Cifas, the UK’s fraud prevention service, has released a new report identifying and detailing the fraud trends from over 300,000 cases of fraudulent conduct recorded in 2017. The data, which emanates from 306 organisations (including many major UK brands), underpins one of the most comprehensive pictures of fraud and fraudulent attempts in the UK. Although there has been an overall drop of 6% in cases recorded by Cifas members, the new figures show concerning increases in some areas.
Identity fraud has continued to rise, hitting an all-time high of 174,523 cases in 2017 (up 1% from 2016). 95% of these cases involved the impersonation of an innocent victim. Eight out of ten fraudulent applications were made online. There has been a 27% increase in 14 to 24 year olds becoming ‘money mules’. Overall, the number of bank accounts identified as being used as ‘mule’ accounts ise up by 11%, while more than a third of bank account takeover victims were over 60 years of age. In addition, organisations successfully prevented over £1.3 billion in fraud losses through non-competitive data sharing.
The number of identity frauds increased once again in 2017, with almost 175,000 cases recorded. Although this was only a 1% increase compared with 2016, it’s a 125% increase when set against the figures from ten years ago. The difference this year over previous years is that the increase isn’t down to a rise in fraudulent applications for plastic cards and bank accounts, which are the products most frequently targeted by identity fraudster, but rather due to targeting of other sectors such as telecoms, online retail and insurance.
This ‘re-targeting’ by identity fraudsters can be seen as a shift towards more accessible products, like mobile phone contracts, online retail accounts, retail credit loans and short-term loans.
Also increasing last year was the number of money mules – ie individuals who allow their bank account to be used to facilitate the movement of illegal funds. It’s a form of money laundering. Individuals are being targeted online by criminals promising ‘easy cash’, or otherwise being encouraged by an acquaintance to transfer funds for them in exchange for a payment.
In 2017, Cifas members identified almost 11% more bank accounts that bear the hallmarks of money mule activity than they did in 2016. Over 32,000 cases have been identified. Criminals are continuing to target younger people: there was a reported 27% growth in the number of people aged 14 to 24 that have been identified as carrying out this type of fraud.
The findings also reveal that more than a third of victims of bank account takeovers were over 60, so age is a key consideration for facility hijackers when selecting whom they target.
Fraud continues to evolve
Cifas deputy CEO Mike Haley commented: “It’s clear from this year’s Fraudscape report that fraud in the UK continues to evolve. As some targets become harder to crack, criminals turn to what they consider are softer targets. Fortunately, many of these sectors, such as telecoms and insurance, share their fraud data through Cifas and are detecting more fraud attempts. As fraudsters see their attempts to obtain these products become more difficult, the question will arise about where they will target next.”
Haley continued: “The small reduction in the overall number of detected frauds is welcome, but it’s hard to say whether we’re beginning to see the turning of the tide. The absolute volume of fraud is still frighteningly high. Much more work still needs to be done to reduce its prevalence, including greater collaboration and the sharing of fraud risk data between industry, Government and law enforcement. Working together, organisations who are members of Cifas prevented over £1 billion worth of fraud last year. Cifas will continue to lead the way in the fight against fraud and financial crime.”
Conor Burns MP, chair of the All-Party Parliamentary Group on Financial Crime and Scamming, said: “Fraud is the 21st Century volume crime. The issue isn’t going to go away. With more and more people sharing data, transacting and setting up businesses, this trend is only going to continue. That’s why I set up the All-Party Parliamentary Group on Financial Crime and Scamming last year in order to raise awareness of this issue within Parliament. Fraudscape shows how prevalent this crime is and all of us – Government, industry, third sector and individuals alike – have a role to play and a responsibility in preventing it.”
Threat landscape in flux
Nick Gaubitch, research director (EMEA) at Pindrop, explained: “With a threat landscape constantly in flux, Cifas’ latest report shows some worrying trends. In 2017 alone, there were 175,000 cases of identity fraud reported. In fact, four out of five victims targeted had their genuine addresses compromised. Sadly, this statistic isn’t surprising. Last year, Pindrop uncovered that 61% of consumers provide answers to their security questions, such as date of birth and personal address on their social media profiles. 18-24 year olds were the worst offenders, with 80% confirming they had at least one piece of valuable information on social media. For many organisations this data is used as knowledge-based authentication questions. It’s the first line of defence against the fraudster. If breached then the fraudster has free reign to attack accounts and steal funds.”
Gaubitch went on to state: “We know that fraudsters are becoming increasingly sophisticated. It’s down to businesses to ensure that all channels of access are robustly defended. With Call Centre fraud attacks having risen 113%, the phone channel is a particularly vulnerable area of the business. Online security has matured exponentially in the last decade, given the fact that fraudsters’ methods have advanced at an even faster pace. However, phone security remains one of the weakest lines of defence.”
At the same time, technology has reached an equally significant peak in sophistication. Technology that combines machine learning with voice biometrics like Phoneprinting is one of those on the front line combating voice fraud before it becomes an issue. It creates an ‘audio fingerprint’ of each call by analysing over 1,380 unique call features, such as voice, location, background noise, number history and call type. It highlights unusual activity, identifies potential fraud and deters fraudulent callers. It cracks down on fraudulent tactics like caller ID spoofing, voice distortion and social engineering with no need for customers to provide any additional information.
Take Five campaign
Cifas actively supports the Take Five campaign, which asks consumers to help protect themselves from financial fraud by remembering some simple advice:
*Never disclose security details, such as your PIN or full password – it’s never right to reveal this information
*Don’t assume an e-mail request or caller is genuine – people are not always who they say they are
*Don’t be rushed – a bank or genuine organisation will not mind waiting to give you time to stop and think
*Listen to your instincts – if something feels wrong then it’s usually right to pause and question it
*Stay in control – have the confidence to refuse unusual requests for information