Criminals exploit Covid-19 pandemic with rise in scams targeting victims online

  • Criminals used the Covid-19 pandemic to target victims online, through impersonation scams, romance fraud and investment scams.
  • UK Finance is calling for new legislation to make online platforms responsible for taking down fraudulent content and better protect consumers from these scams.
  • In 2020, Authorised Push Payment (APP)3 fraud losses amounted to £479 million, up five per cent on the previous year. Banks and other finance providers were able to return £206.9 million of the losses from APP fraud to victims, over three quarters more than the sum returned in 2019.
  • Almost £7 in every £10 of attempted unauthorised fraud3 was blocked by the banking industry last year. Unauthorised fraud fell by five per cent to £783.8 million in 2020, with the banking industry stopping £1.6 billion of losses.

Criminals turned to online and technology-enabled scams to exploit people's fears about the Covid-19 pandemic, UK Finance's latest Fraud the Facts1 report has revealed. 

Impersonation scam cases, in which criminals impersonate trusted organisations to trick victims into handing over their money, almost doubled to 39,364  cases in 2020, the largest increase of all scam types. During the pandemic, criminals sent fraudulent emails claiming to offer government support to those impacted by the pandemic and scam text messages requesting payments to book a Covid-19 vaccine. They also impersonated delivery companies to exploit the rise in online shopping.

There was a 32 per cent increase in investment scam cases last year, which are often promoted through adverts on search engines offering higher than average returns, and a 38 per cent increase in cases of romance scams, driven by the rise in online dating during the pandemic.

To capitalise on the increase in online activity during the pandemic, UK Finance has also seen the emergence of criminals openly advertising fraud and scam services for sale online, including template phishing websites and custom-built scam apps which replicate real banking apps.

UK Finance is calling for fraud to be included in the scope of the government's Online Safety Bill to better protect consumers from these scams. This would ensure that online platforms such as social media firms, search engines and dating websites take action to address vulnerabilities in their systems that are being exploited by criminals to commit fraud.

Katy Worobec, Managing Director of Economic Crime at UK Finance, said:

The banking industry has worked hard throughout the pandemic to protect customers from fraud and to go after the criminals behind it, with over £1.6 billion of fraud stopped in 2020.

?However, we are seeing a worrying rise in online and technology-enabled scams that evade banks? advanced security systems and use digital platforms to target victims directly, tricking them into giving away their money or information.

?We urge the government to use the upcoming Online Safety Bill to ensure online platforms take action to protect customers by taking down scam adverts on search engines, removing fake profiles on online dating websites and tackling fraudulent content on social media.

?It cannot be right that online firms are effectively profiting from fraud, while society as a whole pays the price.

Authorised Push Payment fraud

Authorised Push Payment (APP) fraud cases, where customers are tricked into authorising a payment to another account controlled by a criminal, increased by 22 per cent to almost 150,000 in 2020. Losses amounted to a total of £479 million, up five per cent on the previous year.  

  • Investment scams, in which a criminal convinces their victim to move their money to a fictitious fund or to pay for a fake investment, saw the highest increase in losses of any APP scam type, totalling £135.1 million.
  • Purchase scams, in which the victim pays in advance for goods or services that are never received, remained the most common form of APP fraud, accounting for 52 per cent of APP fraud cases.

Unauthorised fraud

In an unauthorised fraudulent transaction, the account holder themselves does not give permission for the payment and the transaction is carried out by the criminal. Unauthorised fraud losses fell by five per cent to £783.8 million in 2020. The banking and finance industry prevented £1.6 billion of attempted unauthorised fraud and continue to invest in advanced security systems to detect and prevent fraudulent activity. This means that £6.73 in every £10 of attempted unauthorised fraud was blocked by the industry last year.

Lockdown restrictions have caused criminals to turn away from more traditional forms of fraud.

  • Contactless card fraud losses fell by 22 per cent to £16 million, the first annual fall since this data started being collected in 2013. This is likely to be related to lockdown restrictions limiting opportunities for criminals to commit contactless fraud using lost and stolen cards.
  • Cheque fraud losses saw a significant fall of 77 per cent to £12.3 million, likely driven by the continued fall in the use of cheques, which has been exacerbated by the impact of lockdown restrictions.

Working with law enforcement

The banking industry works closely with the police to prevent fraud and catch and prosecute the criminal gangs responsible. In 2020:

  • The Banking Protocol, a bank branch rapid response scheme, stopped £45.3 million of scams and led to 200 arrests.
  • The Dedicated Card and Payment Crime Unit police unit, which is funded by the banking industry, prevented an estimated £20 million of fraud, arrested 122 suspected fraudsters, and carried out enforcement activity against criminals involved in Covid-19 scams. The unit also worked with social media platforms to take down 700 accounts linked to fraudulent activity, of which over 250 were money mule recruiters.
  • 2.1 million compromised card numbers were protected after being shared by law enforcement with the industry via UK Finance's Intelligence and Information Unit.

Staying safe

UK Finance urges customers to follow the advice of the Take Five to Stop Fraud campaign, and remember that criminals are experts at impersonating people, organisations and the police. They spend hours researching you for their scams, hoping you?ll let your guard down for just a moment. Stop and think. It could protect you and your money.

  • Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.
  • Challenge: Could it be fake? It's ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.

Protect: Contact your bank immediately if you think you?ve fallen for a scam and report it to Action Fraud.

Area of expertise:

Notes to editor

<p>UK Finance is the collective voice for the banking and finance industry. Representing more than 250 firms across the industry, we act to enhance competitiveness, support customers and facilitate innovation.</p>
<ol><li>UK Finance?s Fraud the Facts 2021 can be found <a href="…;
<li>APP Voluntary Code reimbursement statistics can be found on page 55 of the Fraud the Facts report.</li>
<li>In an unauthorised fraudulent transaction, the account holder themselves does not give permission for the payment to proceed and the transaction is carried out by the criminal while in an authorised push payment fraudulent transaction, the genuine customer themselves makes the  payment to another account which is controlled by a criminal.</li>
<li>The banking and finance industry is committed to tackling fraud and scams by:</li>
</ol><ul><li>Investing in advanced security systems to protect customers from fraud, including real-time transaction analysis. The industry prevented £1.6 billion of unauthorised fraud in 2020, equivalent to £6.73 in every £10 of attempted unauthorised fraud being stopped.</li>
<li>Working with the government and law enforcement to establish clear strategic priorities, improve accountability and coordination through the Economic Crime Strategic Board, jointly chaired by the Home Secretary and the Chancellor. This includes supporting the <a href="… Crime Plan</a>, to harness the combined capabilities of the public and private sectors to make the UK a leader in the global fight against economic crime. We are also working with the Government, law enforcement and regulators to develop a more advanced Fraud Action Plan. This will need to include a focus on prevention and tackling money laundering as well as the law enforcement response.</li>
<li>Sharing intelligence on emerging threats with law enforcement, government departments and regulators through the <a href="… Economic Crime Centre</a>. This drives down serious organised economic crime, protecting the public and safeguarding the prosperity and reputation of the UK as a financial centre.</li>
<li>Sharing intelligence across the banking and finance industry on emerging threats, data breaches and compromised card details via UK Finance?s Intelligence and Information Unit (I&I Unit). In 2020, 2.1 million compromised card numbers were received through our law enforcement strategic partners, and disseminated via the I&I unit to enable card issuers to take the necessary precautions to protect customers.</li>
<li>Working with law enforcement to stop fraud through initiatives like the <a href="… Protocol</a>, a scheme which allows bank branch staff to alert the police when they think a customer is being scammed. This has prevented a total of £142 million of fraud and resulted in 843 arrests since introduced in 2016. It is currently being expanded to telephone and online banking, which has been particularly important for vulnerable customers who have been unable to visit their local branch as a result of the Covid-19 lockdown restrictions.</li>
<li>Fully funding a specialist police unit, the Dedicated Card and Payment Crime Unit (DCPCU), which tackles the organised criminal groups responsible for financial fraud and scams.</li>
<li>Working with text message providers and law enforcement to <a href="…; scam text messages including those exploiting the Covid-19 crisis. 1087 unauthorised sender IDs are currently being blocked to prevent them being used to send scam text messages mimicking trusted organisations, including over 70 related to Covid-19.</li>
<li>Working with <a href="…; to crack down on number spoofing, which has prevented criminals from spoofing the phone numbers of trusted organisations, including HMRC.</li>
<li>Working with Cifas on the <a href="… Be Fooled</a> campaign, which aims to inform students and young people about the risks of giving out their bank details and deter them from becoming money mules.</li>
<li>Tracking suspicious payments and identifying money mule accounts using the <a href="… Insights Tactical Solution (MITS)</a>, a technology developed together with Pay.UK.</li>
<li>Working with Pay.UK to implement Confirmation of Payee, an account name checking service that helps prevent authorised push payment scams. The measure was implemented by the UK?s six largest banking groups in 30 June 2020 and has since expanded to cover over a dozen payment providers. More providers are expected to sign up in 2021.</li>
<li>Helping customers stay safe from fraud and spot the signs of a scam through the <a href="… Five to Stop Fraud</a> campaign. 30 major banks and building societies have signed up to the new <a href="… Five Charter</a>, bringing the industry together to give people simple and consistent fraud awareness advice.</li>
<li>Developing a secure mechanism to enable firms to share information about confirmed APP frauds with a view to enhancing the industry?s ability to freeze and repatriate funds.</li>