use of savings accounts being misused to lodge unauthorised or .... making lending decisions. The continuing high levels
FRAUDSCAPE Depicting the UK’s fraud landscape
www.cifas.org.uk | March 2011
C I F A S The UK’s Fraud Prevention Service
CIFAS is the UK’s Fraud Prevention Service, a not-for-profit membership organisation operating in the public interest and dedicated to the prevention of financial crime. It has 260 Members spread across banking, credit cards, asset finance, retail credit, mail order, insurance, savings and investments, telecommunications, factoring and share dealing. Members share information about identified frauds in the fight to prevent further fraud. The CIFAS National Fraud Database contains records of frauds that have been perpetrated against CIFAS Member organisations. In order to be recorded on the CIFAS Database a case must satisfy a burden of proof. This means that there must be sufficient evidence to take the case to the police, although it is not mandatory to do so. This Report examines and assesses the fraud cases by CIFAS Member organisations during 2009 and 2010 to ascertain any key changes over that period. It looks at all frauds identified by the type of fraud committed and the product involved.
In this Report . . . 1. Executive Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. CIFAS National Fraud Database - Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3. Fraud by Fraud Type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.2 Identity Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.3 Misuse of Facility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.4 Application Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
3.5 Facility Takeover Fraud. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
3.6 False Insurance Claims . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.7 Asset Conversion Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4. Location of Fraud in 2010 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 5. Fraud by Product Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.2 Bank Account Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
5.3 Mail Order Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
5.4 Plastic Cards Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
5.5 Communications Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
5.6 Asset Finance Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
5.7 Loan Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5.8 Insurance Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
5.9 Mortgage Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
5.10 All-In-One Product Fraud . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
5. Demographics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 CIFAS is a not-for-profit organisation, concerned solely with the prevention of fraud and funded by subscription. Since February 1991 the membership association has been an independent Company Limited by Guarantee. CIFAS Members are drawn primarily from the UK financial services industry, but also from telecommunications, insurance and other business sectors and the public sector. Website: www.cifas.org.uk
www.identityfraud.org.uk
C I F A S
Introduction
by Peter Hurst, CIFAS Chief Executive CIFAS is the UK’s Fraud Prevention Service, a not
Inevitably, the poor economic situation continues to have
for profit organisation operating in the public interest,
an effect on fraud levels. Individuals subject to financial
dedicated to the investigation, detection and prevention
pressures are being tempted to commit fraud such as
of fraud. Our 260 plus Members share information
making false insurance claims or misusing accounts.
on fraud in order to prevent further fraud. As a result,
Historic frauds such as those that are mortgage related
analysis of the frauds recorded on the National Fraud
are still emerging, to be identified by organisations,
Database offers a clear picture of the fraud landscape
and tighter lending criteria are leading to some people
in the UK. Irrespective of the size of the fraud or the
adopting false identities in an effort to gain credit. In
organisation it was committed against, if it has been
addition, the threat from organised criminals remains
investigated and a burden of proof (sufficient evidence
high, especially those involved in developing malicious
to take it to the police) has been established, then the
technological threats to target both traditional and newer
CIFAS Member will have recorded it on the database.
sectors.
They are not suspicions. They are frauds. But, with new business levels lower now than they There are many truisms concerning fraud: fraudsters
were in 2007, the possibility is raised that attempted
adapt their methods; fraud rises to the surface during a
frauds are simply not reaching the fraud department for
recession and fraudsters will attack what they perceive
investigation: if they are declined at an initial ‘in principle’
to be the point of least resistance. These are just three
decision stage, then there is no opportunity to examine,
of them. In looking at the frauds recorded by CIFAS
prove and record what was still an attempt at fraud. The
Members in 2010, however, it is important also to view
changes in economic conditions have, therefore, led to
these in the context of the patterns identified during
changes across the board, in terms of both fraud and its
preceding years in order to see such statements as
prevention.
something other than glib sound-bites. While the small decrease in fraud identified in 2010 is For example, the term ‘identity fraud’ may have meant
welcome, the threat has not gone away, and it must be
little to most people as recently as five years ago. While
viewed in its proper context: as the latest in a series
identity fraud was a problem at that time – and its effects
of changes that have taken place over several years.
were noticeable – the number of cases was substantially
This is just as likely to be the calm before the storm,
lower. Now, in early 2011, however, we have had news
as fraudsters develop new methods to circumvent
stories, awareness campaigns and even TV dramas that
preventative techniques.
have focused on it, but it remains all too prevalent. The question that therefore needs to be asked is The drivers of fraud are numerous.
less ‘what did we do to reduce fraud levels’ but ‘what more do we do to battle whatever comes next?’
C I F A S
3
Fraudscape - Section One
1. Executive Summary An examination of the frauds recorded by CIFAS
mobile technologies and new communication devices
Members in 2010 reveals:
makes identity fraud a more attractive option for fraudsters. In addition, it becomes arguably easier
•
even after taking into account the 7% decrease
to commit on a larger scale. Identity fraud remains a
in 2010,fraud has still increased by 25% over the
complex affair, however: ranging from an opportunist
past five years. In 2010, 217,385 frauds were
applying in the name of a family member, to
recorded to the National Fraud Database by
increasingly intricate malicious software being placed
CIFAS Member organisations,
onto computers in order to steal personal information.
•
identity fraud accounted for nearly a half of all
•
misuse of facility accounted for 22% of all fraud
to circumvent security measures with incomplete
cases, and 55% of these cases are associated
information; for example, attempting to trick a call
with paying in false financial instruments –
centre operator into revealing information.
frauds recorded (47%) in 2010,
It is also evident that fraudsters do not necessarily need complete information about individuals in order to try to impersonate them. They will attempt
potentially indicative of accounts being used for ‘money mule’ purposes (where funds are laundered or dispersed illegally through bank accounts – sometimes unknowingly),
•
the continuing migration of fraud to new products; as fewer bank accounts and plastic cards were targeted by fraudsters (15% and 37% decreases respectively) only to be offset by increases of 30% in communications products and 34% in mail order, when compared with 2009.
The changes in the fraud landscape over recent years have led fraudsters to seek out new avenues to commit fraud. In the current economic climate, where lending criteria remain more strict (and many applications do not even make it past the ‘in principle’
M
isuse of facility develops new techniques
While misuse of facility fraud declined by 6% in 2010, this follows sharp increases during the previous two years. The nature of many of these frauds points towards a rise in accounts being used for money laundering and the use of ‘money mules’ and is now associated with over one half of misuse of facility fraud cases recorded on the database. The increased use of savings accounts being misused to lodge unauthorised or fraudulent payments also marks a further shift in the way that such activity is carried out. This report provides further details on pages 12-13.
decision stage to be examined by account handlers or fraud teams) the prospect of much fraud remaining undetected and unproven is of real concern. The decrease in fraud in 2010 is, therefore, no cause for complacency.
I
dentity fraud – more serious than ever before
Clearly, impersonating people remains a profitable route for fraudsters and an expensive problem for the organisations affected. Once a person’s identity is compromised, their identity details can be used to attack a range of products. The increasing use of 4
C I F A S
N
ot your usual suspects – fraud is not just seen in the ‘typical’ and ‘traditional’ product Fraudscape also presents evidence about the wide range of products that fraudsters attack: from high volume bank account and mail order frauds, to lower numbers of high value mortgage frauds. It clearly shows that industries cannot operate in silos. Fraud in one area has an impact on others: for example, where a fraudster uses a false identity to obtain a credit card and then uses it to obtain a mobile phone account. As barriers are put in place in one sector fraudsters simply turn their attention elsewhere, ˃
and the changing patterns over 2010 – and previous
taking over an existing mobile phone account to obtain
years – are testament to this. Intelligent data sharing
an upgrade by changing a mailing address, or simply
across sectors, therefore becomes even more of a vital
lying on an application form, all of these types of frauds
mechanism in the continued endeavour to prevent and
are attracting both opportunist fraudsters and those
detect fraud.
involved in organised criminal activity. As fraudsters continue to adapt their methods, further changes to the
It is clear that increasingly sophisticated initiatives to
fraud landscape are inevitable.
counteract fraud in the banking and financial services sectors are having some impact, contributing in 2010 to the fall in frauds attempted both in relation to bank accounts (a decrease of 15%) and plastic cards (a decrease of 37%). These decreases may be masking a
C
ountering the danger
In spite of the shifts seen, there remains an overall
greater problem, however, as perhaps high credit score
consistency. Figures collected by CIFAS over previous
cut offs mean that at least some potentially fraudulent
years have demonstrated that there is truth in the
applications are being screened out. A complacent
received wisdom that fraudsters change their methods,
approach would be to assume that what cannot be
or will move on to new targets. The intelligence
seen does not exist – but fraudsters target different
gathered by CIFAS demonstrates that cross-sector data
sectors in a fluid and ever-changing manner. Increases
sharing works to identify techniques and patterns, spot
in communications frauds (which grew by 30%) and
trends and arm the fraud prevention community with
mail order frauds (which rose by 34%) demonstrate the
the knowledge, and therefore the power, required to
flexibility with which fraudsters adapt their methods and
counter the danger.
targets in relation to the current environment. Whether it is using a false identity to obtain a mail order account,
Fraud over the past few years
O
ver the last few years, the prosperity of the UK economy has fluctuated and patterns in the types of fraud identified have fluctuated with it. In 2007, for instance, a slight decrease in the number of identity frauds recorded was overshadowed by a stark increase in application fraud (or people submitting applications in their own name, but with serious lies – such as inflating their income). With credit readily available, fraudsters seemed to believe it easiest to try and lie their way to a loan or credit card than go to the effort of a more complex fraud. September 2007 saw the public run on a bank, and the term ‘credit crunch’ became all too familiar. The prospect of recession became a reality. Economic hardship and the diminishing availability of credit were reflected relatively quickly in the types of fraud being committed. 2008 saw dramatic increases in the level of facility takeover fraud. Over the course of the year, facility takeover – or account takeover – went from being a fraud that was relatively modest in its regularity, to being committed in unprecedented numbers. When financial headlines spoke of the scarcity of credit, the fraudsters’ approach was simple: rather than risk the rejection of new applications, they turned their attention to abusing someone else’s existing account. With the economic malaise continuing throughout 2009, and the associated dearth of available credit, a continued decrease in application fraud was unsurprising, as was a further increase in facility takeover fraud. More noteworthy was the dramatic reappearance of identity fraud, this time targeting products and services not subject to the same strict approval conditions and scrutiny as credit applications. For the third year in a row, stark shifts in the patterns of fraudulent activity had been recorded. Economic conditions are not the only conditions to have changed during recent years. From the launch of the first iPhone in 2007 to the proliferation of smartphones in 2010, as well as the number of people choosing to manage their financial lives online, the way consumers live and work, has changed. It is no surprise, therefore, that fraudsters’ methods reflect those changes.
C I F A S
5
6
C I F A S
Fraudscape - Section Two
2. CIFAS National Fraud Database: Overview A total of 217,385 frauds were identified by CIFAS Members in 2010. This is a decrease of 7% compared with 2009. These frauds were filed to the National Fraud Database and the following section sets out an overview of recent trends. Intelligent data sharing allows CIFAS Members to detect, target and prevent fraud and the resulting data contained in this report provides a robust and reliable set of figures for 2010. Figure 2.1 sets out the number of frauds recorded to the National Fraud Database from 2006 until 2010. Despite the 7% decrease from 2009 to 2010, there has been an increase of over 25% in the number of frauds identified over the last five years. Continuing high fraud levels mean that this remains a serious issue, affecting both individuals and organisations on local and national levels.
Fraudscape presents data analysed by the types of frauds and related products. An explanation for each fraud type can be found throughout Section 3. Frauds are categorised according to: •
the ‘type’ of case: for example identity fraud or application fraud, and
•
by the ‘product’ offered by an organisation that was compromised by the fraud.
These categories are not mutually exclusive however. For example, application fraud can be committed on bank accounts, mortgages or credit cards, among others. Similarly, each product can be attacked in a number of different ways – a bank account could be targeted by fraudsters committing application fraud, identity fraud or facility takeover fraud. ●
Total Frauds Recorded on the National Fraud Database 2006-2010 Figure 2.1
% change
-
8%
16%
9%
-7%
Year
C I F A S
7
Fraudscape - Section Three
3. Fraud by Fraud Type 3.1 Introduction Table 3.1 sets out the number of frauds recorded on the National Fraud Database by each fraud type over the last three years.
Frauds Recorded by Fraud Type 2008-2010 Table 3.1
Fraud Type
% change since
2008
2009
2010
77,023
57,825
44,680
-23%
522
532
539
1%
Facility Takeover Fraud
19,275
22,387
21,226
-5%
False Insurance Claims
433
670
537
-20%
Identity Fraud
77,642
102,327
102,672
0%
Misuse of Facility Fraud
39,447
50,512
47,731
-6%
Total Frauds Recorded
214,342
234,253
217,385
-7%
Application Fraud Asset Conversion Fraud
Percentage of Frauds recorded 2010*
2009
Overall, the decrease in the number of frauds recorded during 2010 was evident across the majority of fraud types. The most notable was the 23% decrease in the number of application frauds. This reflects both restricted lending by organisations over recent years having a knock-on effect of fewer applications coming in (and, consequently, fewer frauds) and the more stringent lending criteria used by organisations when making lending decisions.
Figure 3.1.1
0.25%
0.25%
The continuing high levels of identity fraud demonstrate that, while people may feel that they are less likely to secure a new account using their own personal details, they (and, in these cases, frequently this means organised criminal gangs) are continuing to assume the identity of another person in order to obtain products. Figure 3.1.1 sets out the percentage of all frauds recorded in 2010 by fraud type. ˃
8
C I F A S
* Some percentages may add up to more or less than 100% due to rounding
Frauds Recorded 2006-2010 (four largest fraud types) Figure 3.1.2
T
he chronically high level of identity fraud demonstrate that individuals continue to assume the identity of another person in order to obtain products.
Figure 3.1.2 sets out the changes in the numbers and types of cases recorded over the last five years for the four largest fraud types. This shows that the current overall picture is one of high, but stable, levels of fraud, with the exception of application fraud which continues to decrease. The high identity fraud figures recorded at the end of 2009 have been maintained and this type of fraud again accounts for the highest overall proportion of fraud in 2010. Both facility takeover fraud and misuse of facility fraud have remained fairly stable compared with recent years. The current high level of fraud can be attributed to a combination of factors:
•
The continuing difficult economic conditions and increasing financial pressures have created challenging financial situations for individuals. This may be mitigated, however, by increasing media coverage of other options for individuals facing financial hardship, such as encouraging people to speak to their banks when struggling financially. The reality is, however, that some people will perceive no other option than fraud, in order to deal with the difficulties they face. This idea of ‘fraud for need’ as opposed to ‘fraud for greed’ should not be overlooked.
•
The movement towards mobile technology has opened up new methods of transaction and, therefore, new avenues for committing fraud – and the drive towards prevention is a constant battle: namely to be as innovative as the criminals, or more so.
•
Restricted lending by financial organisations has led to people feeling that opportunistic frauds are more likely to fail, thereby indicating a much more pernicious problem of serious and organised criminality coming to the surface. It is clear, however, that fraud continues to be committed by both individuals and organised criminals alike.
Over the rest of this section, each fraud type will be examined in further detail – starting with the most prevalent. ●
C I F A S
9
3.2 Identity Fraud
the more likely the fraudster is to attack higher value commodities.
Identity Fraud Identity Fraud includes cases of false identity (the use of an entirely fictitious identity) or the stolen identity of an innocent victim. Fraud Type Identity Fraud
2008
2009
2010
77,642
102,327
102,672
The number of identity frauds recorded by CIFAS Members remained stable in 2010 compared with the level recorded in 2009. What is more striking, however, is that this type of fraud now accounts for almost half of all frauds recorded (47%). That identity fraud remains high is unsurprising given, first, the drop in application frauds and, second, the tough economic climate. More stringent lending criteria make it more difficult for a potential fraudster to obtain credit in his or her own name, so using the identity of another person (who may have a better credit rating) is seen as a preferable option by the fraudster. In the present climate, however, there remains no guarantee that even making an application in another name will be successful.
47%
of all frauds recorded in 2010 were Identity Frauds.
There is the continuing threat of serious fraudsters obtaining high volumes of personal data. This can be sourced either through software attacks, purchasing bulk compromised data from criminal sources or from an individual who has stolen information (such as payroll data) from his or her employer. The quality of the data may determine the types of product the fraudster then chooses to target. It is possible that the more complete the dataset,
10
C I F A S
The media has continued to focus strongly on identity fraud with some stories becoming headline news. As a result, the public is increasingly aware of potential scams such as phishing and cold calling. In addition, CIFAS Members continue to provide their customers with information on identity theft attacks and how these can be prevented. The success of such endeavours may be demonstrated by the falling levels recorded, quarter by quarter, in 2010, but – as identity fraud remains as high in 2010 as it did in 2009 – such greater public awareness of the dangers is clearly only going so far to mitigate the problem. The reality is that identity fraud remains a complex affair – ranging from an opportunist applying in the name of a family member, to increasingly intricate malicious software finding its way onto computers in order to steal personal information. In addition, CIFAS Members report that there is still a place for the traditional identity fraudster who assumes the identity of a high worth individual such as a company director in order to carry out fraud more easily. The data suggests that in 2010 there was a drop in the number of individuals using the personal details of people they know well – such as friends or family. The increase in the proportion of false dates of birth identified (23% of cases in 2010 compared with 15% in 2009) indicates that information which would be known to close friends or family was not used. Instead, frauds were more likely to involve the use of the identities of strangers, where perhaps the address details were known but other information was not. There was a continuing decrease in the use of the more opportunistic fraud (or previous occupier fraud) where people found mail addressed to a previous resident and used those details to impersonate others. A worrying aspect is that more identity frauds were recorded as successful in 2010 – almost two thirds compared with 56% in 2009. This can be largely attributed to a decrease in frauds for those types of products that traditionally have lower success rates (such as bank accounts and plastic cards) and higher rates for those products which have different security checks such as online shopping where there is less necessity to provide identifying documentation such as passports or utility bills.●
DEFINITIONS
P
revious Address Fraud
The fraudster applies in the name of an innocent victim, gives an address accessible to the fraudster but unrelated to the victim as the current address on the application, and gives the address where the victim is living as the previous address, claiming that he or she (as the victim) has just moved. This explains why the victim’s data is still registered at the previous address on the application and means that any documentation is sent to an address unconnected to the victim but to which the fraudster has access.
C
urrent Address Fraud
The fraudster applies in the name of an innocent victim and uses the address where the victim is living as the current address on the application. This means that things look ‘normal’ to the lender (e.g. the victim is on the electoral roll at that address and his or her payment performance information is all located at that address). The fraudster is likely to need to gain access to the victim’s mail to intercept the relevant documentation.
P
revious Occupier Fraud
Typically, this is carried out by opportunist fraudsters who have moved into their victim’s previous address. It occurs when the fraudster applies in the name of an innocent victim who has recently moved. The fraudster may well not know where the victim has moved to, so uses the victim’s previous address as the current address on the application, and hopes the victim has not yet changed his or her address on accounts and the voters’ roll.
F
alse Identity The fraudster applies using an entirely fictitious identity.
The intelligent way to fight fraud TraceIQ is an unequalled source of consumer information, and will provide you with everything from an individual’s contact and home ownership details to their financial standing – helping your business to prevent, detect and investigate fraudulent activity. Whether you need to screen a potential employee or verify someone’s identity, TraceIQ’s wealth of data will help you to make informed decisions – fast. Like this idea? Contact us today for your free trial – call us on 029 2067 8555 or email
[email protected]
T: 029 2067 8555 E:
[email protected] www.traceiq.co.uk
C I F A S
11
3.3 Misuse of Facility Fraud
with other types of fraud, while the overall figure was lower,
Misuse of Facility Fraud
the number of frauds identified remained fairly constant throughout the year, with no great fluctuations.
Misuse of Facility Fraud occurs when an account, policy or other facility is used fraudulently, e.g. paying in an altered cheque. Fraud Type Misuse of Facility Fraud
2008
2009
2010
39,447
50,512
47,731
Much of the decrease was due to the drop in the number of cases associated with individuals running up bills and subsequently evading payment (a decrease of 54% in 2010 compared with 2009). Fraudsters have turned instead to the process of paying in false instruments. This involves paying in cheques which they know will subsequently bounce, or altering cheques that have been legitimately written. Any sort of fraudulent electronic transfer carried out by the account holder is also included in this category.
Misuse of facility fraud declined by 6% in 2010, following
The paying in of false instruments is now associated
sharp increases during the previous two years. In common
with over one half of misuse of facility frauds (55% of ˃
Means by which Misuse of Facility Frauds were carried out 2009-2010* Figure 3.3
12
C I F A S
* Some percentages may add up to more or less than 100% due to rounding
cases in 2010 compared with 47% in 2009). This change
The channel by which these misuse of facility frauds were
is indicative of a rise in accounts being used for money
carried out changed significantly, with the majority carried
laundering and the use of ‘money mules’.
out by phone (27%), mail (26%) and face to face (22%) as shown in Figure 3.3. There was a noticeable drop in the
In addition, frauds relating to the retention of wrongful
number carried out over the internet (down by 66% from the
credit(s) – such as holding proceeds from theft – remained
level recorded in 2009), marking out a difference from other
fairly stable, increasing by 1%. This links to those who
fraud types covered in this report. The most visible aspect
receive extra funds into their accounts through an
was the increase in the use of the phone to misuse current
electronic payment error and who chose to keep and spend
accounts which almost doubled in the period since 2009. ●
this money. Increasingly, savings accounts are targeted for this form of fraud.
Money Mules
D
efinition:
The term ‘money mule’ is most commonly used to describe an individual who allows his or her bank account to be used to facilitate the movement of criminal funds. The mule either knowingly helps, or is tricked, into moving money through his or her own account and then to a third party, who is often located in another country.
M
ethods:
The primary driver behind these transactions is a fraudster located overseas who has obtained funds through phishing or trojan scams and intends to launder these funds out of the UK. As it is difficult to make cross-border transfers from UK accounts, the fraudsters need collaborators with other UK accounts to move the funds for them. The fraudster asks the individual to receive a transfer of funds into his or her bank account, and then instructs the person either to send these funds on to another account, or to withdraw the funds (in cash or foreign currency), or to send them overseas using a legitimate money transfer service. The individual carrying out these transfers is typically offered payment, frequently in the form of commission, for this use of their account. This individual, the ‘mule’, may be complicit or completely unaware of the true nature of their actions.
F
ake employment scams:
Fraudsters are also known to contact people using email addresses harvested through phishing scams or legitimate recruitment websites – offering jobs based ‘at home’ with a high salary for few hours a week. These adverts state that the recruiter’s overseas company is seeking ‘UK representatives’ or ‘agents’ to act on its behalf for a period of time. Job titles will be typically vague; along the lines of financial manager, payment processing agent or money transfer manager. Once recruited, the new ‘employee’ will begin to receive regular deposits into his or her account. Minus a small commission, the mule is then asked to withdraw or transfer the funds for placement into an overseas account (See example overleaf).
T
argets:
University students are often recruited as they are more likely to have unblemished credit records and low incomes, and can be attracted by such schemes as these, as they offer an apparently easy way to make some additional money. The unemployed are sometimes targeted through legitimate employment websites. Difficulties in obtaining work may lead to some people becoming willing to take any likely looking role, without applying the same scrutiny that the person would usually apply to an approach by an employer or recruiter. People moving to the UK have also been approached, sometimes in their home countries, and offered jobs in the UK – moving funds as outlined above. In addition, people moving away from the UK are approached to hand over their bank accounts or good credit record when they leave, in order for fraudsters to make future use of them.
C I F A S
13
The letter below is a real example of a fake employment scam letter, and is printed verbatim. Example 3.3
E
xample:
Dear XXXX XYYYY, My name is XXXX XXXX and I represent XXXX XXXX Finance Inc. We’ve reviewed your resume and I’m glad to propose you a Payment Processing Agent vacancy. We are a large company founded and based in the UK. XXXX XXXX Finance Inc deals mainly with providing IT services to clients within the UK, while recruiting talented individuals and soliciting agencies from all around the world. This is a part-time position with a flexible schedule, working 2 to 3 hours a day from your home while staying in contact and receiving all your tasks online. During the training period, you’ll be paid £2,300 a month. In addition, you’ll keep 8% from every money transfer processed. Total income, considering the current volume of clients, will be up to £4,500 per month. After you successfully pass the training period, base salary will be increased up to £4,500 per month. Furthermore, you may request extra hours or even a full-time job. My goal is to spark your interest. In the present economy, our position offers training, support and a pay scale comparable to entry level position requiring 40 hours per week. I hope you will explore, compare, and then contact me with your questions. Please complete a form below with your updated contact information as a part of your return email. _____________________FORM_________________________ Your Full name:
____________________
Your Country of residence: ____________________ Your Contact phone:
____________________
Preferred call time:
____________________
_____________________FORM_________________________ We’ve found your resume at XXXXXXXXXX. This letter confirms that your resume has been duly processed and you meet our basic requirements for the Payment Processing Agent position. Sincerely yours,
XXXX XXXX XXXX XXXX Finance Inc.
14
C I F A S
3.4 Application Fraud
media coverage concentrating upon reduced lending, thus
Application Fraud
deterring many even from applying, the majority is likely to have resulted from the tighter lending requirements maintained by financial organisations throughout 2010.
Application Fraud relates to applications with material falsehoods (lies) or false supporting documentation (where the name given has not been identified as false).
As a result of this more stringent attitude to lending, there are two further possibilities to consider. First, that those determined to attempt fraud saw other methods (e.g. identity fraud) as a more viable alternative. Second, that the frauds were not reaching the fraud departments and
Fraud Type Application Fraud
2008
2009
2010
therefore were not being identified, because initial lending
77,023
57,825
44,680
before any underwriting, verification or fraud checks could
criteria were weeding out and rejecting these applications be carried out.
The number of application frauds identified in 2010
Figure 3.4 depicts the differing trends in application fraud,
continued on a downward trajectory, with a decrease of
by product, during 2009 and 2010. This shows that the
23% compared with the previous year. The decrease was
overall decrease in application fraud was driven specifically
evident across the majority of product groups with the most
by the drop in personal current account fraud, while other
noticeable being bank accounts and plastic cards. While
products remained fairly stable. ˃
some of the decrease can be attributed to widespread
Changes in Application Fraud Recorded 2009-2010 (by product type) Figure 3.4
C I F A S
15
It is clear, however, that some aspects of application fraud
As would be expected, compared with other fraud types,
were less affected by the current economic conditions. The
application fraud has seen the highest rate of frauds being
number of mortgage application frauds slightly increased in
carried out through more ‘face to face’ channels (27%)
2010, for instance. Mortgages have been among the most
– instead of remotely (online or by phone). Essentially,
tightly controlled financial products over the last few years
people were representing themselves but were including
(with low levels of lending – decreasing from the previous
material untruths on the applications or the supporting
year – continuing in 2010). The frauds identified tended
documentation such as by using forged passports or utility
towards practices such as the applicant hiding adverse
bills. ●
credit data, and concealing past convictions. In addition, fraudulent hire purchase applications remained fairly stable, showing a decrease of just 1%.
3.5 Facility Takeover Fraud
Facility Takeover Fraud Facility Takeover Fraud (also known as ‘account takeover’ fraud) occurs where a person (the ‘facility hijacker’) unlawfully obtains access to details of the ‘victim of takeover’, namely an existing account holder or policyholder, and fraudulently operates the account or policy for his or her own (or someone else’s) benefit. Fraud Type Facility Takeover Fraud
2008
2009
2010
19,275
22,387
21,226
Facility takeover fraud decreased by 5% in 2010 compared with 2009, but this follows very large increases over recent years. Despite the decrease in 2010, over 5,000 facility takeover frauds are still being recorded each quarter. The most common events associated with a facility takeover are the change of address on the account, unauthorised payments by the facility hijacker to another account (presumably the fraudster’s account, a third party accomplice or a similarly duped retailer, for example), or the application for an upgrade of a product in order to carry out further fraud.
16
C I F A S
1 in 5
Facility Takeover Frauds relate to an account being hijacked in search of an upgrade. There was a noticeable increase in those looking for a facility upgrade (20%, compared with 9% in 2009) and this now accounts for one fifth of all facility takeovers. This involves fraudulently taking over an account in order to obtain an expensive and much sought after product (which will then either be used to run up substantial bills or be sold through another channel). This type of facility takeover fraud was most commonly associated with communication products in 2010, and is indicative of the increased focus on products such as smartphones in recent years. As in previous years, these attacks are carried out either by opportunists who obtain the details of those they live with, or know well, or organised criminals who carry out these frauds on a larger scale. ●
3.6 False Insurance Claims
common reason for a household insurance fraud, with
False Insurance Claims
people still tempted to claim a higher value for goods than those that were actually stolen or damaged.
False Insurance Claims occur when an insurance claim, or supporting documentation, contains material falsehoods (lies).
Despite the overall decrease in false insurance claims, motor insurance fraud remained steady; with an increase noted in the proportion of these frauds being identified as staged events (42% compared with 35% in the previous
Fraud Type False Insurance Claims
2008
2009
2010
433
670
537
year). These ‘crash for cash’ cases are where an individual deliberately causes an incident, often by stopping suddenly and causing another vehicle to crash. The driver of the other vehicle can either be innocent or can be a part of the fraud.
False insurance claims presented a fairly stable picture in 2010, following the fluctuation in figures seen in 2009. Overall, the number dropped by 20% in 2010 from the levels recorded in 2009, and this drop occurred gradually during the course of the year, as shown in Figure 3.6. The bulk of the overall decrease was driven by the fall in household insurance frauds recorded (down by 41% from 2009). The inflation of claims remained one of the most
Either way, the insurance claim is fraudulently made. These incidents were recently associated with a highly professional network of expert gangsters with doctors, solicitors, claims firms and victims all lined up ready to play their respective parts1. Most seriously, this immediately presents a very serious threat to the safety of anyone within the vicinity of the ‘accident’. The knock-on effect is that the populace at large suffer from the inevitable increase in all insurance premiums. ●
False Insurance Claims Recorded 2009-2010 (by quarter) Figure 3.6
1 ACPO Head of National Road Policing Intelligence, Geraint Anwyl; Submission to the House of Commons Transport Committee, Jan 2011.
C I F A S
17
3.7 Asset Conversion Fraud
shows that the numbers recorded closely follow the pattern
Asset Conversion Fraud
seen in 2008.
Asset Conversion Fraud relates to the unlawful sale of assets subject to a credit agreement where the lender retains ownership of the asset (for example, a car or lorry).
While it may be expected that asset conversion fraud could rise during a recession (due to people needing extra funds or wanting to dispose of an item such as a car that they cannot continue to pay for), this is not reflected in the figures. One reason could be that, in the years immediately preceding 2010, people were simply unable to obtain the
Fraud Type Asset Conversion Fraud
2008
2009
2010
522
532
539
finance required to purchase a product in the first place; therefore, they did not have an asset which they could sell on unlawfully. The difficulties facing the industry are evidenced by the 15% increase in the number of asset conversion frauds identified as having originated with a dealer compared
The number of asset conversion frauds remained similar to 2009 with a slight increase of 1% recorded. Figure 3.7
Asset Conversion Fraud 2008-2010 (by quarter) Figure 3.7
18
C I F A S
with the previous year. ●
Fraudscape - Section Four
4. Location of Fraud in 2010 Map 4.1 presents the number of instances of fraud
frauds recorded in this area in 2010 (as displayed in Map
recorded per 1,000 people across Great Britain in 2010. It
4.1). Identity fraud and misuse of facility fraud are the
clearly shows that high levels of fraud are concentrated in
most common fraud types recorded in 2010, as noted
urban areas. This is especially noticeable in the Greater
elsewhere in this report.
London area and the extended commuter belt in the South East, and also in the North West (Manchester and
Map 4.2 shows the number of identity fraud cases
Liverpool). In the Midlands, frauds were more prevalent in
recorded across London in 2010 per 1,000 people.
Birmingham and Nottingham, while in Scotland there were
The map shows that overall levels of identity fraud
higher levels in the urban centres of Glasgow, Edinburgh
are relatively high across the whole of London. There
and Aberdeen.
are some variations, however. The data shows higher concentrations of identity fraud centred around the inner
There are some interesting anomalies, however, where
London south east boroughs and the far north west of the
high levels of fraud were identified in areas that fall
region. Some areas, especially along the eastern and
outside the larger urban areas; for instance, along the
southern edges of the region, show markedly lower levels.
north coast of Cornwall, sections of the North West Wales coastal areas and in the far north of Scotland. These
Map 4.3 presents the number of misuse of facility frauds
could equally be explained by individuals or groups
recorded across London in 2010, per 1,000 people. This
targeting certain (more rural) areas, or it could indicate
map shows a greater polarisation in the distribution of
fraudsters obtaining bulk datasets specific to a locality.
misuse of facility frauds than is evident in the identity fraud map. The areas with the greatest concentration are in
Maps 4.2 and 4.3 display data on the Greater London
East London with another high density area in the western
area. This is presented based on the concentration of
boroughs.
Maps The maps on the following pages show:
P
age 20 The location of addresses actively involved in fraud cases identified by CIFAS Members in 2010. The term ‘actively
involved’ means that any previous addresses used by the fraudster have not been included.
P
age 21 The location of addresses within the Greater London area associated with Identity fraud in 2010.
The location of addresses within the Greater London area associated with Misuse of Facility fraud in 2010. Addresses are based on middle layer super output areas and the intermediate geographies as produced by the Office for National Statistics (ONS) and the General Register Office for Scotland (GROS). Population counts are based on figures sourced from the ONS. Greater London area maps are superimposed with London council boundaries.
The maps on pages 20 and 21 contain public sector information licensed under the Open Government Licence v1.0. Contain Ordnance Survey data © Crown copyright and database right 2011. Contain Royal Mail copyright and database right 2011. Source: Office for National Statistics
C I F A S
19
Number of Frauds recorded per 1,000 people in Great Britain Map 4.1
10 and above Between 5 and 10 Between 3 and 5 Between 1 and 3 Less than 1
20
C I F A S
See page 19 for attribution.
Number of Identity Frauds recorded per 1,000 people within Greater London Map 4.2 14 10 and above
13 2
Between 4 and 10 Between 3 and 4
28
15 12
1
16
27
17
31
Between 2 and 3
3 10
Less than 1
11
4
20
9
No fraud recorded
30
26
19
18
Between 1 and 2
33
29
25
21
32
22 8 5
6 7
24
23
Number of Misuse of Facility Frauds recorded per 1,000 people within Greater London Map 4.3 14 13
10 and above
2
Between 4 and 10 Between 3 and 4
12
1
Between 2 and 3
16
3 10
No fraud recorded
31 30
26
19
11
4
20
9
5
33
29
27
17
18
Between 1 and 2 Less than 1
28
15
25
21
32
22 8
1 Hillingdon 2 Harrow 3 Ealing 4 Hounslow 5 Richmond upon Thames 6 Kingston upon Thames 7 Sutton 8 Merton 9 Wandsworth 10 Hammersmith and Fulham 11 Kensington and Chelsea 12 Brent 13 Barnet 14 Enfield 15 Haringey 16 Camden
6 7
17 18 19 20 21 22 23 24 25 26
Islington City of Westminster City of London Lambeth Southwark Lewisham Croydon Bromley Greenwich Tower Hamlets
27 28 29 30 31 32 33
23
24
Hackney Waltham Forest Redbridge Newham Barking and Dagenham Bexley Havering See page 19 for attribution.
C I F A S
21
Fraud detection
Ordnance Survey marks the spot Where claimants in the same neighbourhood are colluding Our up-to-the-minute geographic intelligence provides banks and insurers with vital information, enabling them to analyse fraud hot spots, make better-informed decisions and protect themselves against fraudsters. In fact, organisations are seeing savings of up to 15% on the total cost of fraud investigation and prevention.
We help you discover more
22
C I F A S
www.ordnancesurvey.co.uk/cifas
Fraudscape - Section Five
5. Fraud by Product Group 5.1 Introduction For each case recorded to the National Fraud Database,
be perpetrated by several methods including using a false
CIFAS Members also record the type of product that was
identity or by providing untrue information on an application
applied for, and this information provides a useful basis for
form.
analysis. These products are the types of commodities that members of the public can obtain (such as bank accounts,
The product groups with the highest amounts of fraud were
insurance products and mortgages) and, by collating and
bank accounts (31%), mail order accounts (23%), plastic
sharing data, CIFAS and Members can identify those
cards (18%) and communications (15%) – and, together,
products which are being targeted by fraudsters most
these groups account for 87% of all frauds recorded by
regularly and the specific methods used.
CIFAS Members in 2010. Each product group will be presented, therefore, in descending order of total frauds.
This section provides an overview of common trends recorded in 2010, and the following section presents
Table 5.1 shows the number of fraud cases recorded in
information on each group of products separately in
each product group in 2009 and 2010 and the change
order of the number of cases identified, starting with the
between the two years. It is evident that there was
largest group, bank accounts. Data for each product
considerable variation in the types of product targeted in
group is analysed in relation to the types of case it was
2010 compared with 2009. ˃
recorded against, for example a bank account fraud can
Frauds Recorded by Product Group 2009-2010 Table 5.1
Product Group
2009
2010
% Change
Bank Account
80,105
67,904
-15%
Mail Order
38,718
50,495
30%
Plastic Card
63,396
39,651
-37%
Communications
23,939
32,152
34%
Asset Finance
9,579
9,665
1%
Loan
6,653
6,018
-10%
Insurance
6,106
3,679
-40%
Mortgage
3,004
3,542
18%
Other
2,182
3,518
61%
571
761
33%
234,253
217,385
-7%
All-in-One TOTAL
C I F A S
23
The ‘other’ group in Table 5.1 consists of products which do
Figure 5.1 shows the changes in the number of frauds
not fall into any of the other product groups. The majority
recorded (in the four largest product groups) between
of cases recorded in this group in 2010 relate to ‘credit file
2007 and 2010. The data in 2010 presents a less polarised
requests’. These occur when a fraudster attempts to obtain
picture with frauds more evenly spread across the four
a credit file of an innocent party in order to acquire as much
largest product groups. This reflects the emergence of
financial detail as possible about a future victim. This is an
new methods to perpetrate fraud in recent years – and is
increasing issue, with 3,341 frauds identified; 68% higher in
indicative of the move in emphasis from the more traditional
2010 than in 2009.
products in the financial sector, to a wider range of newer products and markets. ●
A credit file is information relating to an individual that is held by one of the Credit Reference Agencies (CRAs). The credit file contains personal information about an individual such as date of birth, address and previous address. It also holds a record of current and previous financial commitments such as mortgages and credit cards. The most common way in which this type of fraud was carried out was through current address fraud: when a fraudster used the existing address of his or her victim and then attempted to intercept the file.
Frauds Recorded 2007-2010 (the four largest Product Groups) Figure 5.1
24
C I F A S
5.2 Bank Account Fraud
The types of bank account fraud recorded in 2010 are set out in Table 5.2.1:
Bank Account Frauds Recorded 2009-2010 by Fraud Type Table 5.2.1
Fraud Type
2009
2010
% Change
Application Fraud
26,822
17,756
-34%
Misuse of Facility Fraud
34,571
37,144
7%
Facility Takeover Fraud
4,051
1,974
-51%
Identity Fraud
14,661
11,030
-25%
Total
80,105
67,904
-15%
As shown in Table 5.2.1, bank account frauds decreased
The most notable aspect over recent years is the
by 15% in 2010 compared with 2009. This decline can be
interesting dichotomy between the continuing decrease in
attributed, in part, to the continued heavy investment by
application frauds with a corresponding increase in misuse
financial organisations in counter fraud systems.
of facility frauds, as shown in Figure 5.2. ˃
Application Frauds and Misuse of Facility Frauds Recorded 2007-2010 Figure 5.2
C I F A S
25
This pattern can be linked to the types of accounts that
pressures and resorted to paying cheques that they knew
were targeted in 2010, with an increase in personal savings
would bounce. Other activity, meanwhile, is carried out by
account frauds and a decrease in the use of personal
organised criminals who launder money by persuading
current accounts. Table 5.2.2 shows that frauds targeted
people to pay in funds through their own lawful accounts.
at personal fixed notice savings accounts increased
This can occur through coercion of individuals who are paid
by 133% and frauds targeted at instant or easy access
by criminals to allow their accounts to be used for money
savings products increased by 49%. During the same
laundering purposes. In addition, it is known that people
time period, personal current account fraud decreased by
reply to job adverts where the role in question requires the
20%. Savings products could have been targeted due to a
innocent party to move funds (fraudulently, although they
perception that these would not receive the same amount
may not realise it) through their accounts. (see information
of scrutiny or security as current accounts. During 2010 the
box on ‘money mules’ page 13)
number of company current account frauds also increased. Despite the drop in application fraud, there was an increase
Misuse of Facility Fraud accounted for of all bank account frauds identified in this period.
55%
in the proportion of people hiding their adverse credit history (67% compared with 60% in 2009), by claiming to reside at an address for longer than they actually lived there (9% compared with 5% in 2009) or by providing false employment details (8% compared with 4% in 2009). This could be a reflection of the higher unemployment levels and the harsher economic climate of 2010. The nature of identity fraud relating to bank accounts continued to display a similar pattern to that presented in 2009, with a continuing reduction in the use of completely fictitious identities to open bank accounts. Use of a false identity accounted for just 9% of these types of fraud compared with 15% in 2009. The most common types
Misuse of facility fraud accounted for 55% of all bank
were impersonation at a current address (42% compared
account frauds identified in this period. In part this was
with 36% in 2009) and the use of false documents (27%).
linked to the reduction in application frauds as a result
Once again, this is a worrying trend that points towards
of more stringent credit checking. As it was increasingly
an organised element. An account could be opened in
difficult for fraudsters to open a new bank account
someone’s name and they would not know about it until
(due to the variety of Know Your Customer (KYC) and
they try to open another account or were chased for the
verification requirements), fraudsters were making use
debt, as the fraudster would intercept the correspondence.
of existing accounts, which might have been obtained
Furthermore, with a move away from paper based to online
through legitimate means. In addition, CIFAS Members
statements, a fraudster has often simply to intercept the
have reported that lower levels of applications to financial
first contact sent by post from a financial organisation as
organisations meant that some fraud departments
further statements can be accessed online from an account
continued to have more time to examine existing accounts
of his or her choice.
and patterns of payment. Following a leap in levels in mid 2009, facility takeover Misuse of facility fraud arises due to a number of different
fraud reduced by over 50%. There appear to have been
circumstances. It can be that individuals suffered financial
changes both in how individuals’ details are being ˃
Changes in Bank Account Frauds 2009-2010 Table 5.2.2
Product Type
2009
2010
% change
74,006
59,311
-20%
93
217
133%
Personal Instant Access Savings/Investment Accounts
4,431
6,611
49%
Company Current Accounts
1,551
1,738
12%
Personal Current Accounts Personal Fixed Notice Savings/Investment Accounts
26
C I F A S
obtained and, once obtained, how they are being used. The majority of the decrease is accounted for by the reduction of facility takeovers recorded as being carried out online. Instead, there was an increase in the number of accounts taken over through face to face interaction and especially by phone. This reflects the increased security placed on online accounts so that fraudsters resort to dealing directly with a member of staff in order to persuade them to make account changes. Compared with 2009, a lower proportion of these takeovers consisted of unauthorised electronic payments (51% compared with 87% in 2009) and also lower numbers of unauthorised security and personal detail changes being made. Instead there were increases in the number of unauthorised address changes and paper payment instructions. Changing addresses on an account might appear to be an innocuous thing to do and, once the fraudster has effectively diverted the account to a new address, he or she can request new cards or chequebooks to be issued to that address. There was a decrease in the use of the internet as a bank
While Bank Account Fraud decreased by 15% in 2010, it still accounted for of all frauds.
31%
This is a reflection of the considerable efforts made by financial institutions to combat internet fraud, together with an increasingly educated public who are less likely to respond to phishing attacks. It is too early to say if this is a trend, however. The emergence of new malware threats makes it harder for personal users to protect their home computers and it is difficult to predict how this will affect banking fraud in the next year. The increase in phone fraud relating to bank accounts was also notable (22% in 2010 compared with 11% in 2009) and this is an area that will need to be monitored closely. ●
account fraud facilitator from 33% in 2009 to 19% in 2010.
Enterprise Risk Management • Uncover entire fraud networks • Reduce false positives • Accelerate investigations • Prevent fraud in real-time • Support regulatory compliance
Find out more by visiting www.deticanetreveal.com C I F A S
27
5.3 Mail Order Fraud
The types of mail order fraud recorded
Mail Order Frauds Recorded 2009-2010 by Fraud Type
in 2010 are presented in Table 5.3.
Table 5.3
After a sharp increase in the last quarter of 2009, mail order fraud continued to increase in early 2010, followed by a decrease and levelling off later in the year. The most noticeable aspect was the drop in misuse of facility fraud and the continuing, though slightly moderated, increase in identity fraud as shown in Figure 5.3. ˃
Fraud Type Application Fraud Facility Takeover Fraud Identity Fraud Misuse of Facility Fraud Total
Mail Order Frauds Recorded 2008-2010 (by quarter) Figure 5.3
28
C I F A S
2009
2010
% change
280
246
-12%
2,816
4,168
48%
30,920
44,577
44%
4,702
1,504
-68%
38,718
50,495
30%
The overall increase was driven almost exclusively by the
decrease in the middle of the year was likely to have been
internet – with 99% of all mail order frauds carried out in
due to mail order organisations identifying fraudster tactics
this way.
and moving to counteract them. Following the pattern in 2009, the link between mail order frauds and organised
The overall increase was driven almost exclusively by the internet – with of all Mail Order Frauds carried out in this way.
99%
criminals again appeared to be supported by the data. This was especially the case where data sets of compromised identity details were being used. The majority of the increase in identity fraud was accounted for by a large increase in the number of current address frauds (which now account for 87% of all mail order identity frauds). A proportion of these will have been committed by people impersonating family or friends that they live with or know well. In over half of all cases, however, a false date of birth was provided. This indicates that a high number of attacks were being made by strangers, using the data sets that were not always complete. Mail order application fraud continued to decline, and
Identity fraud continued to account for the highest
the fraudsters’ success rate was much lower: at 78%
proportion of all mail order frauds (88%). Although not
compared with 85% in 2009. The number of mail order
showing the same spike as seen in the last quarter of
facility takeover frauds increased to levels close to those
2009, the levels overall were higher than in 2009. The
of 2008. ●
Revolutionary solutions for fraud and risk management Advanced application fraud prevention solution
Risk ranking & sophisticated scoring capability
Transactional monitoring for effective fraud detection
Employee fraud screening
Integrated case management system
Procurement fraud identification
Automated fraud network & data mining modules
Real-time and batch infrastructure
01782 664000
[email protected]
C I F A S
29
5.4 Plastic Card Fraud
The types of plastic card fraud recorded in 2010 are set out in Table 5.4. There was a decrease across all plastic card fraud types, following the pattern seen in 2009.
Plastic Card Frauds Recorded 2009-2010 by Fraud Type Table 5.4
Fraud Type
2009
2010
% change
Application Fraud
5,866
3,830
-35%
Facility Takeover Fraud
11,503
8,209
-29%
Identity Fraud
39,249
23,560
-40%
6,778
4,052
-40%
63,396
39,651
-37%
Misuse of Facility Fraud Total This decrease is likely to have been due to financial
This could be linked to the reduction in bank account
organisations having more stringent initial lending criteria.
frauds noted in Section 5.2.
Lenders have remained cautious and it is widely known that they are continuing to decline a high proportion of
Identity fraud on plastic card accounts is largely reliant
credit card applications. As a result, people are simply not
upon current address fraud (see definition on page
applying for as many card accounts as they might have
11) which accounted for 63% of identity fraud in 2010,
done in previous years. Organised fraudsters will be just as
compared with 51% in 2009. Current address fraud
aware that they will not succeed with an application in their
remained a serious issue with cards, as an impersonator
own names and, even if they assume another person’s
would have free rein to use a card as he or she wished
identity, that there is no guarantee that this other identity
once it had been intercepted. The innocent party would
will be ‘creditworthy’. In addition, there is a sizeable group
have no knowledge that this was happening until, perhaps,
of people who simply do not want to get into the position of
they applied for another product or were chased for the
having additional credit in these straitened times, although
debts. Therefore, while less identity frauds were being
they may have been tempted to commit fraud to obtain
recorded, those that were remained very serious and were
credit in previous years.
frequently indicative of more organised activity.
Despite the overall decrease, the success rate of the
The pattern of plastic card-related misuse of facility fraud
plastic card frauds attempted remains consistent with
remained remarkably similar to that seen in 2009, with the
previous years – with just over half (51%) being successful.
main reason for recording a fraud of this type being regular
The frauds identified were increasingly concentrated on
payment fraud (40%). This occurs, for example, when a
online frauds with this channel accounting for 70% in 2010
fraudster sets up a direct debit from an innocent party’s
compared with 60% in 2009.
account in order pay off his or her own credit card. Facility takeover fraud, meanwhile, continued to decrease: with a
30
For the majority of application frauds, the story remained
lower proportion associated with changing address (49%
similar to recent years with the largest proportion being
in 2010, compared with 62% the year before). Instead,
efforts to hide a poor credit history (70%), and providing
there was a move to plastic card frauds being associated
false employment details (13%); both of which were likely
with an unauthorised electronic payment instruction (39%
to be related to current economic difficulties and increasing
in 2010 compared with 26% in 2009), for example when
unemployment. There was a notable decrease of 75% in
a fraudster had acquired debit or credit card details and
the number of people providing false bank details (which
used these to transfer funds from the victim’s account to
now account for just 6% as compared with 15% in 2009).
his or her own. ●
C I F A S
5.5 Communications Fraud
The types of communication fraud recorded in 2010 are set out in Table 5.5:
Communications Frauds Recorded 2009-2010 by Fraud Type Table 5.5
Fraud Type
2009
2010
% change
Application Fraud
5,172
4,578
-11%
Facility Takeover Fraud
3,879
6,590
70%
11,511
16,821
46%
3,377
4,163
23%
23,939
32,152
34%
Identity Fraud Misuse of Facility Fraud Total
Communications fraud has seen a continuing increase from
Figures 5.5.1 to 5.5.3, on page 32, show how these
2009 into 2010, with the key drivers again being identity
approaches have changed since 2008, with unauthorised
fraud and facility takeover fraud. In 2010, facility takeover
facility upgrades becoming the vehicle of choice for
fraud accounted for a greater number of the total frauds
fraudsters.
identified than application fraud. There is, though, no one clear method by which facility The most notable increase during the year was in facility
takeover frauds are being carried out. A fraudster might
takeover fraud. There are two main approaches used by
obtain some details from a phishing attack, and then
fraudsters to take over a communications account:
change the account or apply for an upgrade over the
1
phone. The online security measures used by many ) Unauthorised facility upgrade: this occurs
communications providers may mean that, while a fraudster
when an individual takes over an account (e.g. a
may obtain details of a victim online (by exploiting any
mobile phone account) to obtain an upgrade of the
potential weaknesses in individual PCs or laptops), they
product. The fraudster then receives a new model of
think they have a better chance of talking their way around
phone, which they can use or sell on for a profit. This
the extra security on the phone.
method increased by 113% compared with 2009
2
However, we are at a very interesting juncture in the use ) Unauthorised addition of another facility
of communications products, specifically mobile phones.
to an account: for example, adding another
The functionality of smartphones is changing rapidly and
number to a genuine mobile phone account leaving
they are being used, by increasing numbers of consumers,
the innocent party to pay the extra charges.
almost like mobile computers. This is bringing new dangers for customers, and new opportunities for hackers ˃
The challenge
for those involved in providing mobile data services and the internet, is to counteract this threat with increased security and to educate consumers. C I F A S
31
Communications Facility Takeover Frauds 2008 Figure 5.5.1
scouring the internet for personal data. Accessing public wi-fi hotspots using a mobile phone can mean that any information accessed is visible to others. The challenge is for all those involved in providing mobile data services and the internet to counteract this threat with increased security controls and by educating consumers to become more security aware. The rise in communications-related facility takeover fraud can also be linked to the decrease in application fraud
Communications Facility Takeover Frauds 2009 Figure 5.5.2
recorded in 2010. Communications companies continued to sell high volumes of aspirational consumables such as smartphones, and introduced tougher credit-checking procedures. As these phones have been on the market for a few years now, it has become common knowledge that mobile phone companies require detailed levels of personal information from new applicants. As it may be more difficult to open a new account, the fraudster uses an existing account instead, obtaining the necessary details by whatever means possible. For communications-related application fraud, however, concealing a bad credit history by failing to disclose addresses remained the most common reason for a fraud being recorded. Identity fraud again accounted for the highest proportion of communications fraud and continued to increase strongly. Current address fraud (see definition on page 11)
Communications Facility Takeover Frauds 2010 Figure 5.5.3
remained the most common method used by fraudsters, and again increased sharply in 2010. Interestingly, the use of completely fictitious identities also continued to increase and was associated with 21% of frauds in 2010. It has been suggested by some that this type of attack is less sophisticated (as the fraudster is just trying his or her hand), and this is somewhat borne out by the continuing increase in the number of cases where the company ran its usual checks, only to find out that the person named on the account was not known at the address cited on the form. Following a decrease last year, misuse of facility fraud in relation to communications products has shown an increase in 2010. The most noticeable increase in these types of fraud was in regular payment fraud (from 23 cases recorded in 2009 to 2,071 cases in 2010). This could be a result of a fraudster setting up a payment from an innocent party’s bank account to pay for a mobile phone account. ●
32
C I F A S
Premium addressing software doesn’t have to come at London prices Address auto-fill is an essential tool for fast, reliable data entry, whether on your contact database or website. But why make do with old technology that costs the earth? Switching to Postcode Anywhere is easier than you think. • Official Royal Mail PAF® data updated automatically every day via internet • No set-up fees, no service upgrade charges and full backwards compatibility • Free technical support, from a team of specialists in the UK • Effortless integration with any IT system, including bespoke software
Lloyds TSB, National Savings & Investments, British Gas, Pizza Hut, Rolls Royce, Oxfam and over 8,000 others have already moved to Postcode Anywhere. To make it easier for you too, we’re offering 10% off your first credit pack or user licence.
Just quote SWITCH11 when you call or check out online. Call 0800 047 0495 now or visit postcodeanywhere.com/switch
C I F A S
33
5.6 Asset Finance Fraud
Table 5.6 sets out the figures for asset finance fraud in 2010 compared with 2009, by fraud type:
Asset Finance Frauds Recorded 2009-2010 by Fraud Type Table 5.6
Fraud Type
2009
2010
% change
526
539
2%
8,196
8,247
1%
Identity Fraud
479
472
-1%
Misuse of Facility Fraud
378
407
8%
9,579
9,665
1%
Asset Conversion Fraud Application Fraud
Total
Following a decline over recent years, asset finance fraud
declare. There was also a notable increase in the numbers
presented a fairly stable picture for 2010, showing an
presenting fraudulent bank statements to support their
increase of 1%.
applications, which was the case with over one fifth of asset finance application frauds.
Asset finance is an important part of the survival of many businesses, especially those that need to manage their cash flow closely. It allows investment in business assets (such as machinery, office technology and vehicles) over a medium term period. That fraud figures remained stable in this sector may either be a result of companies in the economic slowdown struggling to pay leases or of companies looking at extra finance as a way of increasing cash flow. It could also be a reflection of individuals being unable to pay leases and selling the product such as a vehicle (still subject to a hire purchase or similiar
The main evidence presented for application frauds was again proof of electoral roll (27%), where after investigation it was discovered that the applicant appeared on the electoral roll at a different address.
agreement) to pay other debts. In relation to asset finance, both misuse of facility fraud and Application fraud continued to account for the highest
asset conversion fraud continued to increase in 2010. This
proportion of asset finance frauds – and increased during
has been a repeating trend over recent years, and could
the year by 1% after several years of decline. This was
be linked to the economic slowdown. People are unable to
contrary to the overall trend of application frauds falling
afford repayments on products and so attempt to sell the
across other product groups. The increase in application
item, simply fail to make repayments, or attempt to continue
fraud was concentrated on contract hires (whereby cars
to pay using false instruments, such as a cheque that they
are hired for set periods of time at a fixed monthly rate but
know will bounce.
continue to be owned by the finance company). The main
34
reason for these frauds was that people were hiding a poor
As noted earlier in this report (page 18) asset conversion
credit history by not disclosing a previous address. The
is the sale of an asset that is still owned by a finance
main evidence presented for application frauds was again
company as the loan has not yet been paid in full, for
proof of electoral roll (27%), where after investigation the
example a car that is bought on hire purchase and then
finance company discovered that the applicant appeared
sold. This accounted for 6% of asset finance frauds in
on the electoral roll at an address they had failed to
2010. ●
C I F A S
5.7 Loan Fraud
The types of loan fraud recorded in 2010 compared with 2009 are set out in Table 5.7.
Loan Frauds Recorded 2009-2010 by Fraud Type Table 5.7
Fraud Type
2009
2010
% change
Application Fraud
4,198
3,397
-19%
17
13
-24%
2,093
2,404
15%
Misuse of Facility Fraud
344
204
-41%
Asset Conversion Fraud
1
0
-100%
6,653
6,018
-10%
Facility Takeover Fraud Identity Fraud
Total
Loan fraud refers to both secured and unsecured loans but
figure of 2007. Figure 5.7 demonstrates that, overall, the
not mortgages. This type of fraud decreased by 10% overall
decline in 2010 was more gradual than in preceding years. ˃
in 2010, continuing a trend noted over the last four years; with the total now representing less than one third of the
Loan Frauds Recorded 2007-2010 by Fraud Type Figure 5.7
C I F A S
35
loan frauds in 2010 compared with 63% in 2009 and 70% in
Loan-related identity fraud
2008. Hiding an adverse credit history by failing to disclose a previous address continued to be the preferred option for those attempting loan application fraud, albeit with a
is increasingly perpetrated
lower proportion than in recent years (72% down from
using the internet (an
decreased. The number providing false employment details
increase of 66%
from 2009) and the phone
(up by 80%).
80%). Similarly, those providing a false time at an address continued to climb, now accounting for 15% of cases. This reflected the higher unemployment figures in 2010, with people attempting to hide unemployment when applying for a loan. Following a decrease in 2009, loan-related identity fraud increased in 2010 and accounted for 40% of all the loan frauds identified. It is likely that, having come across strong resistance from the standard financial organisations, fraudsters turned to less traditional lenders whom they
The decrease was linked to the tighter lending criteria
perceived to be an easier target. Loan-related identity fraud
discussed elsewhere in this report as financial institutions
is increasingly perpetrated using the internet (an increase
remained reticent about lending. This was also reflected in
of 66% from 2009) and the phone (increase of 80%) to
the figures for application fraud which has shown the most
carry out frauds. ●
notable decrease over recent years, accounting for 56% of
a fresh approach to emerging threats THE 1st CIFAS DIRECT AGENCY Extra data to identify more fraudulent transactions at all stages of the customer lifecycle.
THE 1st PARTNER FOR NEW NCOA® ALERT SERVICE NCOA® Alerts is a new service from Royal Mail, and is proven to identify identity and address-based fraud.
Find out more at www.transactis.co.uk/freshapproach Email:
[email protected] 36
C I F A S
5.8 Insurance Fraud
Table 5.8 sets out the types of insurance fraud recorded in 2010 compared with 2009:
Insurance Frauds Recorded 2009-2010 by Fraud Type Table 5.8
Fraud Type
2009
2010
% change
Application Fraud
4,284
2,944
- 31%
False Insurance Claim
670
537
- 20%
Facility Takeover Fraud
2
0
- 100%
1,046
108
-90%
104
90
- 13%
6,106
3,679
- 40%
Identity Fraud Misuse of Facility Fraud Total
There was a notable fall in insurance fraud in 2010: the
Inflated claims accounted for the greatest proportion of
biggest decrease being in home insurance which reduced
false insurance claims: 28% in 2010 compared with 15% in
by 66% from 2009. Motor insurance, the other largest
2009.
product type in insurance terms, declined by 27% in 2010 compared with 2009. The decrease, however, occurred
Overall, the most notable change in the methods
across all insurance fraud types, with the most substantial
associated with insurance fraud was in the provision of
reduction seen in identity fraud – which dropped by 90%,
false payment details. This has decreased from 29%
back to a level last seen in the first half of 2008. Insurance
of insurance frauds in 2009 to 7% in 2010. In terms of
related application fraud also showed a substantial
changes, this was closely followed by the provision of a
decrease, down by almost one third (31%).
false address (9% in 2010 down from 14% in 2009). There was also a substantial reduction in the provision of false
Although there was a decrease in application fraud, there
phone numbers, which were filed in only 10 cases in 2010
were some notable changes in how these were carried out.
compared with 648 in 2009. The decrease in insurance
The most common method was the provision of false bank
related identity fraud has contributed to the lack of cases
details (24% of application frauds) but an increase was
recorded for ‘confirmed not known at address’, false
also recorded in the proportion of applications where other
identities, and impersonations. As insurance premiums can
claims were not declared (18% in 2010 compared with
change depending on postcodes, manipulating an address
5% in 2009). The latter is often attempted in an effort, by
is another common method of attempting to obtain a lower
individuals, to reduce an insurance premium, perhaps not
premium.
surprisingly, given the economic situation and uncertainty regarding 2011’s economic prospects. There was also
The internet remained the favoured method to carry out
a surge in insurance applicants providing inconsistent
insurance fraud, although at a lower proportion: 63% in
details across applications (17% in 2010 compared with
2010 compared with 73% in 2009. There was an increase
6% in 2009). This is caused by individuals putting different
in the number of brokers identified, primarily in relation to
combinations of details on different application forms; again
application fraud: jumping from 81 overall in 2009 to 543
in an effort to obtain a lower premium. The number of
in 2010. This could indicate that brokers struggling for
these types of fraud being identified is indicative of greater
business were increasingly tempted to alter information on
scrutiny by insurance companies of applications, together
application forms in order to meet targets. ●
with the benefits of data sharing across the industry.
C I F A S
37
5.9 Mortgage Fraud
Table 5.9 sets out the types of mortgage fraud recorded in 2010 compared with 2009:
Mortgage Frauds Recorded 2009-2010 by Fraud Type Table 5.9
Fraud Type
2009
2010
% change
Application Fraud
2,677
3,391
27%
6
0
-100%
Identity Fraud
161
66
-59%
Misuse of Facility Fraud
160
85
-47%
3,004
3,542
18%
Facility Takeover Fraud
Total
Mortgage fraud increased by 18% in 2010, largely driven •
by a 27% increase in the number of application frauds 96% of all mortgage frauds, with identity frauds and misuse
•
of facility frauds dropping back to the levels recorded in
during boom times may be abandoned or
in line with expectations that falling house prices and
offloaded hurriedly during a recession, or
tighter lending criteria have exposed falsified mortgages,
the account may fall into arrears, meaning
especially those where key information on the original
that the original fraud is only now being
application form, such as salary, was untrue.
uncovered. •
Application frauds now account for of all Mortgage Frauds.
year figures in 2009. There was a subsequent decline in the second half of 2010, with quarter 3 showing a decline of 14% and a further decline of 9% in quarter 4. Following sharp falls in 2008 and 2009, mortgage lending stabilised in 20102. Lenders continued to maintain stringent lending criteria and to require large deposits from applicants. Given this context, the overall increase in mortgage application fraud can be attributed to:
and struggling to keep their companies afloat. Some may have turned to fraudulent activities such as changing the details of clients’ incomes in order to obtain a mortgage. Applicants in such cases, of course, may not necessarily be in collusion with the broker. There is also a group of people who falsify applications in order to obtain the mortgage initially, yet who do intend to make their repayments. During the boom times these people would obtain a mortgage, pay it as agreed and sell the property for a profit. It is no longer certain that a property sale will make a profit and the applicant is in danger of falling into negative equity. This type of application, however, is likely to have reduced substantially because of the prevailing conditions. ˃ 2
38
C I F A S
some brokers being under financial pressures due to the economic slowdown
96%
the first half of the year following on from the high end-of-
the long ‘lag time’ in identifying mortgage fraud. Properties fraudulently obtained
2008. The increase in mortgage application fraud was
Figure 5.9 shows that the bulk of the increase occurred in
increased scrutiny by lenders which has detected more issues with applications.
compared with 2009. Application frauds now account for
Council of Mortgage Lenders website http://www.cml.org.uk/cml/media/press/2838
Mortgage Frauds Recorded 2008-2010 by quarter Figure 5.9
43%
of Mortgage Application Frauds attempted to hide adverse credit information linked to an undisclosed address.
difficult to identify fraudulent applications, especially those supported by high quality false documents. It is therefore not surprising that the majority of mortgage frauds continued to be associated with businesses introduced by brokers (69%). There is some evidence, however, that there is a move towards greater scrutiny of documents – with a notable increase in the numbers recorded as presenting false evidence of electoral roll information, wage slips or bank statements which did not pass examination. The increase in fraudsters using forged P60s noted in 2009 was not sustained in 2010.
In 2010, the most common form of mortgage application fraud was an attempt to hide adverse credit information
The decrease in the number of mortgage-related identity
linked to an undisclosed address (43% compared with 30%
frauds can account for some of the reduction in frauds
of cases in 2009), followed by 22% of cases of applicants
associated with the presentation of false documents.
simply not disclosing a bad credit history. There was
These accounted for just 15% of cases in 2010 compared
another increase in those providing false employment
with 33% in 2009. Within mortgage frauds, using false or
details (8% compared with 5% in 2009).
altered documents, stating false income, or providing false employment details have all decreased from over two thirds
Much mortgage business is carried out at a distance,
of mortgage application frauds in 2009 to account for less
for example an intermediary such as a broker based
than half in 2010. ●
in Manchester could be dealing with a client based in London and a solicitor in Birmingham. As the intermediary never meets the client face to face they may find it more
C I F A S
39
5.10 All-In-One Product Fraud
The types of all-in-one frauds recorded in 2010 are set out in Table 5.10.
All-in-One Product Frauds Recorded 2009-2010 by Fraud Type Table 5.10
Fraud Type
2009
2010
% Change
Application Fraud
194
179
-8%
Facility Takeover Fraud
109
255
134%
Identity Fraud
189
271
43%
79
56
-29%
571
761
33%
Misuse of Facility Fraud Total
An all-in-one product is one where a group of financial
application frauds could be related to the overall tight
products are offered together and operate through
lending conditions relating to mortgages, which have
interaction. A common example of this is an offset mortgage
affected the whole market, whether they are stand-alone or
when, instead of paying interest on an entire mortgage,
all-in-one.
customers pay interest on the difference between the balance of a mortgage and their savings. The number of all-in-one frauds was low overall but increasing and showed a rise of 33% in 2010 compared with the previous year. The majority of this increase was due to a 134% upsurge in all-in-one product facility takeover frauds, following on from the very high increase of over 500% in 2009. The most common means by which this was carried out was through unauthorised electronic payment instructions (33%); indicating that fraudsters
74%
of All-in-One product-related impersonation cases are current address frauds.
were using the interaction between accounts to hide their activities, targeting accounts that they hoped would not be noticed. This increase could also be related to the increase in savings account fraud, noted in Section 5.2. There is
In cases of all-in-one product-related impersonation, the
little evidence, to date, that certain bank accounts are being
methods have swung back to current address fraud with
targeted simply because they are linked to other products,
74% of all cases associated with frauds of this type. This
so it is most likely a case of the fraudster abusing whatever
is considered a more sophisticated method as fraudsters
facilities are available on the account once they get access.
need to establish a means of obtaining access to a person’s mail to retrieve any post. This may not need to
Application fraud on all-in-one products has not increased
happen regularly, because once the first piece of mail is
despite the increased presence of all-in-one products on
received, other aspects of account manipulation can be
the market. Demand for offset mortgages was strong
carried out online. The most common means by which all-
in 20103 as base-rate stability and low interest rates on
in-one frauds were carried out continued to be the internet
savings accounts continued to encourage customers
(45%). ●
to look for increased value. However, the decrease in 3
40
C I F A S
http://www.mortgages.co.uk/news/2010/Oct/first-direct-sees-rise-in-offset-mortgages-800160353.html
Fraudscape - Section Six
6. Demographics Information about those who are associated with frauds is recorded to the National Fraud Database. These demographic details are identified by Members at the time the fraud is recorded. This section focuses on those who carried
A
total of 107,867 victims were identified in 2010. Of these, 21% were recorded as being victims of facility takeover and the remaining 79% were recorded as victims of impersonation.
out the frauds. However, those frauds which involve impersonation or facility takeover involve the targeting of an innocent victim. A total
Table 6.2 sets out the gender of fraudsters by fraud type. In
of 107,867 victims were identified in 2010. Of these, 21%
identity fraud, the details presented are the characteristics
were recorded as being victims of facility takeover and the
of the victim’s identity that the impersonator used to commit
remaining 79% were recorded as victims of impersonation.
the fraud. In application fraud, the details are accepted as
Often the details of the fraudster and their victim are the
genuine (except where identified as false, for example a
same, for example in relation to identity fraud as the true
date of birth).
identity of the fraudster is never established - merely
The gender of fraudsters 2008-2010
that the applicant is not who he or she purported to be.
Table 6.1
Therefore, in order not to double count these figures, the data presented in this section is based on the information
2008
2009
2010
Female
34%
31%
32%
Male
66%
69%
68%
recorded as being associated with the fraudster at the time the fraud was recorded.
G
ender In the vast majority of cases, the gender of an
individual was recorded (97%). Table 6.1 sets out the
Males continued both to carry out more frauds, and to be
gender breakdown of frauds and shows that the proportion
the target of higher amounts of identity fraud and facility
of males to females has remained fairly stable in recent
takeover fraud. The distribution of females recorded
years with males accounting for approximately two thirds of
against different fraud types presents an interesting picture,
frauds each year.
however. On the one hand, the higher than average ˃
The Gender of Fraudsters by Fraud Type 2010* Table 6.2
Fraud Type
Female
Male
Unknown
Asset Conversion Fraud
19%
75%
7%
Application Fraud
33%
66%
2%
False Insurance Claim
27%
70%
4%
Facility Takeover Fraud
37%
61%
2%
Identity Fraud
30%
68%
2%
Misuse of Facility Fraud
23%
70%
7%
* Some percentages may add up to more or less than 100% due to rounding
C I F A S
41
proportion of females associated with facility takeover
Fraudsters fell predominantly into the age groups 21-30
fraud may indicate a greater number of women being
years old and 31-40 years old which together accounted for
targeted in these types of fraud. It is, however, also likely
over half of all frauds recorded in 2010.
to be as a result of more organised criminals carrying out frauds using bulk data obtained through cyber attacks
The information above is based on the data identified by
such as phishing and use of spyware. These types of fraud
Members. In some cases, such as application fraud, this
do not discriminate in terms of the age or gender of the
may not be the actual age of a fraudster but instead it was
victim. They rely on volume instead of specifically targeting
the age given by the fraudster because he or she thought it
individuals who may be perceived as ‘a good victim’ due
was the optimum age needed to obtain a product.
to age or wealth. On the other hand, the higher rate of females recorded against application frauds shows that
Figure 6.2 shows how each type of fraud attracts a different
a significant number of women actually carry out these
age group. There is a greater prevalence of identity fraud
frauds themselves.
and facility takeovers as the age profile increases. This
A
is in line with perceptions that fraudsters are more likely
ge Groups
to target those with ‘good’ credit records who have
The date of birth of an individual connected to a fraud
amassed assets in their name. For those recorded as
was recorded in the majority of cases. In 2010, the average
being in the age group ‘under 21’, the main fraud type was
age of a fraudster recorded on the National Fraud Database
overwhelmingly misuse of facility (64%) with these being
was 38 years old, the same for males and for females.
primarily focused on current accounts. Application frauds show the greatest prevalence among those in the age
Figure 6.1 sets out the breakdown of fraudsters by the age group they were in at the time the fraud was identified.
Age Groups of those Involved in Fraud 2010 Figure 6.1
42
C I F A S
groups ’21-30’ and ’31-40’. ˃
Age Groups by Fraud Type 2010 Figure 6.2
Both asset conversion fraud and misuse of facility fraud were associated with a younger age group. These two fraud types were also dominated by males. While this presents a clear picture of younger men being involved in these types of fraud, the reasons why could be varied. It could be that these frauds appear on the surface to provide a quick short term gain for little effort, or it could be that some people in this group simply turned a blind eye to their account being used for fraudulent purposes. It could also be that some people did not realise that what they saw as acquiring something for nothing was in fact committing fraud. ●
C I F A S
43
For further information, please contact our Research Manager and the Communications Team CIFAS 6th Floor, Lynton House 7-12 Tavistock Square London WC1H 9LT
[email protected]
C I F A S The UK’s Fraud Prevention Service
CIFAS - The UK’s Fraud Prevention Service 6th Floor, Lynton House 7-12 Tavistock Square London WC1H 9LT www.cifas.org.uk CIFAS - A company limited by Guarantee. Registered in England and Wales No.2584687 at 6th Floor, Lynton House, 7-12 Tavistock Square, London WC1H 9LT
