Identity theft reaches a record high

British businesses faced more than 325,000 fraud incidents in 2016, as identity theft cases reached a record high of 195,000.

Identity theft reaches a record high

The figures were released in a new report published today (May 10) by Cifas, the UK’s fraud prevention service, that details fraud trends from cases during 2016.

Using data from 387 organisations, including many major UK brands, the annual Fraudscape report provides the most comprehensive picture of fraud and fraudulent attempts made in the UK. It shows that the total of 325,092 fraud cases last year notched up one percent from 2015.

Identity crimes, which include identity fraud and facility takeover – when a fraudster poses as a genuine customer to get control of an account – remains the most potent and widespread of all threats, comprising 60 percent of all fraud recorded in 2016.

But Fraudscape also reveals successes in the fight against fraud, with organisations preventing £1.03bn in fraud losses through non-competitive data sharing.

Facility takeovers increased by 45 percent to 22,525 from 15,497 and more than 50 percent of these takeovers were enabled over the phone, typically to call centre staff.

Some 88 percent of identity frauds were committed online, compared to 30 percent of facility takeovers occurring online.

Cifas said the increase in facility takeover, particularly those committed over the phone, is a sign that, as security for customer accounts has increased, criminals target individuals instead and trick them into revealing personal details.

For this fraud to be successful on the phone, fraudsters must have obtained enough of their victim’s personal information (date of birth, address, details of bank or other accounts and sometimes passwords) to convince the person on the phone that they are actually the person they’re impersonating. 

Cifas added that fraudsters will collate personal data and identify targets in various ways, such as data breaches, social media footprints and other open source information. To get hold of the level of detailed information needed to conduct a successful takeover, fraudsters will often then contact victims directly and manipulate them into revealing more details.

Once they have enough personal data, fraudsters go on to call the bank, phone retailer, or service provider armed with enough information to convince call centre staff that they are their customer.

Cifas chief executive Simon Dukes said: “We know that as one method gets harder, fraudsters change tactic rather than stop. We are now seeing that the advances made in securing online access to customer accounts have led to fraudsters targeting the human being at the end of the phone. 

“Using old-fashioned but highly-effective con artistry, they are tricking individuals into giving away their personal details and deceiving call centre staff into making transactions on their victims’ accounts. The proliferation of personal data that is available either online or through data breaches only makes this easier.”