Financial fraud in the first half of 2016 increased by a quarter to total a staggering £399.5 million, enabled by scams and online attacks. That’s according to new figures published by Financial Fraud Action UK (FFA UK). The good news is that banks’ security systems have continued to prevent the majority of fraud from taking place, with prevented fraud totalling an impressive £678.7 million. This is equivalent to £6 in every £10 of attempted fraud being stopped.
Total financial fraud losses across payment cards, remote banking and cheques were £399.5 million in the first half of the year, representing a 25% increase on the same period in 2015 (when total losses stood at £320.3 million).
Losses on payment cards – which include remote purchase fraud, lost and stolen cards, card not received, counterfeit card and card ID theft – stand at £321.5 million, compared to £244.6 million in the first half of 2015. That’s an increase of 31%. The prevented loss for cards is £475.7 million.
Remote purchase fraud increased by 31% to £224.1 million between January and June. That figure compares to £171.7 million in the same period of 2015. Intelligence suggests that fraudsters are using card details obtained with malware and data breaches, while there are more opportunities to commit such crimes because of the growing number of e-commerce sites.
There was a slight increase in remote banking losses, which are up from £66.2 million in the first half of 2015 o £70.6 million with a prevented loss of £103.2 million. Scams continue to drive remote banking fraud, with criminals tricking victims into handing over their money or banking details.
A full set of data has been released by FFA UK, which leads for the industry on tackling financial fraud and last month launched Take Five, a national awareness campaign to combat fraud.
Robust security systems
Katy Worobec, director of FFA UK, informed Risk UK: “Banks use a range of robust security systems to protect their customers, but as these systems become more sophisticated, criminals have increasingly been turning to scams and exploiting data breaches to con victims out of their personal and security information as well as money. Banks will continue to invest in advanced verification methods, including biometric validation and dynamic card security codes. We ask all consumers to be alert to scammers, which is why we recently launched the Take Five campaign. The industry takes its responsibility to combat fraud extremely seriously, but banks cannot stop all fraud on their own. It’s essential that all organisations with a role to play work together to better protect individuals and companies.”
FFA UK is urging customers to be vigilant of any unsolicited phone calls, text messages and e-mails and to be extremely cautious about giving out any personal and security information unless absolutely sure they know with whom they’re dealing.
Customers are reminded that their bank or the police will never call them to ask for their online banking passwords or four-digit card PIN, or to transfer money to a new account for fraud reasons.
FFA UK is also urging all organisations that hold personal and financial data to improve their security systems in order to prevent data breaches. Retailers selling remotely can also use a number of tools to build up a profile of their customer, verify the cardholder and ensure they receive payment securely.
Anyone who thinks they have been a victim of fraud should contact their bank and Action Fraud immediately.
Leading role in the Joint Fraud Task Force
Combating fraud and protecting the public requires the involvement of many different parties which is why FFA UK is playing a leading role in the Joint Fraud Task Force. The Task Force is using the collective powers, systems and resources of Government, law enforcement and industry to crack down on financial fraud.
Tony Blake, senior fraud prevention officer at the Dedicated Card and Payment Crime Unit (the FFA UK-sponsored unit headquartered at the City of London Police which investigates fraud) said: “Fraudsters can be very convincing and often pose as representatives from a trusted organisation in order to appear genuine. If you’re asked to transfer some money or provide your personal details and you think it could be a scam, take five minutes to think about what you are being asked to do. A genuine organisation isn’t going to mind if you take time to check who you are speaking to, because people are not always who they say they are.”
John Marsden, head of ID and fraud at Equifax, has commented on the urgent measures businesses must take to combat the fraudsters. “Cyber and ID fraud dominate the fraud landscape, and online scams and attacks continue to rise. At the same time, e-commerce is growing and is a tempting prospect for fraudsters looking to use identity and payment data such as credit and debit card information they have gained via the vast ‘carders markets’. Fraudsters are sophisticated and can easily gather information which can then be used to open accounts and make purchases online fraudulently.”
Marsden continued: “This situation is exacerbated by an increasing frequency of data breaches by hackers who can then sell this data on to other criminals. In addition, a frightening number of consumers are also still being tricked into handing over their personal data. This usually occurs when a criminal is able to convince an individual that they’re e-mailing or calling from a legitimate organisation and they need to verify their personal details. Using this information, the criminal fraud networks can create high quality ID data to sell via The Dark Web.”
Educating customers, sharing information
Continuing this theme, Marsden opined: “The financial services industry has to work together, educating consumers and sharing information to help collectively tackle this criminal activity. The focus must be two-fold. It’s vital that any organisation holding personal data continuously evolves the systems and processes in place to keep that information safe. Equally, any business handling financial transactions has to take every possible step to ensure the customer they are dealing with is genuine.”
In conclusion, Marsden told Risk UK: “It’s clear that passwords alone are no longer enough. Fraudsters are wise to our thinking when we create a password, making them all too easy to crack. This is why businesses need to invest in new technology like biometrics and device recognition and create multiple layers of defence. The criminals don’t stand still, so it follows that businesses of all sizes need to work hard to stay ahead.”