Online fraud victims should be better protected, not blamed

All too often banks and cards companies do little to pursue fraudsters, and in many cases seem happy to blame those scammed

There was a grand bargain struck between individuals and banks when we began moving away from cash and towards electronic payments. Transactions would become faster, more efficient and more profitable for the banks, and in return individuals would be protected from fraud. That bargain is perilously close to falling apart.

Financial Fraud Action UK (FFA UK) has issued its “definitive overview” of payment fraud in the UK, and the figures make for miserable reading. Total fraud jumped by more than a quarter in 2015, with 1.5m card accounts in Britain raided by scam merchants who stole more than £750m.

To put that figure in context, it is 15 times Britain’s biggest ever single cash heist, the 2006 raid on a Securitas depot in Tonbridge in Kent, which netted £53m. Two years later the five criminals were jailed for between 15 and 20 years each.

The far more numerous victims of cyberfraud rarely see the villains locked up behind bars. FFA UK says the banks are collaborating on a “strategic threat management process” and “intelligence sharing” with the police and other agencies, but the reality is that in too many cases they do little to pursue fraud, and far more worryingly, seem happy to blame the victims.

The fastest growing area of bank fraud is crooks gaining online access to, and transferring funds from individuals’ bank accounts, often by posing as a member of staff or even the police.

In these cases, the bank’s default position seems to be that the customer has done something wrong – by answering phishing emails or by being careless with their personal data, usually over social media. In some cases they are right to apportion blame, but the sophistication of many of the scams is quite breathtaking, catching even the most savvy online consumer.

The Guardian has previously highlighted the story of a professional couple who lost £25,000 after hackers intercepted emails, issued fake invoices and convinced them to pay money into a fraudulent account.

Shockingly, Barclays, which operated the account the fraudster used to accept their money, said it does not report such crimes to the police on the grounds that “the bank is not the victim”. So much for “intelligence sharing”. Needless to say, the unfortunate couple have seen none of their money back.

Given the meteoric rise in contactless payments, Apple Pay, Android Pay, Samsung Pay, Paym, new online-only banks such as Atom, Fidor, Tandem, Mondo et al and almost daily launches of new banking apps, what customers need is a new grand bargain.

When credit cards first launched, customers were safe in the knowledge that £50 was the most they were down for if it was stolen or misused. Can we have less of the strategic threat management processes, and more simple, easy to understand protections such as the £50 limit?


Patrick Collinson

The GuardianTramp

Related Content

Article image
Online banking fraud losses rise 14%

Number of 'phishing' attacks have risen to 51,000 from just 1,700 five years ago, according to the UK Cards Association

Lisa Bachelor

10, Mar, 2010 @6:30 AM

Article image
Fraud soars by 53% in a year as scammers get sophisticated
Financial services providers are launching a national campaign to combat rise in fraud and remind customers to stop and think

Rupert Jones

19, Sep, 2016 @11:01 PM

Identity fraud website shut down in global police sting

Sixty people arrested after closure of Darkmarket forum where people traded in stolen personal data

Press Association

17, Oct, 2008 @8:53 AM

Article image
Scammers guessed my credit card number – and they could guess yours too
Samuel Gibbs was surprised when his details were used to pay for a stranger’s takeaway. It is just one of a flood of ‘guess attacks’

Samuel Gibbs

26, Feb, 2022 @11:00 AM

Article image
Which? files supercomplaint against banks over transfer fraud
Banks may face formal inquiry into whether they can refuse to reimburse victims conned into transferring money into fraudsters’ accounts

Rupert Jones

22, Sep, 2016 @11:01 PM

Article image
HSBC suffers online banking cyber-attack
Bank admits its internet banking facility was made unavailable following a ‘denial of service’ attack, but says no transactions were affected

Hilary Osborne

29, Jan, 2016 @11:51 AM

Article image
BA chief pledges to compensate customers after data breach
Álex Cruz apologises for ‘sophisticated’ theft affecting 380,000 payment cards

Sarah Marsh

07, Sep, 2018 @8:09 AM

Article image
Social media firms should reimburse online fraud victims, say UK bankers
Boss of industry body UK Finance accuses tech companies of ‘profiting’ from scams on their platforms

Jess Clark

10, May, 2023 @11:01 PM

Article image
Haunted by shame: victims of bank transfer scams tell of lasting trauma
Fraud can have devastating consequences on victims, and not only financially

Anna Tims

17, Apr, 2021 @8:00 AM

Article image
UK cybersecurity unit tackles record number of online scams in 2021
More than 2.7m attempted frauds interrupted, including fake celebrity endorsements and extortion emails

Dan Milmo

10, May, 2022 @5:00 AM