The FBI’s Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report. And it has revealed a record-breaking surge in cybercrime losses across the United States.
Last year, total losses reached $16.6 billion, which is a 33% increase from the previous year. Email continues to be the most exploited attack vector, with cybercriminals using it for phishing scams, business email compromise (BEC) attacks and data exfiltration at scale. Proofpoint looked at this year’s report through the lens of email security. Our review underscores the growing need for organizations to adopt layered, human-centric defenses that mitigate human-activated threats across email, cloud and collaboration platforms. Here are the top takeaways.
Read more…
Source: ProofPoint
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Thousands of Facebook accounts stolen by phishing emails sent through Google
May 4, 2026
Researchers have uncovered a long-running phishing operation that abuses trusted Google services to hijack tens of thousands of Facebook accounts. The compromised Facebook accounts are mainly business and advertiser profiles, which criminals can monetize after gaining access and control. The attackers found a way to send phishing emails that come “through Google,” making them look legitimate ...
- Thousands of official government email addresses, including plaintext passwords available online
April 11, 2026
The official email accounts of public officials all over the world have been leaked online, with many exposed alongside their plaintext passwords, making it trivial for an attacker to breach their accounts. Researchers at Proton scoured the darker side of the internet for the publicly available email addresses of government officials – and discovered thousands of ...
- Microsoft OAuth scams abuse redirects for malware delivery
March 3, 2026
Microsoft has warned organizations about ongoing OAuth abuse scams that use phishing emails and URL redirects to infect victims’ machines with malware and take over their devices. The phishing expedition targets government and public-sector organizations, according to a Monday report from Redmond’s security researchers. And while Microsoft Entra disabled the malicious OAuth applications, Microsoft’s infosec squad ...
- Hacker warns victims after leaking 6.8 billion emails online
February 12, 2026
A hacker claims to have obtained, and leaked, 6.8 billion unique email addresses – and although the claims are unverified at this time, initial reports indicate at least half of those emails are real. Researchers at Cybernews recently found a new post on a popular data leak forum created by a hacker with the alias Adkka72424 ...
- Cisco email security products actively targeted in zero-day campaign
December 19, 2025
A China-affiliated threat actor has been abusing a zero-day vulnerability in multiple Cisco email appliances to gain access to the underlying system and establish persistence. Cisco confirmed the news in a blog post and a security advisory, urging users to apply provided recommendations and harden their networks. In its announcement, Cisco said it first spotted the ...
- Google warns Gmail users to change passwords after data breach
September 3, 2025
Google is warning about 2.5 billion Gmail users to change their passwords or install a passkey following a data breach that has led to a surge in “phishing” email attacks. The data breach that prompted the warning reportedly happened at a Salesforce database that Google uses internally. The compromised information included basic business contact information such ...