Out-Law News 2 min. read

Personal data theft behind 65% of all fraud cases, says UK Fraud Prevention Service


The UK's Fraud Prevention Service (CIFAS) has reported a more than 50% rise in the number of cases where fraudsters unlawfully hijacked individuals' accounts and operated them for their own gain.

CIFAS said that there were 38,428 cases of 'facility takeover fraud' recorded by its 260 members in 2012, up from 25,070 in 2011. The statistics formed part of a wider grouping of figures that demonstrate that in 65% of all fraud cases last year, fraudsters required identity details to perpetuate their crime, it added.

CIFAS said that examples of facility takeover fraud could be where criminals steal individuals' security details through computer hacking, intercepting their physical mail or from online "social engineering", which is where individuals are coerced into divulging confidential information.

"The fraudulent use of identity details (either those of an innocent victim or completely fictitious ones) is the biggest and most perturbing fraud threat," CIFAS said in a statement. "50% of all frauds identified during 2012 relate to the impersonation of an innocent victim or the use of completely false identities."

"Furthermore, Facility (or Account) Takeover Fraud ... rocketed by 53% compared with the previous year. This means that those frauds where the criminal requires identity details accounted for almost 2 in 3 (65%) of all frauds in 2012. The number of victims of both types of fraud has – when combined – also risen by 24% from the levels in 2011; underlining the very real cost of these crimes."

CIFAS said there had been 248,325 separate cases of fraud reported last year. The figures represent the highest number of fraud cases ever recorded by CIFAS members, which include banks, insurance companies and credit card providers, and was 5% up on the number reported in 2011, it said.

Kate Beddington-Brown, CIFAS head of communications, said that the organisations needed to do more to combat fraud.

"These increases serve as a warning and a challenge to organisations and consumers equally," she said. "Organisations have invested heavily in updating and refreshing their security processes recently, ensuring that extra steps are taken to validate the identity of people with whom they are dealing. In spite of this, however, identity crimes have continued to rise – demonstrating that far more must be done. Equally, for individuals, it is obvious that fraud relating to personal data is an immense criminal trade so, fundamentally, we all have to do all we can to ensure that we also protect ourselves from becoming a victim, as well as demanding that the organisations we deal with take their security responsibilities seriously."

Beddington-Brown said it was wrong to describe fraud as a 'victimless crime' and said it has an impact on businesses.

"Whether it is an individual being impersonated, or public and private organisations losing funds due to fraudulent applications and transactions, the net effect is that the economic squeeze gets worse," she said. "Fraud acts as an impediment to business recovery and damages cashflow for us all; as losses incurred inevitably get passed on to society at large. The increase in fraud levels, therefore, might be seen as organisations getting better at rooting out fraud, but the implications are clear: increased fraud levels mean that organisations and individuals face a bigger problem than ever before."

CIFAS chief executive, Peter Hurst, said that businesses can reduce the costs they incur because of fraud by investing in "proper fraud prevention systems and approaches, from online security to data sharing".

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.