Fraud was once something that happened to other people. Up to about a decade ago, it was the preserve of a few doorstep conmen at one extreme and vast corporate swindles at the other – the Lehman Brothers, Enron, Bernie Madoff’s pyramid scheme. But now a constant trickle of mid-level fraud has entered every home. We swim in a sea of phishing emails, scam texts and fake adverts on social media. What is surprising is how often it works. Fraud accounts for more than 40% of all crime in Britain.
Identity fraud – where stolen personal details are used to get into bank accounts or to set up new ones – is the most common type, making up 59% of all cases filed to the National Fraud Database, and it is estimated to cost the UK about £1.8bn a year. Purchase scams, often found on social media, are a second, in which buyers send over money but the item never turns up.
Then there are authorised push payments, where people are persuaded to send money to a scammer’s account. Romance scams are another growing problem – another way to build a relationship with a potential mark.
The problem is rising sharply: according to the Office for National Statistics (ONS), in the year ending 2024, there were a staggering 4.1m incidents of fraud, an increase of 33% on the previous year. Although the way the ONS gathers statistics over the past 10 years has changed, making it difficult to measure beyond the last few years, some experts talk of “exponential growth” over the past decade.
The UK does relatively well internationally – our “fraud threat” is lower than average. Despite the stereotype of vulnerable elderly people falling for scams, victims are spread fairly evenly across age groups. In fact, the young are slightly more likely to be taken in – perhaps because they spend more time online, where most scams are operated. Almost half of 18- to 24-year-olds say they have been approached by a scammer, and half say they have shared personal information or made a payment as a result. Over-55s are savvier – approximately 60% say they “always” take steps to check unexpected requests.
Fraud is the exception to the rule; most types of crime have been falling over the past three decades. That is, in the main, because in a technological arms race offenders are increasingly getting the worst of it: security mechanisms and surveillance have made it harder to commit crimes and easier to get caught. But in the world of fraud, the opposite is true: criminals are streaking ahead.
All the weapons for these crimes are available online, and so is almost everyone’s personal data. Malware can be used to harvest information from devices. Cryptocurrencies, meanwhile, make it easy to hide your tracks; an increasingly fragmented financial system helps those who want to launder their money. And artificial intelligence will only accelerate the trend. Criminals will be able to search through vast amounts of data to find rich and vulnerable targets.
A fragmented financial system helps those who want to launder money
For information about how The Observer protects your data, read our Privacy Policy.
Voice and video deception are also new and fruitful tools. Last week we heard that a scammer had used AI to impersonate the US secretary of state, Marco Rubio, sending fake voice messages to foreign ministers and a US member of Congress.
But it’s not just the tech: tricking people out of their money is also an art, and scammers may be getting better at teaching these techniques to others. Once, a successful crook needed to have a wealth of talents similar to those of a highly skilled salesperson in order to pull off a scam. Films about conmen, from Catch Me If You Can to Ocean’s Eleven, portray extremely intelligent people who are able to persuade, distract, anticipate danger and run ahead of the game.
But the growth of “scam factories”, in particular, suggests that is no longer the case. Many of these operations, run by criminal gangs, have sprung up in countries such as Cambodia, Laos and Myanmar. These rely on reluctant trafficking victims making contact with potential targets and persuading foreigners out of their money, often over the phone. “How do people with poor English language skills manage to pull off these scams?” asks Michael Levi, professor of criminology at Cardiff University. “This is something we don’t know. It may be that the scripts are getting more sophisticated.” What we do know is that the more lucrative scamming becomes, and the harder to prosecute, the more incentive there is to democratise it.
But tech can be used to fight crime, too. So why is law enforcement falling behind? Critics of UK policy on the subject have noted that very few police resources are devoted to our most dominant crime.
A 2021 review reported that just 0.8% of the police force was primarily focused on fraud. And in other studies on the subject, “low priority” is the thread that runs through them all. City of London police (CLP) is the national lead on fraud, and it is underfunded, lacking sufficient staff and up-to-date technology. Those cases it considers worthy of investigation – still a huge number – it passes to local police, who then “muddle through”, amid their own funding pressures and lack of expertise.
To make matters worse, while the CLP is responsible for dealing with fraud, local forces are not accountable to the CLP. It may not be surprising, then, that just 1% of frauds reported in England and Wales result in charges or a prosecution.
Prosecute one scammer, and three may spring up in their place
Is the solution to allocate more policing funds to fraud? Even putting a dent in the problem would require huge investment. Many scams are conducted overseas, far beyond the reach of British police forces. The ease of access is another issue: prosecute one scammer, and three may spring up in their place. The public, meanwhile, quite reasonably feel that violent crime should be prioritised.
A better solution may lie in another direction – putting some onus on the private sector to deal with fraud instead. Unlike the beleaguered police, banks have strong financial incentives to stop con artists scooping money out of their clients’ accounts, and the resources to do so. They also operate the infrastructure through which these transactions take place.
Compensating victims used to be voluntary but a recent change to the rules suggests how effective it might be to make banks more responsible for fraud. In October 2024, UK payment service providers were required to refund victims of authorised push payment scams up to £85,000. Payment providers invested in new tech and sent out warnings. Losses from this type of scam fell.
Photograph by Hiroko Masuike/Getty Images
