Cases of identity fraud and facility takeover fraud reached a new high in 2016, according to Cifas, the counter-fraud trade association whose members include banks and insurers. Cifas members reported some 195,444 cases last year, compared with 185,089 in 2015 and 132,616 in 2014.
Facility takeovers increased by 45pc from 15,497 to 22,525, more than half done over the phone, typically to call centre staff. Most, 88pc of identity frauds were committed online, compared to 30pc of facility takeovers done online. A facility takeover happens when a fraudster poses as a genuine customer, gains control of an account (whether bank, credit card, telephone, email or other services) and uses it for their own ends – such as making transactions or ordering new products. The fraudster may use data breaches, social media footprints and other open source information, to get hold of the level of detailed information needed to do a takeover; fraudsters may then contact their victims directly and manipulate them into revealing yet further personal details. Once they have enough personal data, fraudsters call the bank, phone retailer, or service provider, armed with enough information to convince call centre staff that they are their genuine customer
Cifas Chief Executive, Simon Dukes said organisations prevented £1 billion of fraud last year, but as one method of fraud gets harder, fraudsters change tactic rather than stop. “We are now seeing that the advances made in securing online access to customer accounts have led to fraudsters targeting the human being at the end of the phone. Using old-fashioned but highly-effective con artistry, they are tricking individuals into giving away their personal details and deceiving call centre staff into making transactions on their victims’ accounts. The proliferation of personal data that is available either online or through data breaches only makes this easier.
“When people are targeted, education is key and we urge the next government to do more to ensure that individuals know how to avoid these tricks and can recognise the signs of a scam. Organisations, too, must focus on education for call centre staff and ensure they make the most out of new technology.”
City of London Police’s National Coordinator for Economic Crime, Commander Dave Clark said: “Whilst national reporting of fraud and cyber crime has some way to go in representing the true scale and threat to our citizens and businesses in the UK; I welcome the stark reality that Cifas’ Fraudscape figures show from their member organisations. There are clear indicators in Fraudscape as to the key enablers of fraud being exploited by criminals; such as the telephone, online targeting and the fraudulent use of identity. The City of London Police and Cifas will continue to work with cross sector partners to pursue and disrupt fraud whilst also providing the most up to date protection advice to citizens and businesses.”
Comments
John Marsden, Head of Identity and Fraud at Equifax says: “The latest CIFAS figures show over 325,000 fraud cases last year, and that 60 per cent of these related to identity theft. This type of fraud is reaching an industrial scale; as criminals’ tactics grow more sophisticated there’s an increasing danger of personal details falling into the wrong hands.
“Fighting identity fraud must remain a top priority for businesses – they must ensure the systems they have in place to deflect fraudsters are up to scratch. This isn’t a tick box exercise, systems need to be regularly reviewed and improved to protect against new types of attack. At the same time businesses need to manage customer demands for fast authentication checks and quick application processes.
“The fight against fraud mustn’t prevent good customers from getting fast and efficient service. If their expectations aren’t met they will take their money elsewhere, a business risk in itself. Balancing speed of service and security is key.
“It’s crucial businesses do all they can to build, enhance and continuously develop their defences. Fraudsters are always on the move, on the hunt for their next trick, expanding their target pool and focusing on the identities of younger generations as well as older folk. Information from young people grows in value as earnings rise and people take on more financial products. Accumulating these details now is an investment in the fraud of tomorrow. Action has to be taken by businesses and end consumers to protect personal information at all ages; today’s complacency is tomorrow’s nightmare.”
