Cifas intelligence shows frauds are becoming more complex and sophisticated

• AI and ‘fraud toolkits’ driving fraud rates 

• Cases of facility takeover, identity fraud and misuse of facility all rise 

• Urgent call for collaboration and fraud to be treated as a national priority 

A record number of cases were filed to the National Fraud Database (NFD) in the first six months of 2024 – over 214,000 in total, representing a 15% increase compared to the same period in 2023, UK-leading fraud prevention service, Cifas, can reveal. 

Following the launch of its half-year Fraudscape report today (14 August) – which details the latest fraud-risk data and intelligence recorded by its 750-strong membership – organisations have raised concerns about the ease with which criminals can access AI and fraud toolkits to deceive UK businesses and consumers. 

The data, recorded between January-June 2024, reveals the tactics favoured by criminals including spoofing, brand impersonations, phishing campaigns, and using AI technologies to facilitate data harvesting and social engineering. 

Facility (Account) Takeover 

Cases of Facility (Account) Takeover¹ filed to the NFD were up 99% compared to the same period in 2023 – over 37,000 cases in total. The most impacted age group were those aged over 61 (25%), closely followed by 41-50-year-olds (23%). Online retail and telecoms sectors represent 36% and 40% (respectively) of all facility takeover cases. 

Phishing remains a common tactic. Members report that organised crime groups are executing high-quality and convincing brand impersonations – and using Remote Access Technology (RAT) software to take control of a consumer’s device while pretending to be customer service support – to dupe people into divulging sensitive data. Cifas intelligence also shows criminals are increasingly aware of counter-fraud controls used by businesses and regularly change tactics to avoid detection. 

[1] Definitions of each fraud type are set out in the Notes to Editors

Identity Fraud 

Over 127,000 cases of identity fraud were recorded between January-June 2024 – a 4% increase on 2023. This was largely driven by significant increases in impersonation fraud in relation to mobile phones (up 102%), personal store cards (up 59%) and personal current accounts (up 19%). 

Social engineering tactics using sophisticated spoofing and brand impersonation techniques are recurring themes in the cases of identity fraud filed to the NFD. In some cases, criminals have researched LinkedIn profiles to impersonate genuine employees at financial institutions and encouraged victims to divulge personal data or transfer funds. 

Misuse of Facility 

Over 37,000 cases were recorded in the first half of 2024 – a 9% rise compared to 2023. This is nearly one-fifth of all cases filed to the NFD (18%). 

Misuse of company accounts rose 51% and personal loans increased by 109%. Cifas members reported that individuals opened credit accounts with no intention of making payments – a common driver being the cost-of-living pressures. In total, more than 11,000 false application cases were made to the NFD (up 21%).  

Mike Haley, CEO of Cifas, said: ‘With almost 40% of all reported crime a fraud, our data and intelligence demonstrates how concerned organisations should be at the ease with which criminals are able to obtain the tools to commit fraud at scale. They continue to exploit new technologies such as AI and ‘fraud-as-a-service’ and abuse the popularity of social media platforms to defraud consumers and business. 

‘Combatting fraud must be a national priority. It is only through greater collaboration and sharing critical data and intelligence across all sectors including law enforcement, the private sector and government agencies, that we will be able to get on top of the UK’s fraud emergency and keep business and people safe.’  

Download the 2024 Fraudscape six-month report for free. 

Six ways to protect yourself from fraud 

     1. Never divulge personal information or hand over any bank details. 

     2. Don’t feel rushed/pressured into a decision you might regret later. 

     3. Check your credit file and bank account regularly. 

     4. Report any fraud to Action Fraud here or call: 0300 123 2040. 

     5. Read the latest advice from the ‘Stop! Think Fraud’ campaign. 

     6. Protect your identity through Cifas’ Protective Registration service which costs £30 for two years’ cover. 

ENDS 

Notes to Editors 

For more information, please contact Hayley Paterson, Cifas Press and PR Manager, on 020 4551 7072 or press@cifas.org.uk. 

About Cifas 

Cifas is the UK’s leading, not-for-profit fraud prevention service, with over 750 members from across key UK industries including banking, retail, insurance, and telecoms. Cifas helps protect businesses and individuals from fraud through effective and secure data and intelligence sharing across the private, public and third sectors. Cifas also offers a range of fraud prevention products and services including specialist training for counter-fraud professionals through its Cifas Fraud and Cyber Academy. 

Cifas’ data is included in the Office of National Statistics England and Wales Crime Statistics of police recorded crime and it works alongside law enforcement agencies in tackling fraud. In 2023, Cifas members prevented more than £1.8bn of fraud losses. 

Website | LinkedIn | X 

Fraudscape 

Fraudscape is Cifas’ annual report which combines data from its National Fraud Database (NFD) and Insider Threat Database (ITD), alongside intelligence provided by Cifas members, partners, and law enforcement. 

Cifas Fraud Types Explained 

Facility Takeover: When a criminal utilises compromised personal data to hijack an existing account or product, with phishing emails and texts a favoured tactic to takeover the account. 

Identity Fraud: Using a person’s stolen details to commit a crime. 

Misuse of Facility: Where an account, policy or product is misused by the genuine account holder, such as money muling. 

False Application: When false information or the omission of details are made for personal gain including to obtain products and services. 

Insider Threat: An intentional risk that occurs within an organisation. 

Contact us at press@cifas.org.uk