FBI IC3 Report: Internet Crime Losses Top $20 Billion as Cryptocurrency and AI-Driven Scams Surge
FBI IC3 report shows internet crime losses surpassed $20 billion in 2025, driven by cryptocurrency investment fraud, AI-enabled scams, and rising elder fraud.
A new high for internet crime: what the FBI IC3 report reveals
The FBI Internet Crime Complaint Center’s (IC3) 2025 report documents a sharp escalation in online financial harm, with total reported losses breaking the $20 billion mark and more than one million complaints submitted to federal authorities. The report—compiled from complaints sent to the IC3—compares to $16.6 billion in recorded losses the prior year and maps the range of schemes that drove that increase, from phishing and extortion to large-scale cryptocurrency investment fraud and growing use of artificial intelligence in deception.
Scope and categories tracked by the IC3
IC3’s annual tally covers complaints across more than two dozen crime types, including identity theft and ransomware. Within that framework, the 2025 data highlights both the sheer volume of reports and the concentration of monetary damage in a few areas. The center lists phishing and spoofing as the single largest category by count, with 191,561 complaints, while extortion ranked second with 89,129 complaints. The numbers in the report reflect incidents that were formally submitted to the IC3; the FBI told reporters it does not speculate on the number of incidents that go unreported each year.
Phishing and extortion: persistent volume leaders
Phishing and spoofing complaints topped the list in 2025, underscoring that social-engineering attacks remain a primary vector for fraud. The report separates counts by complaint type rather than by dollar value, showing how frequently these approaches are used to initiate schemes. Extortion—ranging from sextortion to ransom demands delivered via email, messaging, or compromised accounts—was the second-most-reported category by incident count, suggesting broad deployment of these coercive techniques alongside phishing operations.
Elder fraud: rising losses and concentrated harm
Older adults continued to be a particularly vulnerable group. The IC3 report records 201,266 complaints classified as elder fraud, with reported losses totaling $7.75 billion—an increase of 37% compared with the 2024 figures. The report places the average loss per elder-fraud complaint at about $38,500, and notes that 12,444 victims lost more than $100,000. Those figures indicate that while many online scams are low-dollar-volume and high-frequency, a subset of schemes causes severe financial devastation for individual victims.
Cryptocurrency investment fraud as a driver of monetary damage
Among the report’s most striking monetary figures is the role of cryptocurrency-related complaints. The IC3 received 181,565 crypto-related complaints in 2025; within that cohort, investment scams were the primary source of losses for U.S. victims, accounting for over $11 billion in reported harm. The report links a substantial portion of this activity to organized operations overseas, noting that these scams frequently involve coordinated call-center infrastructure and investor-facing pitches that solicit transfers into crypto wallets or platforms.
Organized operations and human trafficking connections
The report identifies a troubling operational model behind many large-scale scams: organized criminal enterprises operating out of Southeast Asia. According to the IC3’s account, these groups use victims of human trafficking as forced labor to operate scam call centers and related infrastructure. That characterization frames certain scam networks not only as financial criminals but also as enterprises that exploit vulnerable people to run persistent deception campaigns.
AI’s growing footprint in online fraud
Artificial intelligence also featured prominently in the 2025 report. IC3 recorded 22,364 complaints that it categorized as AI-related, with those incidents accounting for $893 million in losses for victims. The report highlights two AI-enabled patterns in particular: confidence and romance scams that leverage fabricated profiles and scripted interactions to build trust, and “grandparent” or distress scams that employ cloned voices to impersonate relatives in apparent need. The National Consumer League’s contemporaneous analysis—cited within coverage of the IC3 findings—indicates that AI has substantially increased the average financial losses year over year.
Tactical examples: how AI and social engineering are applied
Within the complaint descriptions, the report points to concrete applications of these techniques. Fraudsters use AI-generated text and voice to produce messages and calls that sound natural and emotionally convincing. In romance and confidence scams, fake profiles and tailored conversational scripts persuade targets to transfer funds. In distress scams, voice-cloning technology can mimic a loved one’s voice to create urgency and compel wire transfers or cryptocurrency payments. These capabilities make common social-engineering templates markedly more believable and can accelerate the pace at which victims are pressured to act.
FBI disruption efforts and asset recovery results
The IC3 report also documents enforcement and response activity aimed at disrupting large-scale fraud and recovering funds. The FBI’s IC3 Recovery Asset Team tracked 3,900 reported incidents and was able to freeze $679 million in assets out of $1.2 billion in attempted theft—a reported success rate of 58% for those interventions. These recoveries reflect targeted financial interventions once a lead or seizure opportunity is identified, and they are a measurable component of the bureau’s response to internet-enabled crime.
New structures focused on cryptocurrency and call-center fraud
To address evolving threats, the FBI has established new operational structures. The agency created a Scam Center Strike Force specifically to combat cryptocurrency investment fraud; the strike force’s stated objective is to identify the compounds and leadership in Southeast Asia allegedly behind many of the organized schemes reported to IC3. The report also highlights Operation Level Up, a program that identifies scams and notifies victims—78% of whom were reportedly unaware they had been targeted—and that places an emphasis on combating call-center fraud, ransomware, and data breaches.
Who is at risk and how different groups are affected
The IC3 findings draw a clear line between frequency and financial impact. Phishing and spoofing generate high complaint volumes and are used as initial vectors across many schemes. Elder fraud concentrates large dollar losses in a specific demographic. Cryptocurrency investment schemes generate a large share of aggregate monetary harm, even when the number of complaints is smaller compared with some other categories. AI-enabled scams, while fewer in count than phishing overall, carry outsized per-incident losses and increase the credibility of social-engineering attempts. The report’s data therefore suggest different protective priorities depending on whether a stakeholder is focused on incident volume, aggregate financial loss, or demographic vulnerability.
Implications for businesses, developers and consumer-facing services
The trends documented in the IC3 report have direct implications for a range of technology and business actors. Financial services and crypto platforms face heightened scrutiny because of the outsized role of investment scams in recorded losses; banks, exchanges, and wallet providers are implicated as both conduits for fraudulent flows and as potential partners in recovery and prevention. Developers working on communications platforms may confront increased demand for tools that detect AI-generated content, flag synthetic voices, and surface anomalous account behavior. Security teams and product managers should also consider how fraud detection, customer education, and reporting workflows integrate with incident response and legal processes.
Practical prevention: what the report implies victims and institutions should do
While the IC3 report itself documents complaints and enforcement outcomes rather than prescribing a single prevention protocol, its patterns point to practical measures. Reducing the success of phishing and spoofing requires basic email and account security hygiene, stronger authentication, and quicker detection/flagging of impersonation attempts. For elder-focused protections, outreach and education campaigns, tighter controls around wiring and transfer limits, and coordination with banks and family members can mitigate large-dollar losses. Addressing crypto investment fraud calls for vigilance around unsolicited investment offers, verification of platforms and counterparty identity, and cooperation with law enforcement when fraud indicators emerge. At the platform level, identifying and removing call-center and coordinated-scam infrastructure—often facilitated by cross-border investigations—remains a priority.
Broader industry and policy implications
The IC3’s report points to several larger trends that will shape industry and regulatory responses. First, the international, organized nature of many operations—coupled with alleged use of trafficked labor—underscores the need for multinational law enforcement collaboration and for private-sector partnerships that cross jurisdictional lines. Second, the infusion of AI into social engineering increases the technical challenge of distinguishing legitimate interactions from fabricated ones; this will likely spur demand for detection tools, authentication solutions, and standards around synthetic-content labeling. Third, the outsized dollar role of crypto investment fraud may accelerate regulatory and compliance attention on crypto onboarding practices, transparency of platforms, and mechanisms for transaction tracing and recovery. Finally, the demographic skew in losses—particularly the rise in elder fraud—may motivate targeted consumer-protection policies and banking safeguards.
What the report means for reporting, recovery and support services
The IC3 data also highlights gaps in awareness: Operation Level Up’s finding that 78% of notified victims did not realize they had been scammed points to underreporting and to the potential for earlier intervention. Recovery efforts that freeze assets—such as the asset-freeze work outlined by the Recovery Asset Team—show the value of rapid reporting and coordinated financial tracing. For victim-support organizations, the statistics underline the scale of demand for assistance services that combine forensic tracing, legal support, and counseling for those who have lost substantial sums.
The report’s emphasis on organized operations, geographic patterns, and specific scam modalities suggests that prevention and enforcement must be multifaceted: combining public education, platform-level defenses, rapid incident-response capability, international law enforcement cooperation, and resources for victims.
Looking ahead, the ways fraudsters blend technology, social engineering and cross-border infrastructure will shape both private-sector risk management and public policy. The IC3’s 2025 findings make clear that financial attackers are leveraging new tools and large-scale operations to increase impact, and that responses will need to match that scale with improved detection, faster coordination, and sustained international effort to dismantle exploitative networks.
