Deception scams drive increase in financial fraud
March 18th 2016
Financial fraud losses totalled £755 million in 2015, according to figures published by Financial Fraud Action UK (FFA UK), a 26% increase on the previous year.
Please have a look around this website for information and advice on how to protect yourself from fraud.
The data highlights the increasing threat posed by impersonation and deception scams, alongside the growth in sophisticated online attacks such as data breaches and malware, showing the importance of protecting personal information. The figures also reveal that bank and card company security systems detected and prevented a total of £1.76 billion of fraud from occurring in 2015 – equivalent to £7 in £10 of potential fraud being stopped. The 2015 financial fraud figures show:
- Fraud losses on UK payment cards totalled £567.5 million in 2015, an 18% increase from £479 million in the previous year. A total of £843.6 million of attempted card fraud was prevented by banks and card companies – equivalent to £6 in every £10 of fraud being stopped.
- Over 2015, card spending increased by 7%, meaning card fraud as a proportion of spending equates to 8.3p for every £100 spent.
- Remote banking fraud losses totalled £168.6 million, a 72% rise from £98.2 million in 2014. A total of £524.6 million of attempted remote banking fraud was stopped by bank security systems, equivalent to £8 in £10 of fraud being prevented.
- Cheque fraud losses totalled £18.9 million in 2015, a 6% fall from £20.2 million in 2014, and the lowest ever annual total. A total of £392.8 million of attempted cheque fraud was prevented by bank security systems, equivalent to £9.50 in every £10 of fraud being prevented.
Katy Worobec, Director of Financial Fraud Action UK, said: “Banks work extremely hard to protect their customers, using highly sophisticated security systems which stopped 70% of attempted fraud from occurring last year. Any increase in fraud is unwelcome but the industry is continually evolving its response to fraud as it develops. This includes investing in new detection and verification tools, working with law enforcement and educating customers of dangers.
“With the continued rise in impersonation scams and data breaches it’s vital that all customers are alert to the dangers. Everyone should be very cautious about giving out personal or financial information, and organisations holding data need to do all they can to protect people’s private details.”
The key drivers of the changing fraud figures during 2015 were:
- Impersonation and deception scams in which criminals approach customers claiming to be from a trusted organisation, such as a bank, the police, a utility company or a government department. The criminals aim to obtain personal and financial details that will then be used to commit fraud. These scams often involve a phone call, text message or email claiming there has been suspicious activity on a customer’s account or that their account details need to be ‘updated’ or ‘verified’. Criminals also attempt to trick people into transferring money directly to them.
- Criminals’ use of information gained through data breaches. There have been several high profile breaches reported in 2015, as well as many other smaller-scale attacks. The stolen data is used to commit fraud directly, for example using stolen payment card details online to commit remote purchase fraud. Other information obtained through a breach may be used in impersonation scams, while the publicity around the incident itself can be used to add authenticity to the scammers’ approach.
- The use of malware [malicious software which is unknowingly downloaded onto a computer] and phishing emails to compromise customers’ security and personal details.
The industry is continuing to tackle financial fraud by:
- Investing in new, innovative security tools, including ever more sophisticated ways of authenticating customers, such as using biometrics and customer behaviour analysis.
- Working with government and law enforcement in the new Joint Fraud Taskforce, launched by the Home Secretary in February 2016, to use the collective powers, systems and resources of government, law enforcement and industry to crack down on financial fraud.
- Fully sponsoring a specialist police unit, the Dedicated Card and Payment Crime Unit, which has launched a project specifically focussed on cybercrime. •
- Developing a national multi-sector awareness campaign to educate customers on how they can protect themselves from fraud.
To help fight the rise in impersonation and deception scams, FFA UK is urging customers to be vigilant of any unsolicited phone calls, text messages and emails and to be extremely cautious about giving out any personal and security information unless absolutely sure they know who they are dealing with. Customers are reminded that their bank or the police will never call them to ask for their online banking passwords or 4-digit card PIN, or to transfer money to a new account for fraud reasons.
With fraudsters using stolen information gained through data breaches to commit fraud and aid deception scams, FFA UK is also urging all organisations that hold personal and financial data to improve their security systems in order to prevent data breaches. FFA UK is also reminding retailers selling remotely that there are a number of tools they can use to build up a profile of their customer, verify the cardholder and ensure they receive payment securely.
Tony Blake, senior fraud prevention officer for the Dedicated Card and Payment Crime Unit, said: “Criminals will do all they can to make their approach seem genuine, so it’s important to be vigilant. Don’t take someone at their word – people aren’t always who they claim to be, even if they know a bit of information about you already.
“If you receive a call, text or email out of the blue asking for your personal information, hang up the phone and do not reply directly. Instead, wait five minutes and ring your bank to alert them to the scam, using a phone number that you trust – such as the one on the back of your bank card or from the official website.”