Fraud and cyber crime still vastly under-reported

Only a fraction of fraud and cyber crime offences occurring in the UK are being reported to the authorities, according to estimates compiled by the Office for National Statistics (ONS) in its new telephone-operated Crime survey for England and Wales (TCSEW).

The figures estimated that there were 4.4 million fraud offences in the 12 months to 30 September 2020, similar to the figures from previous years, but police-recorded offences collated through the National Fraud Intelligence Bureau (NFIB) via Action Fraud, Cifas and UK Finance, showed just 730,765 offences, a rise of about 2,000 from 2019. This suggests that just 16.6% of frauds are being reported.

Turning to cyber crime – booked in the survey as computer misuse offences – the ONS TCSEW estimated 1.7 million offences to the end of September, again similar to the number reported in previous years. However, only 29,094 offences were referred to the NFIB – 1.7% of the estimated total.

Richard Hall, a senior associate in the data protection and cyber security team at law firm DWF, said the under-reporting was a source of great concern.

“With the victim blame culture that exists with these offences, as well as the general public perception that there is limited action that the relevant authorities can or will take against the offending criminals, it is perhaps not surprising to see such low numbers of reports being made,” he said.

“In turn, the low level of criminal complaints being made, combined with the potentially high gains that can be made from cyber crimes, makes these offences an attractive proposition for would-be criminals, which is only likely to perpetuate as the world starts to look at longer-term remote-working conditions.”

Hall said there was no doubt that more needed to be done to tackle and prevent cyber crime by the relevant authorities, but added that on the evidence of the ONS data, it was also incumbent on everyone to act more responsibly, to report incidents as they arise, and to make a concerted effort to change attitudes towards fraud and cyber crime.

“If the relevant authorities are not even being told about these offences when they arise, they stand no chance of making real progress against the growing criminal activities in cyber space and many criminals will go unpunished,” he said.

“This, in turn, creates greater risks for individuals and businesses alike and keeps much of the onus on individuals and businesses to tackle cyber crimes at their own cost.”

This said, a deeper dive into the data reveals that there were some significant increases in the number of offences reported. For example, UK Finance fraud data taken from across the banking sector found a 61% increase in remote banking and card fraud, while Action Fraud reported that it saw a 53% increase in offences involving the hacking of email or social media accounts and a 40% rise in offences booked as “computer viruses and malware”.

The ONS said the increase in remote banking fraud clearly reflected increased use of online services by consumers during periods of lockdown, as did a 27% increase in incidents of retail and online auction fraud. The increase in computer misuse offences probably reflects a rise in the number of large-scale data breaches disclosed, it added.

Josh Gunnell, TransUnion head of fraud and identity pre-sales for the UK, said the statistics laid bear the scale of the challenge the nation faces as cyber criminals take advantage of the digitisation of society.

He said these increases were likely to continue, especially as the full impact of repeated national lockdowns becomes clearer.

“This is echoed by TransUnion’s own research tracking the impact of Covid-19 in the UK, which showed that, at the end of 2020, 30% of respondents had been targeted in a digital fraud attempt related to the pandemic, with 7% of those falling victim to the scams,” said Gunnell.

“Fraudsters adapt quickly – as we’ve seen recently with the rise in investment scams circulating on Instagram and other social media channels – and businesses need to be equally agile, continually reviewing and adapting their fraud prevention strategies and tools.

“Even some of the strategies to prevent fraud can themselves become vectors of fraud, such as the ‘confirmation of payee’ scheme. This is in place to better protect consumers, but has given rise to a spike in phishing texts telling the target that a new payee has been set up and directing them to click a link for details. The threats evolve continually and in the current environment, with people banking and shopping almost exclusively online, these risks are greater than ever.”