UK banks saw a staggering rise in financial scams last year, as growing public awareness was offset by criminals pivoting towards victim manipulation to get their hands on sensitive information.
Banks reported a 62 per cent rise in social engineering scams, in which attackers manipulate victims into authorising payments themselves, as they turned away from scams which have become well known by the public, such as cold calls.
The growth was observed across a variety of social scam types, including purchase scams which jumped 63 per cent and investment scams which increased 34 per cent, according to the latest findings from anti-fraud firm Biocatch.
Romance scams also nearly doubled, as scammers latched onto vulnerable people and created false relationships and friendships to convince victims to send them money.
One romance scam case reviewed by the FCA found that a victim had been swindled out of more than £428,000, while another made a staggering 403 payments to fraudsters over the course of a year, resulting in losses of over £72,000.
In contrast, remote-access fraud declined 41 per cent and malware-related fraud decreased 46 per cent, which Biocatch attributed to the expansion of mule networks and fall of traditionally expected techniques.
Biocatch director of global fraud intelligence, Tom Peacock, said: “The continued growth of social engineering scams in the UK likely surprises no one.
“As banks bolstered their controls to protect customers from third-party fraud, fraudsters mastered the art of social engineering and haven’t looked back.”
Phishing attempts and stolen devices
The UK also saw a 140 per cent increase in phishing attempts last year, where scammers send emails or other messages pretending to be a legitimate organisation in order to entice victims to hand over personal information.
The rise of phishing emphasises the increasing use of credential harvesting campaigns, with stolen details obtained through phishing typically found as the starting point for account takeover attempts or scams targeting bank accounts.
Fraud involving stolen devices also jumped a staggering 112 per cent, as more individuals find themselves having their phones snatched in busy pedestrian areas.
In London alone, more than 70,000 phones were reported stolen in 2024, with the UK amounting for a total of 40 per cent of all stolen device claims across Europe.
While some thieves will discard the phone if they find it locked and deem it to have minimal resell value, those who snatch an unlocked device and opt not to sell can commit fraud by bypassing security checks and initiating payments.
Peacock said: Those criminals who do both will see significant gains for relatively little risk. Stolen devices undermine strong customer authentication.
“To address this, financial institutions should continuously assess behavioural intent, because once a bad actor has control of a trusted device, they can often commit fraud with relatively little friction.”
Taking action
Industry figures have long called for coordinated action from themselves, the government and the regulator to cut financial fraud, including a shift from “compliance-led thinking to innovation-led prevention”.
Alex Robinson, global advisory director for the UK at Biocatch, said: “Financial institutions and platforms must act as a coordinated system.
“They should share intelligence in real time, hold platforms accountable for the fraud they host, and deploy behavioural intelligence to detect what static controls cannot see.”
Katy Worobec, Azymus Coalition fraud consultancy director, also called for early stage intervention, deeming it critical to beating scammers and fraudsters.
She said: “Winning the battle against fraud ultimately rests on the ability to identify and disarm the enemy at an early stage.
“ Individual technologies and tools at the vendor level play their part too, gleaning information from the enemy by stealth, identifying behaviours, patterns, and signals that indicate whether transactions and interactions with organisations are genuine.”
