The FBI just put a number on what the cybersecurity industry has been warning about for two years: AI-powered crime is here, it is measurable, and it is growing faster than anyone expected.

The bureau's 2025 Internet Crime Report, released this week, reveals that total U.S. cybercrime losses hit a record $20.87 billion last year. Within that total, the FBI tracked 22,364 complaints specifically involving AI, accounting for $893 million in direct losses. That is the first time the FBI has broken out AI-related crime as its own category. The fact that they felt the need to tells you everything about how fast this is moving.

But the $893 million figure almost certainly undercounts the real damage. The FBI's classification requires that AI be the primary tool in the crime. When a scammer uses AI to generate a deepfake voice of your CEO requesting a wire transfer, that gets tagged as AI fraud. When a scammer uses ChatGPT to write a more convincing phishing email that leads to a traditional wire fraud, that gets tagged as business email compromise. The AI made it possible, but the FBI counts it under the old category.

Cyber-enabled fraud, the broader bucket that captures these overlapping cases, accounted for 453,000 complaints and $17.7 billion in losses. Nobody knows exactly how much of that $17.7 billion was made possible or significantly enhanced by AI tools. But the cybersecurity industry estimates the real AI-assisted figure is several times the FBI's conservative count.

The report confirms what security researchers have been demonstrating in labs for the past year: AI dramatically lowers the skill floor for cybercrime. You no longer need to speak fluent English to run a convincing phishing campaign. You no longer need video editing skills to create a deepfake. You no longer need to understand code to find and exploit software vulnerabilities. AI turned cybercrime from a skilled trade into a point-and-click operation.

This report lands at a moment when the AI security conversation is already at fever pitch. Anthropic's Mythos model found zero-day vulnerabilities in every major operating system. Multiple governments have called emergency meetings about AI-enabled hacking. The Treasury Secretary and Fed Chair held a joint session about AI cybersecurity risk. The FBI report does not mention Mythos specifically, but it provides the baseline data that makes those panic meetings look proportionate.

The policy response is going to define the next decade of AI regulation. Right now, the companies building the most powerful AI models have no legal obligation to prevent their tools from being used for fraud. OpenAI, Anthropic, and Google all have acceptable use policies, but enforcement is reactive and inconsistent. The FBI report gives regulators the ammunition they have been looking for: a dollar figure attached to AI-enabled harm, from a source nobody can dismiss.

Twenty billion dollars in total cybercrime. Nearly a billion from AI alone. And that is the number from 2025, before the current generation of models was widely available. If you think this number is going down in 2026, you have not been paying attention.