October 15, 2021

Welcome to Britain, the bank scam capital of the world

By ellen

LONDON (REUTERS) – It was an e-mail offering a discount on an electric toothbrush that began the sequence of events that ruined Anna’s life.

Within minutes of entering her card details, she got a call from her bank telling her fraudulent transactions were being made. The next day a Robert Clayton from Britain’s Financial Conduct Authority called to say they were pursuing the criminals responsible but that her savings were at risk.

There was no toothbrush, though. No fraud department, no Robert Clayton. They were all part of a scam to gradually siphon off Anna’s life savings, and within a few weeks the plot had succeeded, to the tune of about £200,000 (S$368,900).

“I am still in shock, the guilt and shame are impossible to convey,” said the 78-year-old widow from central England, who did not want her full name to be used in this story.

She is one of thousands of people who have seen savings swept away this year by an unprecedented wave of online bank fraud hitting Britain, where you’re more likely to be a victim of online fraud than any other crime.

The country is the global epicentre for such attacks, according to five of the biggest British banks and more than a dozen security experts who said scammers were buying up batches of consumers’ personal details on the dark net to target the record numbers shopping and banking online since the coronavirus pandemic.

The country’s super-fast payments infrastructure, relatively light policing of fraud-related crime, plus its use of the world’s most widely used language English, also made it an ideal global test bed for scams, the banks and specialists added.

A British record of £754 million was stolen in the first six months of this year, up 30 per cent from the same period last year, according to data from banking industry body UK Finance, and up more than 60 per cent from 2017, when it began compiling the figures.

That represents a per capita fraud rate roughly triple that seen in the United States last year, according to a Reuters calculation from UK Finance and the latest available Federal Trade Commission data.

“The most sophisticated fraud tends to start in the UK, and then move two years later to the US and then around the world,” said Ms Ayelet Biger-Levin, vice-president of product strategy at US-based cyber-security firm BioCatch, which provides anti-fraud technology to banks.

“In the last 12 months we have seen more fraud attacks than we had seen in any other year in history. Data breaches have also accelerated, so there’s a lot more personal information out there that criminals can take advantage of.”

Fast payments, fast fraud?

The government’s National Economic Crime Centre (NECC) agrees with the banking sector’s assessment that fraud represents a threat to British security.

“It is growing from an already enormous scale,” said Mr Chris Reed, fraud threat lead at NECC, which he said was meeting at least every month with bank bosses, technology executives and telecoms companies to assess and respond to threats.

Britain’s Faster Payments’ network, which allows transfers between bank accounts to settle instantly rather than in hours or days as in the US and other developed banking markets, means criminals can rapidly spirit away funds.

“The faster payment system has facilitated faster fraud,” said fraud expert Richard Emery, who is advising Anna and 63 other scam victims whose average loss is £102,000.

Pay.UK, which runs the network, said the system supported the British economy, consumers and businesses. It added that criminals were getting better at exploiting digitisation and that it was working with the industry and regulator to fight fraud.

While security experts and senior bankers said many fraud attacks could be traced overseas – including from India and West Africa – Britain is also increasingly exporting attacks.

Crimes such as authorised push payments – where people are tricked into authorising a payment by a criminal posing as their bank or other trusted company – are proliferating globally after having started off as a largely British phenomenon.

The country ranks second in the world behind the US as a source of automated bot attacks, the fastest-growing type of fraud attack in the world, according to data from LexisNexis Risk Solutions, a financial crime analysis firm.

Bot attacks see criminals use a high volume of stolen identity credentials to overrun a website, allowing them to set up new accounts or access existing ones.

“It’s popular to say the fraud threat is imported into the UK, and I don’t think that bears analysis,” said NECC’s Mr Reed. “There is a significant UK nexus to a lot of fraud, our operational experience is showing that.”

HSBC: UK is hotbed of fraud

Britain’s banks – which often pick up the compensation bill when people are scammed – are trying to respond.

HSBC, which has operations in the Americas and Asia, has hired more than 300 staff in a year to support its anti-fraud operations in its home market and increased annual spending by 40 per cent to deal with an “exponential” number of customers affected, the bank told Reuters.

“The UK is the hotbed of activity for fraudsters. Currently the UK accounts for about 80 per cent of our global personal fraud losses,” it said.

Lloyds said it had invested £100 million in its defences over the past two years, while rival NatWest has 10 per cent of its workforce – amounting to 6,000 people – dedicated to combating financial crime. TSB has hired 100 extra staff to support fraud victims in the last year.

But lenders are also pressing the government to make social media platforms, where they say some attacks originate, share the burden. British lawmakers told bosses at Facebook, Google, Amazon and eBay last month that they needed to do more combat fraud.

Mr Reed said another problem was that just 1 per cent of policing resources were dedicated to fighting fraud, despite it making up more than a third of all crime in England and Wales.

“I won’t hide away from the fact that resourcing of the response is completely out of step with the scale and seriousness of the threat. We’ve got a mountain to climb.”

This means that criminals are emboldened to target people like Anna, who has little hope of recovering her savings.

The fraudsters had told her to shift her “at risk” cash to an account on a cryptocurrency platform that they emptied – while isolating her from family by stressing secrecy and coaching her on how to respond to sceptical bank officials.

“They knew the name of my financial adviser, they were utterly convincing as FCA staff,” she said. “And they told me I could not tell anyone about the investigation as it would damage their efforts to catch the crooks.”