BEC, and $19 million tied to AI-related romance scams.

Another important point in the report is the likely undercount. Overall investment fraud losses exceeded $8 billion, yet only $632 million was specifically flagged as AI-involved, suggesting that many victims may not realize how heavily AI shaped the scam.

5. Phishing Remained the Most Reported Crime Type

Phishing and spoofing once again topped the IC3 complaint list by volume, with 191,561 complaints in 2025. The complaint count alone does not tell the full story, though. Phishing complaints dropped from 298,878 in 2023 to 193,407 in 2024, then held relatively flat at 191,561 in 2025.

The more important shift was in the losses. Reported phishing losses jumped from $70 million in 2024 to $215 million in 2025. That sharp increase suggests phishing campaigns are becoming more effective even when overall complaint volume remains relatively stable.

One likely reason is better fraud quality. AI tools can help criminals personalize messages, imitate writing styles, and test variations at scale. A campaign no longer needs to fool a large percentage of recipients to be profitable. It only needs to convince a small number of carefully chosen targets.

This has direct implications for both personal and corporate security. Phishing still serves as an entry point for account compromise, credential theft, BEC, malware delivery, and downstream financial fraud.

6. Business Email Compromise (BEC) Still Costs Billions

AI has made BEC significantly more dangerous. Chat generators can produce official-sounding emails mimicking a CEO in seconds. Voice cloning lets criminals place calls that sound indistinguishable from a known executive. This means that authenticity cues that once helped users detect fraud are weakening. Voice, writing style, and video are no longer trustworthy on their own.

In 2025, businesses reported over $30 million in losses tied to AI-assisted BEC specifically.

With or without AI, BEC itself remains a formidable threat. IC3 recorded 24,768 complaints in 2025 with reported losses totaling $3.046 billion, the second costliest crime category overall. Criminals now routinely compromise legitimate email accounts rather than just spoofing them, and increasingly use phone calls and virtual meeting tools to reinforce fraudulent requests. The goal is always the same: convince someone to authorize a wire transfer or hand over credentials before anyone thinks to verify.

The FBI’s Financial Fraud Kill Chain handled 3,900 incidents involving $1.163 billion in attempted theft and froze $679 million: a 58% success rate. The report also notes a notable rise in tech support and account takeover (ATO) initiations entering the FFKC process alongside traditional BEC cases.

For organizations: multi-factor authentication, out-of-band verification for any payment instruction, and staff training that treats urgency and authority as red flags rather than reasons to act quickly.

7. Ransomware Kept Evolving While Critical Infrastructure Stayed in the Crosshairs

IC3 received 3,611 ransomware complaints in 2025, with reported losses exceeding $32 million. The FBI notes that this figure does not capture the full impact because it excludes downtime, business disruption, remediation costs, and other indirect losses that often exceed the ransom payment itself.

What stands out more than the reported dollar figure is the pace of change. The report identified 63 new ransomware variants in 2025, which works out to more than five new variants per month. The most reported families included Akira, Qilin, and INC/Lynx/Sinobi. The top 10 most-reported variants collectively accounted for 56.8% of all ransomware incidents.

Critical infrastructure remained a key target area, especially sectors such as critical manufacturing, healthcare and public health, and government facilities. This is consistent with a broader ransomware pattern: threat actors continue to target environments where downtime creates intense pressure to restore operations quickly.

The report also documents enforcement action, including a coordinated disruption of the BlackSuit (Royal) Ransomware group in August 2025. At the same time, the FBI warned about North Korean IT worker activity tied to data theft and illicit revenue generation, noting that the DPRK government reportedly dispatched thousands of individuals globally to infiltrate U.S. companies as remote IT workers and exfiltrate sensitive data.

Track the Ransomware Groups Behind the Headlines With SOCRadar XTI

Keeping up with ransomware groups manually is nearly impossible when new variants are emerging at a rate of five per month. SOCRadar’s Cyber Threat Intelligence module gives security teams structured, continuously updated intelligence on ransomware threat actors, including their tactics, infrastructure, known victims, and dark web activity. Instead of reacting after an attack makes headlines, you can monitor the groups most relevant to your sector and get ahead of campaigns before they reach your organization.

8. Tech Support Scams Continued to Surge

Tech support fraud has become one of the fastest-rising loss categories in the IC3 data. Reported losses climbed from $924 million in 2023 to $1.464 billion in 2024 and then to $2.134 billion in 2025.

IC3 received 47,794 complaints tied to tech support scams in 2025. These schemes often begin with a fake security alert, pop-up message, cold call, or spoofed email warning the target that their device or account has been compromised. The scammer then persuades the victim to grant remote access, install software, or move funds under the guise of protection.

Once access is granted, the attack can expand quickly. Criminals may harvest credentials, collect banking information, or guide victims into transferring funds to so-called secure accounts. In many cases, social engineering is stronger than the technical component.

The report also highlights law enforcement action. Joint FBI and India Central Bureau of Investigation operations have led to more than 475 arrests across 27 joint operations since 2022. In one December 2025 case, Operation Chakra disrupted a Noida-based network linked to fraud against more than 600 U.S. victims, with identified losses exceeding $48.7 million. In 2025 alone, these efforts enabled approximately 175 arrests through 13 joint operations.

9. Cryptocurrency-Linked Crime Kept Expanding

Complaints with a cryptocurrency nexus reached 181,565 in 2025, up 21% from the previous year. Associated losses climbed to $11.366 billion, a 22% increase.

The average loss in crypto-related complaints was $62,604, roughly three times the overall average. That gap helps explain why cryptocurrency remains so attractive to criminals. Transactions are fast, difficult to reverse, and much harder for victims to trace once the funds move beyond the initial wallet or exchange point.

Older adults were hit especially hard. Victims aged 60 and older accounted for $4.43 billion in cryptocurrency-related losses, the highest total among all age groups.

The report also points to the growth of recovery scams. In these cases, criminals target people who have already lost money and promise to help retrieve the funds for an advance fee. In 2025, recovery scams generated 10,516 complaints and $1.4 billion in losses. Some scammers falsely claimed to represent law firms, recovery services, or even IC3 itself.

10. The FBI Report Also Shows Why Fast Reporting Matters

Although the report is filled with alarming numbers, it also includes signs that law enforcement intervention can work when victims report quickly and provide enough detail.

One example is Operation Level Up, launched in January 2024 to identify and notify victims of cryptocurrency investment fraud before their losses deepen. In 2025, the initiative notified 3,780 victims, and the report says 78% of them did not realize they were being scammed. The estimated savings reached $225 million. The report also includes examples of intervention, including stopping one victim from cashing out $750,000 from his 401(k), preventing another from selling her house to invest $500,000, and intervening with multiple victims who were contemplating suicide as a result of their losses.

The Financial Fraud Kill Chain results also reinforce the value of rapid reporting. In one case highlighted in the report, investigators traced a fraudulent $6 million wire sent by an Oregon city government and were able to recover the full amount because of prior action against the receiving account.

International cooperation added more momentum. FBI and Indian authorities continued joint operations against fraudulent call centers, while a Scam Center Strike Force targeted organized networks behind cryptocurrency investment fraud compounds in Cambodia, Laos, and Burma.

Reporting internet crime to IC3 quickly can help investigators connect cases, alert other potential victims, and in some situations freeze stolen funds before they disappear.

Conclusion: What the FBI IC3 2025 Internet Crime Report Means for Security Teams

The FBI IC3 2025 report shows an internet crime landscape that is growing in both scale and sophistication. Criminals are using cryptocurrency, social engineering, impersonation, and AI-assisted deception to extract more value from every campaign. The victims span every demographic, from children facing coercion to retirees losing life savings. The attack surface now includes financial trust, digital identity, and human psychology at a scale that no organization can afford to ignore.

The biggest value of a report like this is not just the statistics; it is the directional signal. It shows where criminals are investing effort, which victim groups are under pressure, and which fraud methods are producing the highest returns. For security teams, that means the threat picture extends well beyond malware and network intrusion. Impersonation, exposed credentials, fraudulent domains, and Dark Web activity all need to be in scope.

That is where SOCRadar can help. SOCRadar’s extended threat intelligence platform gives security teams the external visibility to act on exactly these kinds of threats:

• Threat Actor Intelligence: Track all threat actors, including ransomware groups, cybercriminal networks, and APTs relevant to your sector.
• Brand Protection: Detect impersonation, spoofed domains, fraudulent use of your brand, and phishing campaigns targeting your organization or customers.
• Dark Web Monitoring: Surface credential leaks, data dumps, and threat actor chatter early.

For anyone targeted by online crime, reporting to IC3 remains one of the most important first steps. For organizations trying to stay ahead of the trends this report documents, turning threat intelligence into practical, early action is critical.