Katy Worobec, Managing Director of Economic Crime at UK Finance, said:
"Fraud is an issue that affects the whole of society, and one which everyone must come together to tackle. The finance industry is committed to playing its part - investing in advanced security systems to protect customers, introducing new standards on how banks respond to scam victims, and working with the Joint Fraud Taskforce to deter and disrupt criminals and better trace, freeze and return stolen funds.
"We are also supporting the Payment Systems Regulator on its complex work on authorized push payment scams, providing the secretariat for its new steering group. It's a challenging timetable, but it is important that we get it right to stop financial crime and for the benefit of customers."
The finance industry is responding to the ongoing threat of all types of fraud and scams by:
" Helping to prevent customers being duped by criminals by raising awareness of how to stay safe through the Take Five to Stop Fraud (*) campaign, in conjunction with the Home Office.
" Working with government and law enforcement to deter and disrupt criminals and better trace, freeze and return stolen funds, while calling for new powers on information sharing to allow banks to share data to detect and prevent financial crime better.
" Implementing new standards to ensure those who have fallen victim to fraud or scams get the help they need, including around-the-clock availability of fraud teams, to make it easier and better for the customer, and, where possible, improve the likelihood of their funds being recovered. UK Finance will also be the secretariat for the PSR's new steering group on authorized push payment scams2.
" Working with government on making possible legislative changes to account opening procedures to help the industry act more proactively on suspicion of fraud and prevent criminals from accessing financial systems.
" Rolling out the Banking Protocol - a ground-breaking rapid response scheme through which branch staff can alert police and Trading Standards to suspected frauds taking place - to every police force area in the UK. In 2017, while it was still being introduced across the country, the Protocol prevented £13.3 million of fraud and led to 129 arrests.
" Sponsoring the Dedicated Card and Payment Crime Unit5, a specialist police unit which tackles the organized criminal groups responsible for financial fraud and scams. This has led to a combined value in savings and disruptions in criminal activity of close to £30 million in 2017.
" Exploring new ways to track stolen funds moved between multiple bank accounts.
To help everyone stay safe from fraud and scams, Take Five to Stop Fraud urges customers to follow the campaign advice:
" A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by.
" Don't be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text.
" Always question uninvited approaches in case it's a scam. Instead, contact the company directly using a known email or phone number.
Tony Blake, Senior Fraud Prevention Officer at the Dedicated Card and Payment Crime Unit, said:
"With criminals using social engineering to target people and businesses directly, it's vital that everyone follows the advice of the Take Five campaign. Always stop and think if you are ever asked for your personal or financial details. Remember, no bank or genuine organization will ever contact you out of the blue and ask you to transfer money to another account."
In an unauthorized fraudulent transaction, the account holder does not provide authorization for the payment to proceed and the transaction is carried out by a third-party.
In an authorized push payment (APP) scam, the account holder themselves authorizes the payment to be made to another account. If a customer authorizes the payment themselves, current legislation means that they have no legal protection to cover them for losses - which is different for an unauthorized transaction.
Banks will always endeavour to help customers recover money stolen through an authorized push payment scam but customers typically only approach their bank after the payment has been processed, once they realize they have been duped. By this time the criminal has often withdrawn the stolen funds and the customer's money has gone. Alongside the extensive work already underway through the Joint Fraud Taskforce, UK Finance is also currently working with the Payment Systems Regulator on its proposals to tackle these scams.
Behind the data
Fraud intelligence points towards criminals' use of social engineering tactics as a key driver of both unauthorized and authorized fraud losses. Social engineering is a method through which criminals manipulate people into divulging personal or financial details, or into transferring money directly to them, for example thorough impersonation scams and deception.
In an impersonation scam, a fraudster contacts a customer by phone, text message or email pretending to represent a trusted organisation, such as a bank, the police, a utility company or a government department. Under this guise, the criminal then convinces their victim into following their demands, sometimes making several separate approaches as part of one scam.
Data breaches also continue to be a major contributor to fraud losses. Criminals use stolen data to commit fraud directly, for example card details are used to make unauthorised purchases online or personal details used to apply for credit cards. Stolen personal and financial information is also used by criminals to target individuals in impersonation and deception scams, and can add apparent authenticity to their approach.
(*) Take Five is a national campaign that offers straight-forward and impartial advice to help everyone protect themselves from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud - particularly where criminals impersonate trusted organisations. Led by Financial Fraud Action UK (part of UK Finance) and backed by Her Majesty's Government, it is being delivered with and through a range of partners in the UK payments industry, financial services firms, law enforcement agencies, telecommunication providers, commercial, public and third sector organisations.