Be Fraud Aware: Remaining vigilant with fraud on the rise
Fraud has reached epidemic levels in the UK. The Royal United Services Institute, a think tank, recently described fraud – now the most prevalent crime in the country – as a national security issue.
It’s estimated that fraud losses in the UK totalled £137 billion last year, with a 19.8% increase in cases due to Covid-19. The rise in online transactions, technology usage and remote banking during the pandemic has accounted for this trend, leaving consumers more exposed to fraudsters.
Although fraud has become more common, the threats have changed. While traditional card and cheque fraud has declined, we’ve seen increases in remote banking and cases of authorised push payment (APP) fraud rise significantly.
APP fraud – where the customer is tricked into authorising a payment to an account controlled by a criminal – is currently the most common type of fraud in the UK. It accounted for 44% of all fraud losses in the UK in 2021. Here, the fraudster uses tactics such as scam phone calls, text messages and emails, as well as fake websites and social media posts, to trick people into handing over personal details and passwords.
This was followed closely by payment card fraud (40%), which includes counterfeit cards, lost and stolen cards, and card ID theft. There is then a sharp drop in the third most common type of fraud: remote banking fraud (15%), where hackers are able to gain access to a person’s online or mobile banking.
We won’t go into specific types of fraud in this post– rather, this is an introduction to the UK’s current fraud landscape along with some advice on how best to navigate it. Future blogs in our Be Fraud Aware series will be dedicated to the major categories.
Ten top tips to safeguard against fraud
The Banking Protocol, a rapid scam response scheme initiative where banks and police work together to identify and help potential fraud victims, prevented £60.7 million of fraud losses in 2021. That’s 34% more than in 2020. But what happens to fraud cases that are not prevented?
Just 4,924 out of over 5 million fraud offences – one in every 1,000 – resulted in a charge last year, according to the Office for National Statistics’ (ONS) annual survey of crime.
With prosecution rare, it’s essential that people are vigilant in spotting and preventing fraud. So, here are our ten top tips for how to protect yourself from fraud:
1. Be aware of offers that are ‘too good to be true’
If an offer is too good to be true, the chances are it probably is. Whether a knockdown price for that highly sought-after product, promises of a get-rich-quick scheme, or even investment schemes that seem genuine, the advice is the same - view any attractive offers with a healthy degree of scepticism.
Crypto currency scams are becoming increasingly common. This is where people are being encouraged to take out loans or use their hard earned savings to invest (sometimes more than they can afford) in crypto. In some instances people are even being asked to pay scammers to release their own funds from existing investments. This can quickly spiral into taking out several loans to release funds that won’t be returned.
2. Don’t give in to pressure tactics
Fraudsters often inject a sense of urgency into their scams. Information or action is always needed that day or within the hour.
Ask yourself: ‘Would a genuine, credible business behave like this?’
If the answer is no (and it usually is), it’s best to walk away and cease any communication with the individual or organisation that’s seeking something from you.
3. Prevent access to your digital devices
As noted, remote banking fraud is on the rise. One of the main reasons for this is that we live much of our lives through our smartphones and laptops – these devices hold so much personal data, which if compromised, opens us up to the risk of having our remote banking platforms exploited.
To that end, avoid sharing your personal devices with anyone you don’t know well. This includes avoiding remote desktop scams.
Remote desktopping is when someone is able to access your device from afar – usually because you’ve downloaded software which allows them to see and use your device as if they were sitting right in front of it. Fraudsters will claim they need remote desktop access to (ironically) tackle cybersecurity threats, help with computer issues or even set you up with an investment platform. From here they can obtain passwords, personal information or gain direct access to remote banking platforms.
Again, just as with handing over a physical device, never trust anyone you don’t know personally with remote desktop access. You wouldn’t unlock your phone, tablet or laptop and pass it to a stranger with all of your personal and banking information on it, but this is exactly what remote desktop access provides, so take care.
4. Only communicate through secure channels
From instant messaging and texts through to social media messages, emails and phone calls, there are so many ways to communicate with one another today. But banks and financial services companies will typically be very clear in how they will – or will not – contact you. Reputable retailers are similar.
If someone phones you from one mobile number to another, claiming to be the employee of a particular company, and you’re not sure if they're genuine - hang up. Call the company directly, or use trusted platforms to see if they are trying to reach you.
When communicating with your bank, secure channels through banking apps and online platforms is usually the best bet.
5. Watch out for phishing
Phishing scams, like many types of fraud, have become increasingly sophisticated in recent years. Typically taking the form of emails or websites, they’re designed to extract information and money from individuals by impersonating genuine businesses.
The font, language, logo and layout can all mirror what you would expect to see from your bank or favourite retailer. But be very careful before clicking on any links, opening any email attachments or sharing any information.
In the case of emails, check the sender's address. It might look correct, but on closer inspection you might notice that a vowel is missing, two letters are swapped around, or the domain name is a little different to what it ought to be. If in doubt, delete the email and contact the supposed sender through official, trusted and secure channels.
If you’re unsure that a website from a financial services provider is genuine, visit the FCA Register at https://register.fca.org.uk/s/ where the genuine website URL will be quoted alongside other contact details.
6. Take care with your personal information
The more people who know your personal details, the greater the risk of fraud. From your name and date of birth, through to your address, mother’s maiden name or Netflix password, there are a lot of details that can become known to those closest to us. But ensure personal information is shared with as few people as possible, and even then, be careful. Children, parents, and partners can fraudulently take out loans in your name, knowing all of the personal information required.
7. Monitor your accounts frequently
Spotting fraud quickly can help in preventing further issues, limiting the financial damage and allowing authorities to act. Checking your bank accounts regularly is the best way to do this – make sure monies in and out are as you would expect.
Checking your accounts at least monthly, but ideally weekly, or even daily, is advisable.
8. Use optimised passwords and multi-factor authentication
Having the same password for multiple services and platforms is dangerous. As soon as the password is compromised on one, it’s compromised on all.
It is wise to have different passwords for as many logins as possible, and to ensure those passwords are optimised. This means avoiding predictable words (like your name, or your partner or child’s name) in the password and making sure there is a mix of upper and lowercase letters, numbers and special characters. To make it easier to remember multiple secure passwords, consider using a password manager like Keeper or LastPass.
Multi-factor authentication, or MFA, should also be used wherever possible. This means linking a password with, say, a phone number – to successfully login, you would therefore need to know the magic word, but also have access to your phone to input the unique one-time-passcode that you’re sent.
Microsoft states that MFA can prevent 99.9% of attacks on your accounts.
9. Do background research
It is normal that upon receiving a questionable email or text message, we will wonder whether it is genuine or a scam. All of the advice above will help inform the answer and how to respond.
But, of course, doing your own background research is also hugely valuable. Conducting a search around an email address, phone number, name or organisation could immediately show you to avoid them at all costs.
More generally, staying abreast of the latest fraud tactics and trends can keep you a step ahead of scammers.
10. Report fraud and suspicious activity immediately
Reporting fraud and suspicious activity as quickly as possible is crucial. It will help put a stop to the activity quickly, limiting the damage that can be done to your finances. And it will also help prevent others from falling foul to the same fraudster.
It will also improve the chances of a bank or the police being able to take successful action before a fraudster has covered their tracks and moved on to another scam.
For more information, visit these useful resources that provide insight and advice on fraud and how to defend against it:
If you need to report fraud, get in touch with your bank or whoever provides the financial product in question, whether that’s a loan, credit card, savings account or so on. The links below are also useful sources to report fraud or receive advice.