Investment fraud overtakes business email compromise as most reported fraud

The Federal Bureau of Investigation (FBI) has published its 2022 Internet Crime Report. One of the most notable points is that investment fraud has now overtaken business email compromise (BEC) as the most reported and most damaging type of fraud.

The numbers are based on the complaints reported to the Internet Crime Complaint Center (IC3). The IC3 serves as a public resource to submit reports of cyberattacks and incidents, which also allows the FBI to collect data and identify trends.

To fully understand the shift we need to clarify what the report considers as investment fraud. The general definition of investment fraud used by the FBI is:

“Deceptive practice that induces investors to make purchases based on false information. These scams usually offer the victims large returns with minimal risk. (Retirement, 401K, Ponzi, Pyramid, etc.).”

Within the category of investment fraud, a major role is taken up by crypto-investment fraud. Crypto-investment fraud saw an incredible growth in 2022, both in number of scams and in the amount of damage done. Investment fraud complaints increased from $1.45 billion in 2021 to $3.31 billion in 2022, which is a 127% rise. Within those complaints, cryptocurrency investment fraud rose from $907 million in 2021 to $2.57 billion in 2022, an increase of 183%.

There are a number of different methods that cryptocurrency investment fraudsters deploy:

  • Liquidity mining. Mostly by deploying social engineering, victims are tricked into linking their cryptocurrency wallet to a fraudulent liquidity mining application. Scammers then wipe out the victims’ funds without notification or permission from the victim.
  • Hacked social media accounts. Using several methods, scammers take over social media accounts to target existing friends of the hacked user.
  • Celebrity impersonation. By pretending to be a well-known celebrity or social figure, scammers begin a friendship with the targeted victim who is eventually enticed to learn how to invest in cryptocurrency or is given the opportunity to invest by the scammer.
  • Real estate professionals. The scammer contacts a real estate agent, usually offering to buy a very expensive property for cash or cryptocurrency. Once engaged, the fraudster will expose their control of fictitious accounts with a purported value of millions of dollars to entice them to engage in their investment scheme.
  • Employment. The victims are lured into applying for a fake position online at an investment firm or company supposedly affiliated with investing. Instead of a job, the victims are instead offered investment advice. The investment is fraudulent and designed to steal as much money from the target as possible.
  • Pig butchering. The fraudsters, posing as highly successful traders in cryptocurrency, entice victims to make purported investments in cryptocurrency providing fictitious returns to encourage additional investments.


It is helpful to know, which methods are popular among scammers, so you can recognize them when you run into them.

Some other points that can help you recognize fraud attempts are:

  • Stray messages for “someone else” appear out of the blue in a chat app, or on social media sites, or even work-related platforms.
  • Common scam opening lines may involve: sports, golfing, travel, fitness.
  • At some point the conversation will drift to topics like investments and/or cryptocurrency.
  • They will ask you to invest, or even take some of their money and use that instead just to try out how “profitable” it can be.
  • If something looks too good to be true

More notable numbers taken from the report

The FBI report contains a lot more information. These are some numbers we thought you might find interesting:

  • In 2022, the IC3 received 800,944 complaints, which is a 5 percent decrease from 2021. However, the potential total loss has grown from $6.9 billion in 2021 to more than $10.2 billion in 2022.
  • Total victim losses in 2022 amounted to $10.3 Billion
  • The largest number of victims are aged 30-39 but the age group that lost the most money are 60+
  • The number of reported ransomware incidents has decreased, but ransomware is still a big threat, especially to organizations in the healthcare, critical manufacturing, government, IT, and financial services sectors.

Malwarebytes removes all remnants of ransomware and prevents you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.