A record number of cases were filed to the fraud prevention trade association Cifas‘ National Fraud Database (NFD) in the first six months of 2024 – over 214,000 in total. That represents a 15 per cent increase compared to the same period in 2023, according to Cifas. Its 750-strong membership pass on fraud-risk data for Cifas to turn into intelligence. The trade body has raised concerns about the ease with which criminals can access artificial intgelligence and fraud toolkits to deceive UK businesses and consumers.
The data, recorded between January and June 2024, shows some tactics favoured by fraudsters – spoofing, brand impersonations, phishing campaigns, and using AI to facilitate data harvesting and social engineering. Cases of Facility (Account) Takeover filed to the NFD were up 99 per cent (that is, near double) compared to the same period in 2023 – over 37,000 cases in total. The most impacted age group were those aged over 61 (25pc), closely followed by 41-50-year-olds (23pc). Online retail and telecoms sectors represent 36pc and 40pc (respectively) of all facility takeover cases.
Phishing remains a common tactic. Members report that organised crime groups are executing high-quality and convincing brand impersonations – and using Remote Access Technology (RAT) software to take control of a consumer’s device while pretending to be customer service support – to dupe people into divulging sensitive data. Cifas suggests criminals are increasingly aware of counter-fraud controls used by businesses and regularly change tactics to avoid detection.
Over 127,000 cases of identity fraud were recorded between January and June – a 4pc increase on 2023. This was largely driven by significant increases in impersonation fraud in relation to mobile phones (up 102pc), personal store cards (up 59pc) and personal current accounts (up 19pc).
Social engineering tactics using sophisticated spoofing and brand impersonation techniques are recurring themes in the cases of identity fraud filed to the NFD. In some cases, criminals have researched LinkedIn profiles to impersonate genuine employees at financial institutions and encouraged victims to divulge personal data or transfer funds.
Over 37,000 ‘misuse of facility’ cases were recorded in the first half of 2024 – a 9pc rise compared to 2023. This is nearly one-fifth (18pc) of all cases filed to Cifas. Misuse of company accounts rose 51pc. Cifas members reported that individuals opened credit accounts with no intention of making payments – a common driver being the cost-of-living pressures. In total, more than 11,000 false application cases were made to the NFD (up 21pc).
Mike Haley, CEO of Cifas, pictured, said: “With almost 40 per cent of all reported crime a fraud, our data and intelligence demonstrates how concerned organisations should be at the ease with which criminals are able to obtain the tools to commit fraud at scale. Fraudsters continue to exploit new technologies such as AI and ‘fraud-as-a-service’ and abuse the popularity of social media platforms to defraud consumers and business.
“Combatting fraud must be a national priority. It is only through greater collaboration and sharing critical data and intelligence across all sectors including law enforcement, the private sector and government agencies, that we will be able to get on top of the UK’s fraud emergency and keep business and people safe.”
Six ways to protect yourself from fraud –
Never divulge personal information or hand over any bank details.
Don’t feel rushed/pressured into a decision you might regret later.
Check your credit file and bank account regularly.
Report any fraud to the police line Action Fraud, or call: 0300 123 2040.
Read the latest advice from the ‘Stop! Think Fraud’ campaign.
Protect your identity through Cifas’ Protective Registration service which costs £30 for two years’ cover.
Event
Cifas’ Member Forum 2024 is in London on October 16; visit https://www.cifas.org.uk/insight/events/memberforum2024.
