Card not present scams soar despite clampdown on online bank fraud

Overall plastic fraud rises to £216 million

Better fraud detection and swifter action on phishing sites contributed to online banking losses falling by a fifth during the first half of 2013, according to figures from banking sector body Financial Fraud Action UK.

Online fraud cost against UK institutions cost the industry £17.1 million ($27 million, a 21 percent drop compared to the same period in 2012, almost matching a 22 percent drop in telephone banking fraud to £5.2 million over the same period.

"This is due to enhanced processes for intelligence-sharing across the banks, as well as better online security tools and greater awareness amongst consumers," said the FFA. Under police direction, service providers had also improved their efficiency at taking down the phishing sites used to steal bank credentials, which had fallen by 87 percent compared to 2012 the organisation said.

But despite this, overall UK 'plastic fraud' rose to £216.1 million, a fairly sharp year-on-year 17 percent rise; so what are the new trouble spots?

The answer seems to be an accumulation of smaller types of card crime. Fraud perpetrated on cards while they are used abroad rose 30 percent to £60.1 million, cash machine fraud rose 11 percent to £16.2 million, and card ID theft rose 24 percent to £18.1 million.

Meanwhile, the old chestnut of 'CNP' or card not present fraud (by telephone, Internet and mail order) saw a 23 percent rise to £142 million, making up the biggest element of the figures. Although the banking industry trumpets the drop in over fraud from the infamous high of 2008 (a total of £304 million), CNP fraud has remained stubbornly high with the 2013 half-year numbers showing a significant jump over 2012.

The pattern seems to be that where the authorities are able to bring fraud detection systems and policing to bear, fraud drops; where that detection depends on third parties such as retailers, or on consumer behaviour, detection drops significantly. It's not easy to see how this weakness can be fixed.

"The move towards these low-tech crimes of deception highlights the importance of consumers knowing how they can protect themselves. Whether victims are targeted on the phone or online, we know that these professional conmen are highly persuasive," commented the head of the Dedicated Cheque and Plastic Crime Unit (DCPCU), detective inspector Dave Carter.

Consumers were still too easily fooled when contacted by criminals pretending to be banks or other institutions, he said.

A wrinkle in the numbers is that they reflect the losses experienced by the banking-sector organisations the FFA represents (formerly the Association for Payment Clearing Services, APACS), which don't necessarily line up with those experienced by consumers.

A recent survey of consumers by the University of Kent found that a small minority had experienced spectacular losses from online fraud, sometimes in excess of £10,000. Although surveys can produce outliers it seems possible that the chance of serious losses in fraud incidents is now a real menace.

Join the CSO newsletter!

Error: Please check your email address.

Tags Personal TechsecurityFinancial Fraud Action UK

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by John E Dunn

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place