Download Stemming the Tide: Older People and Mass Marketed Fraud

Stemming the Tide:
Older People and Mass Marketed Fraud
George and Lennard Associates
December 2014
1
Contents
page
Acknowledgements
Key findings and recommendations
4
1.
Introduction
9
2.
Who is at risk and what is happening
11
3.
Reporting and support
19
4.
What action is being taken
25
References
47
2
Acknowledgements
We would like to thank the numerous organisations and individuals interviewed for
this report who assisted us with information and advice - most are cited in the report.
However, it would be remiss of us if we did not mention in particular Professor Mark
Button at the Centre for Counter Fraud Studies at the University of Portsmouth as
well as representatives of the Trading Standards Institute and Action Fraud.
Authors
This work was carried out by George and Lennard Associates: namely Mike George,
Professor Cosmo Graham, University of Leicester, and Linda Lennard.
3
Key findings and recommendations
What is happening
Mass market fraud (MMF) has become a serious and widespread domestic and
global problem. Large numbers of people can be contacted on a massive scale by
post, phone, text and online by fraudsters based here and in other countries.
The types of mass marketed fraud that are taking place are highly varied. To name
just some types of MMF: current frauds against consumers include account
takeover, advance fee fraud, fake prize draws and lotteries, investment fraud and
even fraud recovery fraud.
The techniques used by fraudsters also vary and they are often quick to adapt – for
example, to developments in products and policies, as well as changes in our use of
communications, and to counter the efforts of enforcement authorities.
Tactics used by fraudsters include befriending or `grooming’ potential victims and
isolating them, and the use of seemingly professional documentation, official-looking
websites, and sometimes threats and intimidation. Commercially and publicly
available data is used to build up profiles of potential victims, including information
from social media. Many are put on `suckers’ lists’ shared by fraudsters in the UK
and elsewhere. Some fraud victims are targeted repeatedly.
Who is at risk
Fraud is a form of theft and we need to avoid implying that it is a game, or that
victims are also to blame. The reality is that anyone can become a victim.
Although research findings have highlighted the diversity of fraud victims, older
people may be particularly targeted, often because it is assumed that they have
more money available in their bank or on their card accounts than younger people.
Moreover, the many older people who are on a fixed income and/or have long-term
health problems may well find it especially difficult to `bounce back’ financially and in
other ways. Although the effects vary, the impact can be highly damaging and longlasting for people’s physical and mental health, their relationships and finances.
Older people and others may also be especially vulnerable and at risk at particular
times because of personal circumstances such as financial pressures, social
isolation, confusion or memory problems. However, people who consider
themselves to be financially sophisticated can be vulnerable as well because of overconfidence.
What is known about the extent of MMF and the experiences of victims is patchy.
Although anyone can be affected, it appears that some types of fraud are specifically
targeted. It is a matter of serious concern that some older people appear to be
especially at risk of being targeted by certain types of fraud, such as mass mailings
about prize draws and lotteries, with potentially devastating impacts for their lives.
4
Older people also appear to be particularly targeted by fraud involving bank and card
account takeover, as well as `pension liberation’. Moreover, whilst younger people
may be more likely to be at risk from online fraud, increasing numbers of older
people are also likely to be vulnerable as more go online.
What is known about the extent
Past estimates of the total losses associated with mass-marketing fraud in the UK
stood at around £3.5 billion. This is likely to be a serious under-estimate. The
evidence base about MMF is fragmented and inadequate. Overall there is a striking
lack of comprehensive, consistent and comparable data for the UK. This makes it
extremely difficult to ascertain the true extent of the problem and to track changes
over time.
The issue of poor data is compounded by high levels of under-reporting. Research
suggests that this is often due to self-blame and embarrassment on the part of
victims or refusal to admit it has happened. In some instances victims may be
unaware that fraud has taken place. But not nearly enough is known about why
some people report fraud and others don’t.
Reporting processes
The effectiveness of existing reporting processes needs to be fully explored from the
consumer standpoint, including levels of consumer awareness and factors regarding
accessibility and ease of use particularly for people in vulnerable circumstances.
The main channels for reporting fraud for consumers consist of Action Fraud (which
is meant to provide a single point of contact), the police, and trading standards (TS)
services via the Citizens Advice consumer service. If a customer reports a fraud on
their bank or card account and the matter is resolved by the company, it can still be
reported to Action Fraud. Banks share crime information bilaterally with the National
Fraud Intelligence Bureau or pass data to Financial Fraud Action UK.
Questions arise about how well these arrangements are working, including levels of
consumer awareness and understanding of what to do in the event of fraud and what
is likely to happen. If reporting processes are too complicated, then people drop out.
Equally, more needs to be known about the effectiveness of what happens once
fraud has been reported: including the recording and referrals arrangements of the
Citizens Advice consumer service and trading standards services, of Action Fraud
and police forces; and those of the banks and card companies.
Questions also arise about how decisions are made about whether to investigate
and prosecute fraud cases. It is vital that consumers are not discouraged from
reporting fraud because they do not expect anything will happen as a result.
What is being done and what needs to happen
In terms of the overall legal framework, we have not identified significant gaps or
omissions. But there are serious concerns about the resources available to the
5
relevant authorities and agencies for prevention, investigations and prosecutions,
notably the police and trading standards services, and about how fraud is prioritised.
It appears that, to some extent, the problem of mass marketed fraud is receiving
greater attention from government departments, regulators, enforcement authorities,
industry associations and consumer bodies than was previously the case. But,
although there is more collaboration taking place between the various organisations
involved, it is a complicated process to find out who is doing what and how well they
are co-ordinating their efforts.
Whilst there are a number of initiatives taking place to raise public awareness of
MMF and to help people to protect themselves, much more needs to be known about
what types of public campaigns work best and in what ways in order to inform future
efforts. The effectiveness of current and future public awareness campaigns should
be fully evaluated and lessons shared.
It is crucially important that older people, particularly those who may be in vulnerable
circumstances, are well-informed about how to spot fraud and avoid becoming a
victim. This should be done using a wide range of methods to suit people’s needs.
An important part of the message should be that this is happening to other people
(and therefore not to be embarrassed if it happens to them).
Consumers need clear and understandable information about what to do to report
fraud, feedback about what happens next and why, together with signposting to
other sources of help.
The changes taking place how victims’ support services are commissioned in
England and Wales raise concerns about the possible implications for consumers
such as postcode lotteries, for example, regarding how fraud is prioritised and the
quality of service across local areas.
Appropriate support should also be available for older people and others who
become victims of fraud to help them deal with the impact and to avoid becoming
repeat victims. This is likely to require multi-agency partnership work, for example,
involving older people’s social services, health professionals and trading standards
services.
In addition, it is clear a lot of attention is being paid to alerting consumers to online
fraud, which is welcome. But this must not be at the expense of other types of fraud,
such as through the mail or on the doorstep, which is likely to be particularly targeted
at older people.
Although some multi-agency initiatives are taking place, there is clearly scope for
greater co-operation and partnership work to provide support and to help prevent
people becoming fraud victims; for example, involving police and trading standards
services, social services and care professionals, advice agencies, regulators and
industry bodies.
6
In carrying out this research, we have been struck by the sheer inadequacy of official
data about MMF and other types of fraud, and the patchy evidence base regarding
the experiences of victims, including reporting processes. There is an urgent need
for co-ordinated action to improve the evidence base, and to explore and share
information about how to help people reduce their vulnerability and avoid becoming
fraud victims as well as repeat victims.
Recommendations
1.
Urgent attention needs to be paid by policy-makers and investigation and
enforcement authorities to the priorities and resources given to tackling mass
marketed and other types of fraud against consumers, particularly regarding
resources for the police and trading standards services.
2.
There is a balance to be struck by trading standards services and other
enforcement bodies regarding best use of resources in terms of prevention and
disruption activities and prosecutions. However, if criminal offences are taking place,
then there need to be some prosecutions and the potential deterrent effect should be
taken into account. The role of the CMA in this area should be re-considered. There
are concerns about the resources available to the National Scams Team and trading
standards services to investigate and prosecute fraud offences so that they can build
on their work and have more of an impact on the problem.
3.
The effectiveness of current reporting arrangements for fraud should be
examined from the consumer standpoint, including the interests of older consumers.
This work should cover issues such as levels of consumer awareness, ease of use
of reporting processes, recording and referral arrangements, and how decisions are
taken regarding possible action.
4.
The experiences of older people and other consumers need to be fully
explored, including why some people are affected by fraud and how consumers can
be supported and protected from fraud, particularly people who are in vulnerable
circumstances.
5.
The Home Office, BIS, Action Fraud, trading standards services and the
police, regulators and other relevant bodies should collaborate and co-ordinate
activities in this area as much as possible. This should include ensuring the
provision of clear and understandable information about how to spot and report fraud
and about sources of advice and support. Current and future public awareness
initiatives should be properly evaluated and lessons shared.
6.
Information about how to spot fraud and avoid becoming a victim needs to be
widely available in a variety of formats and through a range of channels to meet the
range of consumers’ needs. Particular attention should be paid to clarity and ease of
use, such as having a clear and brief list of `handy hints’ for different situations.
7
7.
All opportunities for collaboration should be explored to provide support for
fraud victims, including multi-agency partnerships. These should include the
involvement of social care and health professionals and others who are in direct
regular contact with older people who may be especially at risk.
8.
Action Fraud should consider changing its processes so that victims are
asked whether they wish to opt out of a referral to victim support services, instead of
the current opt-in.
9.
The Home Office, ONS, Action Fraud, trading standards services, police
services and other relevant bodies should collaborate to draw up an action plan to
improve the comprehensiveness, quality and consistency of official data about MMF
and other types of fraud; and of the broader knowledge base about the experiences
of victims.
10.
Urgent consideration should be given by policy-makers to making one
organisation responsible for acting as a central source of knowledge and intelligence
about MMF and other types of fraud against consumers, and to have a co-ordinating
role; for example, to identify and help fill gaps in the evidence base, and to share
lessons and information.
11.
Banks and other financial institutions should review their processes to ensure
that potential fraud against consumers is identified as early as possible and to alert
and protect customers who are at risk. This should include regular training to ensure
that staff are knowledgeable about how to identify customers at risk of fraud, and
that staff have a good understanding of data protection legislation. Staff should also
be trained to explain to customers why there are concerns, what is happening and
what might happen in ways that are clear and understandable. and that take account
of people’s needs and circumstances.
12.
The Home Office should carry out a review of the effectiveness of links with
overseas enforcement bodies in the EU and elsewhere, including consumer
protection and criminal aspects.
13.
Police and Crime Commissioners in England and Wales should ensure that
fraud is a high priority when commissioning victims’ support services. The Home
Office should establish national standards for these services to ensure consistency
of priorities, quality and approach regardless of where people live, and also monitor
the effectiveness of the new arrangements from the standpoint of fraud victims.
14.
Research is needed to see what lessons can be obtained from approaches to
tackling fraud in other countries, including enforcement and disruption strategies,
multi-disciplinary programmes, and public awareness campaigns.
8
1.
Introduction
In these tough economic times, for a great many older people it’s hard enough to get
by without being defrauded financially. However, fraud committed against
individuals often seems to be regarded as less important and therefore not afforded
sufficient attention and priority. This may be because it usually takes place in a
private realm: through a phone call, letter, online or on the doorstep. Another factor
can be the assumption that victims have themselves to blame.
The reality is that fraud is a form of theft and financial abuse, and anyone can
become a victim, including people who consider themselves to be financially
sophisticated. The impact for victims varies but the consequences of fraud can be
severe and long-lasting and affect people’s physical and mental health, their
relationships and financial resilience.
This report focuses on mass marketed fraud (MMF) and the implications for older
people. MMF is rapidly becoming a serious and enduring problem on a global level,
affecting very large numbers of people in the UK and elsewhere. MMF involves
fraud that is carried by post, phone, text and online by fraudsters based here and in
other countries through a seemingly ever-widening range of tactics and techniques.
As set out in the accompanying evidence review, the inadequacy of the evidence
base on the prevalence of mass marketed and other types of fraud is striking and a
matter of serious concern. This makes it extremely difficult to ascertain the true
extent of fraud being committed against individuals in the UK and to track changes
over time. The research also highlights the lack of comprehensive and up-to-date
evidence about fraud victims, why some people are affected and others are not, and
the reasons why some fraud is reported but much goes unreported.
Consequently, trying to ascertain to what extent older people are affected by mass
marketed fraud has been a challenging task. It is also crucial to avoid assumptions
that older people are by definition vulnerable, and indeed research findings and
interviews carried out for this report highlight the diversity of fraud victims. But it is
clear that older people are particularly targeted for certain types of fraud. Moreover,
some older people are likely to be especially targeted – often repeatedly – perhaps
because it is assumed that they have money available or due to personal
circumstances. Dealing with the impact of fraud may also be particularly difficult for
the many older people on fixed incomes and/or with long-term health problems.
The findings show that more attention is being paid to tackling fraud against
individuals and there are welcome moves to improve collaboration between relevant
agencies and authorities. However, as well as highlighting the urgent need for
improvements in official data and the overall evidence base, the findings raise
serious questions about the priorities and resources available to prevent fraud and to
9
protect people from becoming repeat victims. The report also underlines the need
for adequate support for victims, including multi-agency collaboration.
The methodology for this report consisted of a combination of desk research and
interviews with a wide range of organisations and experts. Due to the complexity of
the subject matter, the inadequacy of the evidence base and time constraints, we
cannot claim that this is a completely comprehensive account of mass marketed
fraud across the UK and of the implications for older people. However, we are
confident of the validity of the findings and that the report gives an accurate as
possible reflection of the situation.
This report is accompanied by a broader evidence review on fraud and older people:
Only the tip of the iceberg: evidence review, 2015, Age UK.
10
2.
Who is at risk and what is happening
Mass marketed fraud (MMF) involves unsolicited contact by email, letter, phone or
adverts, with the intention to defraud, for example, through false promises of cash
prizes, or goods or services in exchange for upfront fees.1
There is general agreement that the problem of mass marketed fraud (MMF) is
growing and spreading through myriad methods, tactics and techniques. Changes in
how society operates and, in particular, developments in communications, have
enabled ‘multiple opportunities for frauds to be perpetrated on an industrial scale’
and `created daily risks of victimisation to many people who previously would have
been rarely openly targeted’2.
Who is at risk
The short answer to this question is that anyone is at risk of being targeted by
fraudsters and becoming a victim. Although the evidence base is limited and in
some respects out-of date, research findings have shown that victims of fraud are
diverse, including those who are young, educated and professional as well as people
who are older and more vulnerable.3
As discussed in the Age UK evidence review on fraud, working out who is at most
risk can be a complex matter. This is due to the inadequacy of official data, different
definitions and data recording practices used by relevant official and other agencies,
and limited research evidence about victims’ situations and experiences. Obtaining
a comprehensive and accurate picture is also made more challenging because of
high levels of under-reporting of fraud by victims.
According to a recent article on online fraud: “There has been a paucity of research
over why victims fall for scams based on contact with actual victims, and victims of
fraud in general have been neglected by researchers in comparison with other
crime victims (our emphasis).”4
It is important to avoid stereotyping by simply assuming that older people are by
definition more at risk of fraud and more vulnerable than others in the population.
However, the many older people who are on a fixed income and/or have long-term
health problems may well find it particularly difficult to deal with the financial and
other impacts of fraud.5 Although the impact varies, the effects for people’s physical
and mental health, their relationships and finances can be severe and long-lasting.
Nevertheless, from our research for this report and the accompanying evidence
review it does appear that some types of MMF are especially targeted at older
people, such as fraud aimed at bank and card account takeover or `pension
liberation’. This may be because, for example, fraudsters assume that they are likely
11
to have more money available in their bank or on their card accounts than younger
people.
It is also a matter of serious concern that some older people are especially at risk of
being targeted by certain types of fraud, such as mass mailings about prize draws
and lotteries, with potentially devastating impacts for their lives. Older people and
others may be especially vulnerable at particular times because of personal
circumstances such as financial pressures, social isolation, cognitive impairments.6
According to ThinkJessica:
`Chronic victims refuse to believe they are being scammed and spend most of
their time reading sorting and replying to scams. The scam mail knits together
and forms a delusional world that becomes a victim's reality. This type of
victim will shun all help and advice. Sometimes clairvoyant scammers turn the
victim against their families.’7
However, it is important to recognise that people who consider themselves to be
financially sophisticated can also be vulnerable, for example, because of overconfidence. One of the findings from recent FCA research on investment fraud is
that the more financially sophisticated a person is, the more likely they are to
become a victim of investment fraud, highlighting the sophistication of fraudsters’
techniques.8 Moreover `Discerning a fraud from a legitimate investment opportunity
is not a simple process’, according to the FCA research findings.9
In addition, whilst younger people are currently more likely to be at risk from online
fraud, increasing numbers of older people are likely to be potentially affected by
these types of fraud as more go online. People who are new to online
communications may also be more at risk if they do not use up-to-date protection
tools to guard against fraud attempts.
Other recent survey data include the results of an online poll for the British Bankers’
Association (BBA). The research asked that, if phoned by their bank due to an
alleged severe security breach on their account, whether people considered it would
be safe to divulge personal details, give their card to a courier, or transfer money to
another account allocated by their bank. On the basis of this research, the BBA
estimated that in Britain:i


8 million people are vulnerable to “vishing” or voice phishing
4 million might transfer money into another supposed “safe” account if
instructed
i i
All figures, unless otherwise stated, are from YouGov Plc. Total sample size was 2034 adults, of
which 2029 were bank account holders. Fieldwork was undertaken between 26th - 28th September
2014. The survey was carried out online. The figures have been weighted and are representative of
all GB adults (aged 18+). The population figures in the release were calculated by BBA using the
data for the GB population aged 18 and above (Total: 49,103,873). Annual Mid-Year Population
Estimates for the UK, Office for National Statistics, 2014.
12


3 million could be willing to carry out “test transactions” online
1.7 million would pass their bank card over to a courier on their doorstep if
they carried some form of ID card
A particular point of interest is that the findings showed that older people are less
likely than younger people to go along with such requests: 44% of those aged 55+
said they would not agree to any of these types of requests compared to 23% of
those aged 25-34.
* HM Revenue and Customs (HMRC) is warning taxpayers to be on their guard
against fraudulent phishing emails, after almost 75,000 fake emails were reported
over the last six months. Some 74,743 scam emails were reported to HMRC’s
dedicated phishing email account between April and September – a 70%
increase on the same period in 2013. The emails promise a tax refund and often
ask for personal and financial details that can then be used to steal money from
their bank account. Their details may also be sold on to other criminal gangs,
which can lead to identity theft.10
Types of fraud and tactics
The types of mass marketed fraud being perpetrated on individual consumers are
numerous and constantly changing. Current frauds against consumers include fake
prize draws and lotteries, inheritance fraud, investment fraud, bank account
takeover, and fraud recovery fraud. (See, for example, Only the Tip of the Iceberg:
evidence review, Age UK; and the Action Fraud website11.)
Fraudsters’ techniques often change rapidly in order to exploit official
announcements, including setting up seemingly legitimate websites, and to counter
the efforts of enforcement authorities.
For example, one area of emerging concern relates to `pension liberation’ fraud.12
From April 2015, most people will be able to take out all their pension savings in
cash once they reach 55. There is a risk that some people could be deceived into
cashing in their pensions early, through emails, mass texting or cold calls. For most
people, the offers will be bogus and victims will lose most, if not all, of their savings
according to the Pensions Regulator.13 (The government is setting up a free
guidance service and, at the time of writing, the Treasury had announced plans for
legislation to underpin the guidance, including an amendment that will make imitation
of the guidance service a criminal offence14.)
Scammers cashing-in on Green Deal
`The Government’s flagship energy efficiency scheme is at risk of being
undermined by scammers trying to make a quick buck, reveals new evidence
from Citizens Advice. Seven in 10 consumer queries to Citizens Advice about
Green Deal are about scams. More than half of people caught out by these
scams are contacted out of the blue, either over the phone or by door to door
13
sales, and offered thousands of pounds worth of home improvements for free.
New analysis from Citizens Advice finds people are losing up to £500 after
paying a fee for an assessment that never goes ahead or, if it does, the
company then doesn’t get in touch to do the work.’15
As has been pointed out elsewhere, many frauds use a mix of methods including the
internet.16 Consequently, trying to separate types of fraud from the methods and
tactics used by fraudsters can be tricky. The latter can include for example:
Phishing: use of bogus emails and texts that purport to come from organisations
such as banks or government departments. Consumers’ online security information
may then be accessed through fake links included in the message thus enabling
fraudsters to take over someone’s bank account for example.
Vishing: when fraudsters obtain someone’s personal details by phone. For instance,
the fraudster may claim to be from a bank, card company or the police and allege
that the consumer’s credit or debit card needs to be collected because of fraud. A
courier is sent to collect the card, which is then delivered to the fraudster along with
the person’s security details thereby enabling fraud on their account.
Malware: sending of malicious software designed to disrupt someone’s computer
and possibly to collect information that can be used to commit fraud.
`HM Revenue and Customs (HMRC) is warning taxpayers to be on their guard
against fraudulent phishing emails, after almost 75,000 fake emails were reported
over the last six months. Some 74,743 scam emails were reported to HMRC’s
dedicated phishing email account between April and September – a 70%
increase on the same period in 2013. The emails promise a tax refund and often
ask for personal and financial details that can then be used to steal money from
their bank account. Their details may also be sold on to other criminal gangs,
which can lead to identity theft’.17
Fraudsters are frequently based in other countries and may well be operating
globally. Methods used can involve mass attempts aimed at very large numbers of
people with the expectation that some will respond. The fraudsters may employ
complicated processes to evade being caught, such as using email accounts that are
difficult to trace or re-routing phone calls across international networks.
As well as mass attempts, some types of fraud are specifically targeted at certain
people. Fraudsters use a range of ways to profile potential victims, including
obtaining information from commercially or publicly available directories and
marketing databases, and from social media. Some people end up on so-called
‘suckers lists’ as people who are likely to be especially vulnerable to fraud, possibly
after responding only once to a fraudster. These lists are often shared/sold on
14
between fraudsters based in the UK and in other countries, with victims being
subjected to repeated fraud attempts.
According to research regarding online fraud, tactics used by fraudsters include:








diversity: each scam may be tailored to a particular type of victim
small amounts of money and mass targeting: large numbers of people are
targeted to elicit smaller sums of money
authority and legitimacy: for example, professional-looking website and
documentation
visceral appeals: appeals to needs and emotions such as financial gain
embarrassing frauds: for example, dating frauds
pressure and coercion: use of threats, time pressure, repeated
bombardment, and suggestions that the activity was not legal to prevent
reporting
grooming: for instance, starting with smaller amounts of money before
escalating
fraud at a distance: for instance, through the phone or online, making it
difficult to confront and/or contact the offender, and it may also impede
enforcement intervention.18
Tactics used by fraudsters can often include befriending or `grooming’ potential
victims as well as threats and intimidation. Fraudsters may also seek to exploit
people’s trust of authority by making a fraud appear to be a legitimate offer from a
reputable business or official institution.19
(Detailed research findings on fraud, including fraudsters’ tactics and victims’
experiences, can be found on the website of the Centre for Counter Fraud Studies,
University of Portsmouth20.)
Investment fraud may be carried out using mass marketed methods, for example,
online or via the telephone as well as through other methods. Research for the FCA
in 2014 showed that investment fraud frequently involves the appearance of
professionalism such as high quality documentation, well-presented sales people,
and the use of products that appear topical and interesting.21 Investment fraudsters
may seek to build friendship and trust, and make victims feel indebted to them, as
well seeking to isolate them from their own networks, according to these findings.
Moreover, the more financially sophisticated a person is, the more likely they are to
become a victim of investment fraud, highlighting the sophistication of fraudsters’
techniques.22 Findings from other research for the FCA on investment also
concluded that it is not possible to protect yourself against investment fraud simply
by educating yourself on financial matters: `Discerning a fraud from a legitimate
investment opportunity is not a simple process.’ 23
15
What is known about the extent
It is extremely difficult to obtain a comprehensive and up-to-date picture of the
prevalence of mass marketed fraud, which is also the case with other types of fraud.
This issue is explored in more detailed in the accompanying evidence review on
fraud (Only the tip of the iceberg: evidence review, 2015, Age UK).
An estimate of the total losses associated with mass marketing fraud in the UK by
the former National Fraud Authority stood at £3.5 billion.24 This figure had previously
been put forward in a report on mass marketed scams published by the Office of Fair
Trading in 2006, which estimated that UK consumers lose about £3.5 billion to
scams each year.25 The figure is likely to be a serious under-estimate according to a
number of interviewees for this report.
The issue of poor data is compounded by high levels of under-reporting. Research
suggests that this is often due to self-blame and embarrassment on the part of
victims or refusal to admit it has happened. In some instances victims may be
unaware that fraud has taken place. But not nearly enough is known about why
some people report fraud and others don’t.
Mass marketed fraud was included in a focus on property crime by the Office of
National Statistics, whereby the 2011/12 Crime and Justice Survey in England and
Wales (CSEW) asked respondents if they had personally received any emails, texts,
letters or phone calls from an individual or a company they have never heard of
before that might have involved a request for money.26 The results showed that:



56% of respondents had received an unsolicited communication in the previous
12 months; only a very small percentage actually fell victim
those receiving unsolicited communications were more likely to be aged between
25 to 44; highest rates of receipt were found among those aged 25-34 (63%) and
35-44 (61%). Those aged 75 and over were less likely to receive such
communications (40%).
of those who had used the internet in the last 12 months, 62% had received an
unsolicited communication compared with 37% of adults who had not used the
internet in the last 12 months.
Less than 1% of adults who received either a communication involving a lottery,
guaranteed high investment return or romance fraud, sent or transferred money.
However, as the ONS noted, the number of victims is too small to produce any
reliable estimates of the scale of victimisation, and these may represent
underestimates as some victims may have been too embarrassed to disclose this
information.27 Other limitations of this data on MMF have been pointed out elsewhere
in an article on online frauds. For example, it seems that the scenarios presented to
interviewees did not reflect the full diversity of this type of fraud.28 Also the survey
did not account for people who became victims through searching on the internet for
products and services, as opposed to those targeted by unsolicited communications:
16
`At best the results should be treated as a barometer of some of the most popular
scams perpetrated’.29
More generally, fraud is not included in the main CSEW crime estimates published
by ONS. However, the CSEW includes supplementary modules of questions on
victimisation across a range of fraud and cyber-crime offences, including plastic card
and bank/building society fraud. But these are currently reported separately from the
headline crime estimates.30
The 2013/14 CSEW findings showed that 5.1% of plastic card owners were victims
of card fraud in the previous year, with a statistically significant rise from the 4.6%
estimated in the previous CSEW. According to the ONS: `The current increased
level of victimisation remains higher than more established offences such as
theft from the person and ‘other’ theft of personal property (1.1% and 1.9%
respectively)’.31
Separate analysis by the ONS (based on the 2012/13 CSEW) showed that together,
plastic card fraud and bank and building society fraud could have contributed
between 3.6 and 3.8 million incidents of crime to the total number of CSEW crimes in
this survey year. These numbers provide an approximate indication of the scale of
these offences that are not covered in the ONS headline estimates each year.
However, according to the ONS, these are based on some simple assumptions
given the current absence of data on the number of times respondents fell victim
within the crime reference period.32
The ONS is currently exploring the feasibility of extending the main victimisation
module in the CSEW to cover elements of fraud and cybercrime. This work is
expected to run throughout most of 2014 with the aim of questions being
implemented in the 2015/16 questionnaire.33 Obviously it remains to be seen to
what extent this work will serve to capture significantly more information about the
extent of MMF and other types of fraud against individuals.
Key concerns
It is clear that mass market fraud (MMF) has become an ever-increasing problem,
affecting very large numbers of people including many older people. The types of
mass marketed fraud that are taking place are impossible to list in full and often
rapidly adapt to new developments. The methods used by fraudsters can involve
mass attempts, for example, via online channels. Victims are also targeted by
building up personal profiles, through befriending and/or seeking to isolate victims,
and the use of professional-looking documentation, fake websites, and sometimes
coercion. Some fraud victims are targeted repeatedly with potentially severe effects
for their health and well-being.
Anyone can be a victim including people who consider they are financially astute. It
is a matter of concern that some older people may be particularly targeted by certain
17
types of fraud, and/or because of personal factors such as financial pressures, social
isolation, or cognitive impairment. In addition, more older people are likely to be
vulnerable to MMF as more go online.
The inadequacy of official data and the wider evidence base is extremely
concerning. Similarly concerns arise about the seemingly high level of underreporting. Not nearly enough is known about why some people are vulnerable to
fraud, and why some report fraud and others do not.
18
3.
Reporting and support
Reporting processes
If a consumer thinks that they are a victim of a fraud, or are concerned that a fraud is
taking place, it is essential that they know how to report it and who to contact. The
channels for doing so consist of Action Fraud UK, local police, and local trading
standards departments via the Citizens Advice consumer service.
Action Fraud
Action Fraud is the UK’s national fraud and internet crime reporting centre, based at
the City of London Police. Its website advises that Action Fraud should be the first
point of contact if someone has been a victim of fraud.34 This can be done using its
online reporting tool or on the phone. There is also a service for carers to report
scams on behalf of a vulnerable victim (the victim must be under 17, or have a
mental health problem or learning difficulty, or a physical disability). However,
people are also free to contact their local police direct if they choose to do so.
Reports made via Action Fraud are passed to the National Fraud Intelligence Bureau
(also based at the City of London Police), where the content is analysed to
determine if there are other reports concerning the same suspect(s) and if there is an
opportunity for the crime to be investigated by a UK Police force. If the report exhibits
viable lines of enquiry it is sent to the relevant local police force for possible
investigation. This depends on whether the suspect is likely to be traceable and
there is an opportunity for enforcement. In addition, reports are passed on if it is
considered that it would be preferable or appropriate for local police to provide a
service to the victim, for example, if the person is very distressed and unable to
provide a full account of what happened.ii
People are routinely notified by Action Fraud if a report is passed on to a local police
force, and given their contact details. However, not all fraud reports are investigated
by local police forces as much depends on their resources and priorities.
Action Fraud changed its processes in May 2014 so that people are also notified in
situations where it has decided not to pass on the report to a local police force
(normally 28 days later). In these circumstances, people are informed that the report
could not be placed with local police at this point in time but that this may change in
the future. Action Fraud passes on the reports it receives to the National Fraud
Intelligence Bureau, and these are put together with other intelligence about fraud,
which can lead to subsequent action.
The police in Scotland are not currently part of Action Fraud. However, Action Fraud
does not make a distinction between fraud reports it receives as long as there is a
ii
Telephone interview with National Fraud Intelligence Bureau, 13 November 2014
19
UK aspect. If it appears that an offender is based in Scotland, for example, Action
Fraud will notify Scottish police.
It is understood that Action Fraud is looking at how its service and communications
with the public can be improved to achieve a better understanding of what can and
can’t be done. This is welcome as it is crucial that everyone who calls Action Fraud
is routinely sent a clear and easily understandable response that explains what is
happening: either that a report has been sent to a local police force; or that it was not
possible to do so at the present time but their information will be kept `live’ and may
be followed up in future. Callers should also be signposted to other possible sources
of information and advice.
Citizens Advice consumer service and Trading Standards
The Citizens Advice consumer service provides confidential and impartial advice on
consumer issues across the UK, including advice for consumers who have lost
money because of a fraud or scam. The service has an agreement with the Trading
Standards services to help consumers to report a problem to them. People can
contact the consumer service by phone or online by completing a webform. The
service’s website also advises people to contact Action Fraud if they have been
targeted by a scam or know someone who has been targeted.
If someone contacts their local Citizens Advice bureau for advice about a potential
fraud, they may be signposted to contact the national consumer service. The service
advises anyone who has lost money because of a scam to get in contact as the
information can be used by Trading Standards services to help stop other people
from becoming victims.
The consumer service advisers undergo intensive training to spot key triggers in
conversations with clients in order to identify potential criminal activity and how to
elicit further information if it is required. The advisers will assess the information
provided by callers and work out whether to pass it on to Trading Standards. (In
some situations, more than one local TS may need to be alerted.) Trading
Standards departments are sent details of all issues reported by consumers and, in
some cases, Trading Standards may be able to help and will contact the consumer
directly if this is the case.
The information provided by callers may be passed on to other bodies as well as
Trading Standards with the powers to take action against the trader. In some
instances, consumer service advisers may also signpost clients to contact Action
Fraud and/or other organisations such as Age UK and the Samaritans for further
support.
Where it is clear that someone is calling from somewhere in Scotland, the service
would normally route them to its Scottish call centre where advisers have an affinity
20
with Scottish consumers. The centre operates in the same way as other parts of the
consumer service.
When local trading standards departments receive a referral from the Citizens
Advice consumer service, they decide what action if any to take depending on local
priorities and resources. Cases where criminality is suspected or where `vulnerable
consumers’ are involved are likely to be high on their priority lists. Local trading
standards can also decide to refer to and work in partnership with the police but this
depends on local relationships.
However, it should be noted that budget cuts are restricting the ability of many
trading standards departments to investigate. According to a recent survey, by 2016
most trading standards services in England and Wales will have been cut by an
average of 40% since 2010.35 The level of cuts to individual services varies widely
but several authorities anticipate their budgets will be more than halved.
ONS fraud statistics for England and Wales do not include trading standards
prosecutions. However, the TSI National Scams Team are currently working on this
issue at a national level.
Banks and card companies
If a customer calls their bank or card company to report a fraud on their account and
the matter is resolved by the company (for example, where the customer’s account is
reimbursed), it can still be reported to Action Fraud. Customers should report all
suspected fraud to Action Fraud, according to the BBA. Banks share crime
information bilaterally with the National Fraud Intelligence Bureau (NFIB), or pass
data to Financial Fraud Action UK (as part of an industry arrangement that takes bulk
fraud data from banks and shares regularly on their behalf with the NFIB).
Under-reporting
As set out in the accompanying evidence review, much of fraud against individuals is
not reported to the relevant authorities. This was confirmed to us by many
interviewees for this report.
Again the evidence base about levels of unreporting is inadequate. There are some
findings from research carried out for the former National Fraud Authority in 2009,
which found that mass marketing fraud often goes unreported. 36 Embarrassment
about being a victim was identified as a key factor. Or people may feel the financial
loss is too low to take the matter further and/or they do not expect to receive much
response from statutory authorities. In some situations, people may not know that
what happened involved fraud.
The House of Commons Home Affairs Committee report on e-crime expressed
concern about the frequent failure to report low level fraud on bank accounts and
about reporting processes:
21
“We are very concerned that there appears to be a 'black hole' where low-level ecrime is committed with impunity. Criminals who defraud victims of a small
amount of money are often not reported to or investigated by law enforcement
and banks simply reimburse victims. Criminals who commit a high volume of low
level fraud can still make huge profits. Banks must be required to report all ecrime fraud to law enforcement and log details of where attacks come from.” 37
“Current recording practises are inadequate to give an accurate picture of the
extent to which reported crime is committed over the internet. We recommend the
introduction of an additional field on crime reporting forms to indicate whether or
not there was digital evidence relating to a crime. This would help the police to
understand the extent of the problem they were facing and to make sure they
have the appropriate resources in place.”
Other support
Some of the support arrangements for victims of fraud include the following, as well
as the advice that is available from Citizens Advice Bureaux and other advice
agencies:
Victim Support
People who report a fraud to Action Fraud are offered the option of having their
details passed on to Victim Support. Those who do so are then contacted by
someone from the charity and offered free and confidential emotional support and
practical help.38 Fraud offences are one of the priorities of the Victim Support
service and people are contacted within 48 hours when referred by Action Fraud by
phone and/or in person.
After an initial assessment, the type and duration of support provided depends on
individual needs and circumstances, and can include practical advice to help people
protect themselves from fraud in future. Some situations require the involvement of
other services such as social services. Fraud is a growing area for Victim Support
and, as a result, it has developed a toolkit for its volunteer advisers on economic
crime, which includes potential impact on victims, practical steps to be considered,
and a checklist/action plan.
Between October 2014 and April 2015, the majority of support services for victims of
crime will be commissioned and provided at a local level by Police and Crime
Commissioners (PCCs).39 MIND is calling for PCCs to prioritise mental health so
that local victims' services work for people with mental health problems.40
ThinkJessica
The ThinkJessica organisation was set up to help protect older and vulnerable
people from fraud attempts that arrive via the post and by telephone.41 It is
22
campaigning for greater awareness of the difficulties faced by people who have what
is described as `Jessica Scam Syndrome’: where someone is a chronic fraud victim
but denies or refuses to accept they are being defrauded, for example, because of
mental health problems, loneliness or gambling addiction.
The charity’s experience is that relatives and carers can find it very difficult to
intervene, and it is calling for `Jessica Scam Syndrome’ to be recognised as a
condition whereby the victims can be separated from the criminals. The aim is to
enable this to happen by means of the person’s mail being redirected to a trusted
person and their phone number changed. Another important element is for the
provision of counselling and support to overcome social isolation.
Financial Ombudsman Service (FOS)
The role of the FOS is to sort out individual complaints between consumers and
businesses providing financial services in or from the UK. People aged 65+
comprise the largest group of consumers in terms of age who complain to FOS,
referring more than a quarter of the cases resolved during 2013/14.42
Complaints received by the Ombudsman include those relating to disputed
transactions, which may involve fraud or suspected fraud. Typically, these will
involve transactions that a consumer says were made by a third party who has
obtained their card or payment details. In some cases, the business accepts this but
is unwilling to refund the money, for instance, because it asserts that the consumer
has been careless with their card or has breached the account terms and conditions.
Or the bank may insist that the consumer authorised the transactions or made them
themselves. The role of FOS is to establish the most likely sequence of events using
available evidence, which can include police reports, bank statements, electronic
records, and information about the firm’s security procedures.43
The Ombudsman receives around 80-100 new complaints about fraud each week
across all banking products. This figure has broadly remained the same over the
course of the last year but the types of fraud vary. In general the majority are about
debit or credit cards which the consumer believes has been compromised in some
way. FOS has noted an increase in complaints relating to`vishing’ or `courier fraud’,
as well as continuing complaints about identity fraud (where bank accounts or credit
cards are set up in other people’s names), and have been working closely with
financial firms to share knowledge, insight and the approach used when dealing with
complaints of this nature.
Alzheimer’s Society
Alzheimer’s Society has published a charter on dementia-friendly financial services,
which is aimed at improving the customer experience of people living with dementia
when dealing with financial service organisations (produced in conjunction with the
Lloyds Banking Group).44
23
This includes a section on fraud that explains how fraud prevention measures can
create a significant barrier in enabling access to their funds and account information
for someone with dementia who is still able to make informed financial decisions.
Fraud prevention methods can also make life difficult for carers and attorneys trying
to manage money on the customer’s behalf. The charter does not require that fraud
prevention methods are removed. Instead, it commits the financial institutions who
sign up to exploring alternative fraud prevention methods that may allow access
while still providing security.
Key concerns
Far more needs to be known about levels of consumer awareness and
understanding about what to do if they are targeted by fraudsters or spot a fraud
taking place. Similarly, more information is needed about consumers’ experiences
and views of reporting arrangements in order to see where changes are required.
This includes signposting and referrals - it is critically important that people are not
put off by being referred on.
Equally, more needs to be known about the effectiveness of what happens once
fraud has been reported, including information and feedback for consumers; the
consistency and comprehensiveness of data recording; and how well the relevant
bodies are working together. In addition, questions need to be addressed about the
adequacy of the resources and priorities given to tackling fraud against individuals.
It is vital that fraud victims have access to appropriate support when they report a
fraud and to deal with any subsequent impact. For example, some people may need
help in recalling and corroborating what happened if they have cognitive impairments
for example, or require help in providing a clear account. This underlines the need
for partnership work including not only the bodies involved in reporting processes but
also other relevant organisations and experts, such as adult social care services,
mental health services and voluntary organisations. A related question is whether
victims who contact Action Fraud should be given the choice of opting-out of a
referral to victim support services instead of the existing opt-in.
Although these issues are beyond the remit of this report, it is necessary to highlight
concerns about the effects of cuts in social care budgets and reductions in access to
these services, and of changes in the way that victims’ support services are
commissioned in England and Wales. These developments are likely to have
significant implications for people’s access to support services if they are targeted by
fraudsters or have been victims.
24
4.
What action is being taken
The police and the Fraud Act
The lead body for police activity in this area is the City of London Police which hosts
the National Fraud Intelligence Bureau (NFIB) and Action Fraud. Currently the
service receives 20,000 crimes and 15,000 information reports each month. The
system used to analyse these reports is similar to those used by the HMRC and
banks. All reports of crime are analysed to identify common features with other
reports of fraud and data from other partners. They are then placed within a workflow
that permits them to be prioritised and assessed by a member of the NFIB staff. A
decision will be made whether or not to allocate it to enforcement or disruption
activity, or whether the police need help from abroad.
Reports may come in from police forces or from individuals affected fraud or third
parties representing the individuals.iii In circumstances where the suspect is
believed to be local the appropriate police force may make initial enquiries
themselves before recording the matter on Action Fraud. If the case does not
require immediate inquiries, then they will refer the case to Action Fraud.
Allocation to an individual police force is on the basis of five principles:
1. The police force area covering the location of the fraudulent
operation/suspect‘s address or for business related fraud the office address of
the employee or if no office address, the Head Office of the company.
2. The police force area with the greatest number of individual usages or
offences.
3. The police force area where the first offence was committed.
4. The police force area where the victim resides or works.
5. In the unlikely event that it is impossible to determine a Force Area using
these principles the NFIB will determine a Force Area.
Enforcement also includes referring cases to trading standards partly because not all
the cases are fraudulent but may involve poor business practices, for example, a
delay in sending the goods ordered. It appears from our discussions that there are
good links between the NFIB and trading standards nationally, as well as between
the Metropolitan Police and the National Trading Standards Scams Team.
In addition to investigating reports of fraud the NFIB and territorial police forces will
often attempt to disrupt criminals. It is often difficult to know precisely who is
iii
Police Scotland is not currently part of Action Fraud. However, where a crime is believed to have
occurred in Scotland it will be allocated to them and, should a person who resides in Scotland choose
to report via Action Fraud, a report will be taken and handled in the same manner as a report from a
person who lives in England and Wales. Fraud in Scotland is prosecuted under the common law
which contains a wide offence of fraud:
https://www.fraudadvisorypanel.org/pdf_show_197.pdf?id=197
25
committing the fraud and whether or not they are within this jurisdiction. The
fraudsters, however, tend to act through other companies, for example, they may
need a bank account or a PayPal account in order to receive payments. Most
companies have terms in their contracts saying that their services cannot be used in
aid of criminality. If fraud can be shown, then companies might stop dealing with
these clients. So, for example, the Metropolitan Police have spent some time
working with the Royal Mail to try and develop a protocol for dealing with possible
scam mail (see below).
The Metropolitan Police have also been working with the banks regarding ways of
alerting the police or the TS National Scams Team when there is suspicious activity
on an account. For example, if someone aged 70+ applies for more than one
cheque book in a month, this may suggest they are making multiple payments to
fraudsters.
An example of disruptive activity is the seizure of letters that had entered the country
through Heathrow as cargo before being placed within the mail systems. This was
done in liaison with the Heathrow Mail Practice Team, part of the UK Border Agency
but it appears to have been, at least initially, a matter of individual initiative, rather
than a policy decision. As well as the disruption this activity caused, the police were
able to liaise with the US Federal Trade Commission which prosecuted some of the
offenders.45
One of the problems with enforcement is the sheer volume of activity combined with
fraud being the poor relation in comparison with crimes of violence and acquisitive
crimes. Police forces are directed to deal with these two categories rather than
fraud. It has been suggested in recent research that, although the number of police
resources dedicated to investigating fraud is not as small as perhaps had been
thought, it is still too small given the scale of the problem.46
This need not necessarily be the case. For example, the Metropolitan Police have a
dedicated fraud unit, FALCON, which covers the entire range of fraud offences.
Within this unit is a group, Operation Sterling, who focus on the prevention of low
level fraud. In addition, we were told that the Metropolitan Police are recruiting an
additional 400 officers who will be allocated to the investigation of low level fraud,
split across four sites in London.
Issues also arise around the soundness of evidence. For example, a common
problem is that a consumer is given a false representation verbally but the written
documents say something different which is not deceptive. The problem here may
be in showing that all the victims have the same recollection.
In 2013, the National Cyber Crime Unit (NCCU) began operating within the National
Crime Agency (NCA). Half of the NCA’s officers are being trained to become digital
investigators who can work alongside and support existing NCCU specialists. Cyber
crime training is also being carried out across police forces, and regional cyber
operations are being expanded.
26
Overseas offenders
Where the content of a report or collection of reports appears not to offer an
opportunity for allocation to a force in the UK because the suspect is believed to be
overseas, consideration is given to the creation of a request to the appropriate
foreign jurisdiction. Such requests are passed to Interpol via the National Crime
Agency. Where it is proportionate, Action Fraud will seek the assistance of other
jurisdictions, either by making a general request for Intelligence or by passing the
matter to a police force (most likely on a victim basis) and suggesting that they
consider and International Letter of Request (ILOR). However, these require the
support of the Crown Prosecution Service and consequently are generally only
issued where it is considered likely that a prosecution can be achieved.
Action Fraud also work closely with ‘European’ (it goes beyond the EU) colleagues
who are members of Europol and make use of their SIENA tool to seek and share
appropriate intelligence; this is supplementary to the above process. The NFIB is a
participant in the International Fraud Mass Marketing Working Group (whose
members include the Federal Trade Commission, Nigerian Economic and Financial
Crime Commission, Europol etc). There is recognition of the need to work with
partners such as the FTC to apply pressure to foreign government and law
enforcement.
The consumer policy and enforcement landscape
The existing consumer landscape dates from 2012 when BIS made a number of
changes both organisationally and in terms of policy.47 In policy terms the main
change was to move responsibility for enforcement away from the OFT (now the
CMA) and onto local authority trading standards departments. This is reflected
legally in the obligation of trading standards departments to enforce the Unfair
Trading Regulations and in the power of the CMA to choose to enforce the same
Regulations. As there would be some cases which raised national issues,
mechanisms were created for allocating cases between trading standards and the
CMA, as well as allocating cases within the trading standards network. There is an
added complication in that enforcement arrangements are split between England
and Wales, Scotland and Northern Ireland.
Policy making
Before looking at enforcement, it is necessary to describe the wider policy
landscape. In 2012 BIS created the Consumer Protection Policy Partnership (CCP)
whose primary purpose is to bring together key partners in order to identify and
prioritise areas where there is greatest harm caused to consumers, agreeing and
coordinating collective action to tackle such detriment, and using all available tools at
the disposal of each member. 48
27
Scams (and doorstep crime) was identified as among the CCP’s priorities, and an
action plan was produced with the aim of achieving a more holistic and joined up
approach. Led by the Convention of Scottish Local Authorities (COSLA), the CPP’s
Mass Marketing Scams study’s primary purpose was to identify a strategy to make
the greatest impact in tackling mass marketing scams. This drew on expertise from
within and outside the Partnership, including the NTSB’s National Scams Team,
Royal Mail, and Action Fraud.
In August 2014, it was agreed that the initial aim and purpose had been met through
the launch of a revised action plan. According to COSLA, in coming together,
members of the group have gained a better understanding of the different roles
partners play in tackling mass marketing scams and, that with a more joined up
approach, a stronger prevention led focus may help to disrupt more schemes than
was previously possible.49 The group will continue to meet on an informal basis,
monitoring progress, sharing examples of best practice, and reporting points of
significance to the CPP.
A small number of actions have taken place including:
 Training to help postal staff spot and report suspect post is being rolled out
across the country by trading standards officers. This collaboration with Royal
Mail also aims to cancel the contracts of companies that send out mass
marketing scams;
 The Scams Team have facilitated the distribution of names identified on
‘suckers lists’ to the relevant local authorities, working closely with COSLA
where names have been identified in Scotland. Local authorities are
encouraged to intervene to warn victims that they are being targeted by
criminals.
 COSLA, the Scams Team and Action Fraud are working together to drive
forward the shared definitions work that will seek to harmonise understanding
of terminology amongst partners; and
 Action Fraud are currently reviewing their online reporting mechanisms with a
view to making these more streamlined.50
The CCP’s priorities also include developing capability to tackle e-crime and ensure
trust in online markets. Following a scoping exercise, the CCP agreed that the issue
is too cross-cutting to engage in a focused study, and instead expertise from the
NTSB’s E-Crime Unit will be requested to assist other working group studies where
there is an e-crime element.51
28
Enforcement
Trading standards
The changes to the consumer landscape created a National Trading Standards
Board (NTSB)iv which covers England and Wales. In order to coordinate
enforcement between the CMA and trading standards, a National Tasking Group
meets every two months, composed of Board members, regional representatives
and members of the CMA. Other organisations attend as observers, including
Trading Standards Scotland. One of the tasks of this group is to identify suitable
cases which require support, which would most often be national cases (formally
called Level 3 cases) when they involve:





complex cases,
cross-boundary activities,
multiple defendants,
high levels of consumer and business detriment and/or
significant breaches of trading standards legislation or extensive fraud.
Regional cases will be supported where intervention will stop it becoming a national
case or set a precedent.
National Trading Standards Scams Team
The NTSB has created a National Trading Standards Scams Team (NST), which is
funded by the National Trading Standards Boardv and hosted by East Sussex
County Council. Its aims are to:




identify victims of fraud
prevent victims from further victimisation
disrupt and investigate criminal activity, and
educate local authorities/agencies on how to work with scam victims
The focus of their work is on MMF carried out by mail and on the phone. Their
experience is that victims of these types of fraud tend to be older people aged 72+.
Some are repeatedly targeted by fraudsters, for example, someone could be
receiving 60 pieces of mail per day. The NST is involved in partnership work with
Royal Mail and 20 other national partners, covering law enforcement and consumer
organisations (see section on `mail fraud’ below). A training package has also been
developed to help staff at mail sorting offices to spot possible mail fraud. Key
indicators include the amount of post for an individual and what is says on the
envelope, for instance, references to prize draw or lottery wins.
iv
The NTSB does not have legal personality. It therefore does not have any enforcement powers of
its own, these rest with local trading standards officers.
v
Around £170,000 (National Trading Standards Board (2014) Summary of Activities April 2013 to
March 2014)
29
The team has also been setting up service level agreements with local authority
trading standards teams in England and Wales who agree to contact potential fraud
victims. So far about 75% of LAs have signed up to these agreements.
Due to the inadequacy of the research relating to MMF, the team are also keen to
carry out comprehensive research in order to find out more about its extent and the
impact on victims but this depends on securing the necessary funding. There are
several bits of work being planned in this area and financial institutions are
supportive.
Other activities include work with banks to encourage them to improve their
monitoring processes to identify possible fraud, for instance, by routinely looking at
accounts where someone aged 70+ is receiving more than one cheque book per
month to see if they are victims of fraud. The NST are also keen on financial
institutions to be involved in partnership work centrally to share intelligence, help
protect victims and to raise public awareness, as well as contributing to disruption
and investigation activities.
More than 6,000 people across the UK had money returned to them as a
result of a new crackdown on prize draw mail scams. This action was part of
an initiative by the National Trading Standards Scams Team and Royal Mail
to return seized responses to mail scams before the money reaches the
hands of scammers. So far over 6,000 items of mail have been returned as
part of the operation in the UK and more than £108,000 has been returned to
victims. Importantly, people are receiving their money alongside a letter or
visit from a local trading standards officer informing them that they have been
a victim of a prize draw scam. It is hoped this will deter them from responding
to such mail in future.52
National Trading Standards ecrime Team
The National Trading Standards eCrime Team (NTSeCT) conducts national
investigations into online scams and rip-offs, committed via the web, email and by
text. It covers England and Wales and is hosted by the Yorkshire and Humber
Trading Standards Group. The Team takes on investigations in its own right but also
supports investigations conducted by local TS offices and regional TS Scambusters’
teams. It is also responsible for improving trading standard’s capacity to tackle
online scams across the whole of the organisation.
NTSeCT works closely with the National Trading Standards Intelligence Team so it
can spot patterns in online scams and frauds from intelligence gathered from a
number of sources including local and regional trading standards offices, Citizens
Advice and the police. (It does not currently have direct access to data held by
Action Fraud, although discussions are ongoing as to how this can be facilitated.)
Investigations have included what is believed to be the first ever successful
prosecution in the UK of a defendant involved in the Microsoft computer scam. This
involved people from overseas calling consumers in the UK claiming to be “Microsoft
30
Certified” engineers or from a company working for Microsoft. Consumers are told
that their computer has serious faults and persuaded to allow remote access to their
computer. They are then charged for installing anti-malware software that is
available for free; their computers may be compromised and their personal details
put at risk.53 Some older people who are new to being online can be especially
vulnerable to this type of fraud. Further work is being carried out to see what more
can be done to tackle ‘Microsoft scam’ calls.
The team is also involved in crackdowns on copycat websites (where consumers are
misled into thinking it is a government site and then pay a fee to a third party for
services that can be obtained free)54. Although the team will be leading on any
potential enforcement activities, a multi-agency approach to tackling the wider issue
has been agreed.55
The focus of the team’s website and social media profiles is to raise public
awareness by providing alerts for consumers about online fraud and scams and
specialist advice. The techniques used include infographics that can be embedded in
other organisations’ websites and disseminated via social media, as well as
animated videos. Work is underway to link up with other organisations to make best
use of social media to publicise alerts and advice including Get Safe Online, Citizens
Advice, Which? and Action Fraud.
At the time of writing work was also underway to pull together data about the extent
of e-crime across the UK. Currently, there is very little research on the growing
phenomenon of online fraud and no clear definitive statistics. The eCrime report will
analyse consumer reports to Trading Standards in an effort to fully understand the
scope and impact of online fraud.
Local authority enforcement
The Consumer Protection from Unfair Trading Regulations 2008 cover commercial
practices between traders and consumers and introduce a general prohibition on
unfair commercial practices. They contain prohibitions of misleading and aggressive
commercial practices, and create criminal offences for traders that breach the
Regulations. Amendments to the Regulations provide consumers with a right to
redress if, among other things, a trader engages in misleading or aggressive
practices (new part 4A).
Trading standards services have enforcement and prosecution powers under these
Regulations (it is only trading standards services and the CMA who can enforce
these regulations). For example, a high profile case, taken by Bedfordshire County
Council, resulted in the jailing of the fraudster and the council being able to obtain
around £562,000 under the Proceeds of Crime Act.56
Prosecuting cases is time and resource intensive, and trading standards services
also engage in fraud prevention and disruption activity where appropriate.
31
The Competition and Markets Authority (CMA)
The CMA also has powers to take up fraud cases. The CMA’s view is that:
“ … enforcement action may be appropriate where it has determined that
breaches of law point to systemic failures in a market, where changing the
behaviour of one business would set a precedent or have other market-wide
implications, where there is an opportunity to set an important legal precedent
or where there is a strong need for deterrence or to secure compensation for
consumers.” 57
In making such a decision, the CMA will have regard to its prioritisation principles,
which focus on impact, strategic significance, risks and resources. 58 The CMA has
not yet used its powers under the Consumer Protection from Unfair Trading
Regulations.
There are different arrangements for prioritising cases in Scotland and Northern
Ireland and, in the time available, it was not possible to explore these. The CMA has
said that it will work with the relevant authorities to identify priority cases.59
At the time of writing the CMA was consulting on its annual plan for 2015/16, and
some of the content appears relevant for its future work with regard to fraud.60 For
instance, key commitments and initiatives that are set out include:
`Initiate as many consumer protection cases or projects as possible, where
we have the requisite evidence; and as a minimum launch three new
consumer protection cases or projects.
Conclude our consumer protection cases effectively either by agreement or by
proceeding to litigation; we will aim for the majority to be concluded within 18
months of being opened’
The CMA’s vision for its work in 2015/16 includes to:



lead policy development and identify and pursue complex, precedent-setting
cases where the CMA is best placed to intervene and can have the greatest
impact on markets
support and work effectively alongside other UK consumer agencies, and:
continue to develop and implement ways of working with our national
consumer protection partners to help to ensure that the consumer protection
regime operates as effectively as possible to develop and implement ways of
working with our national consumer protection partners to help to ensure that
the consumer protection regime operates as effectively as possible
The draft annual plan also refers to new ways of working which include:
`Reaching out to a more diverse network for consumer insights to include
more of those who have expertise on the consumer perspective, and those
32
with specific knowledge of vulnerable, hard to reach or less obvious groups of
consumers’
Cross-border cases
Under the EU’s Consumer Protection Cooperation Regulation (CPC)61 the CMA is
the Single Liaison Office for the UK. The CPC has created a network of EU
consumer bodies to provide mutual assistance to each other. The CMA says that
this means that they:
“… can call upon a member in another Member State to supply information
about, or to take action against, a trader in their jurisdiction whose acts and or
omissions may be causing detriment to the consumers in another Member
State in breach of specified EU consumer protection laws.” 62
Competent authorities who receive such a request have to act upon it as if it were a
breach of domestic law. These arrangements are, of course, only applicable to
companies and individuals operating within the EU.
In addition, the CMA will be taking up the presidency of the International Consumer
Protection and Enforcement Network (ICPEN) from July 2015 to June 2016.
The Financial Conduct Authority (FCA)
The FCA has statutory objectives to reduce financial crime and protect consumers
from harm posed by investment fraud. Under the Financial Services and Markets
Act 2000 (FSMA), the FCA has an extensive range of disciplinary, criminal and civil
powers to take action against regulated and non-regulated firms and individuals who
are failing or have failed to meet the standards required.63
The FCA can take action where there is evidence of financial crime, or a risk of it, in
the sectors and markets that it regulates. This action can include enforcement action
against firms and individuals and restricting or imposing requirements on firms’
business. For example, in November 2014, the FCA implemented a scheme to
return money to investors in certain illegal deposit-taking schemes through an order
obtained from the High Court on 5 November 2014.
Mail fraud
With regard to MMF perpetrated through the post, there are three underlying issues.
One is that mail is protected from interception by the Postal Services Act 2000 from
the time that it is posted to the time that it is delivered.64 Additionally mail is
communications data and is subject to the Regulation of Investigatory Powers Act,
which means that if the police wish to acquire that information they must serve a
notice under this Act.
The second underlying issue is that it is unrealistic to expect Royal Mail, according to
our interviews, to decide from the outside of the letter whether or not the
33
communication inside is fraudulent or not. Since 2012 and the changes in the
consumer landscape, Royal Mail have worked consistently and closely with the
National Scams Team (NST) and local trading standards.
Royal Mail has a part of their website devoted to scam mail (and one part for scam
e-mails).65 These allow the public to contact them (they had about 1,500 contacts in
the first year of operation) and once contacted, they will ask for a sample of the mail
that the customer is complaining about. When Royal Mail has samples of alleged
fraudulent mail, they will pass them onto the NST to get an opinion on whether or not
the item is fraudulent.
The third problem for Royal Mail is that they do not, in general, have a contractual
relationship with the fraudsters. This can be explained in the context of companies
based overseas. Typically the fraudster arranges for the material to be produced by
a printer who will then make arrangements with a mail consolidator e.g. Spring
Global Mail who will enter into a contract with a shipping agent. If there is a problem
with mail that originates via this route, Royal Mail will write to the mail consolidator
asking them to give their customer two warnings and opportunities to make their
material compliant with UK law. If there is a third breach then Royal Mail will ask the
mail consolidator to cancel their contract with their customer.
If there is an overseas company which does have a direct contractual relationship
with Royal Mail, they will similarly give that company two warnings before cancelling
the contract.
Similar arrangements may exist in the UK if the fraudsters use other postal
operators, such as TNT or UK Mail. These operators will ship their mail into Royal
Mail centres for delivery. Royal Mail has just begun talking to these operators on the
issue as they have not had data about the issue before now.
Responsibility for gathering intelligence on mail fraudsters is shared with Trading
Standards in England, Scotland and Wales and the police, which is potentially
confusing. This prompted Royal Mail to set up its ‘Scam Line’ to gather current
examples of mail from fraudsters. Royal Mail recognises that their two-strikes-thenout policy also takes time to work through when mail shots by fraudsters are
infrequent and advice from Trading Standards has to be sought on each occasion
that suspect material is identified. This policy is under review and may be tightened
in the future.
The NST are currently prioritising and investigating several MMF offences. Some
investigations focus on UK-based Post Office box return addresses that may have
links with MMF. Some of these are delivered in partnership with other law
enforcement agencies.
Royal Mail has introduced a major initiative, in collaboration with the NST and trading
standards in order to offer support for victims. The foundation of this is to allow
34
trading standards to conduct work-time learning and training sessions. Trading
standards officers will go into Royal Mail offices and make a presentation about
scam mail, what it looks like, who the victims are and the effect on the local
community. This programme has initially been introduced into some larger sorting
offices and was felt in the interviews to have been successful.
The process is that postal workers will, of their own volition, identify potential scam
mail being sent to an address and report this to the Royal Mail security team’s
helpdesk. This has been yielding about 20 to 40 addresses for each sorting office.
The helpdesk then passes the information onto the NST who then passes it to the
local trading standards, who will then undertake work with their local authority
partners, typically adult protection services. They will then assess whether or not the
person is at risk of financial harm. If so, there are various measures that can be put
in place, such as meeting the victim and providing a support plan to protect and
safeguard that individual from further financial abuse. The procedure is being rolled
out carefully to avoid overwhelming adult services with many unplanned cases.
The NST are currently working with St Helens Trading Standards and Merseyside
police to roll out a pilot where scam victim data is prioritised and victims are then
visited to assess the level of harm and support that is needed. Results have not
been collated yet.
Data sharing and protection issues
Banks and other financial institutions have a crucial role in spotting situations in
which consumers are potentially victims of fraud and in helping to protect their
customers. For example, if someone is ordering multiple cheque books, this could
be an indicator that they are being targeted by a fraudster who is demanding repeat
payments. Sudden withdrawals of large amounts of cash relative to the money in an
account could indicate that someone is the victim of courier fraud. These types of
situation give rise to questions about data sharing and protection.
Staff at banks and building societies need to be able to identify that a crime may be
taking place and intervene quickly to alert the consumer. They may need to take
appropriate action such as notifying the police, which will involve sharing some data
about the consumer with the police.
The legal framework for data sharing is set out in the Data Protection Act 1998
(DPA). It should also be noted that the DPA is not the only consideration for banks
when determining whether or not they can share data. Banks also have duties to
their customers under the common law duty of confidence. The Tournier principles
set out when a bank may legally disclose information about its customer in
accordance with its common law duty. (For further information, see the FOS
website66.)
35
It is clear that there are serious questions that need to be addressed about whether
the provisions of the DPA are fully understood and correctly applied by banks and
other financial institutions. A number of interviewees for this research raised
concerns that the DPA is frequently cited as an excuse not to take action to stop a
fraud, rather than enabling a crime to be prevented. The reality is that much can be
done within the framework of data protection legislation to prevent fraud without a
consumer’s privacy being unduly infringed.
The Information Commissioner’s Office (ICO) has published a statutory code of
practice on data sharing67 under the DPA (which can be used in evidence in any
legal proceedings). Among other matters, the code emphasises the need for
organisations involved in data sharing to work together to ensure that the individuals
concerned know who has, or will have, their data and what it is being used for, or will
be used for.
The company’s assessment of the situation needs to ensure processing is lawful and
fair, and appropriate safeguards need to be in place to ensure that the consumer is
properly informed about what is, or may be, happening with their data.
Banks, building societies and other companies should ensure that they have a good
understanding of what is and isn’t permissible under the law in terms of data
protection and data sharing, and that they have the right policies, procedures and
processes.vi The ICO also advocates that organisations undertake a privacy impact
assessment.68
A crucial aspect is ensuring that company staff have clear and informed
conversations with consumers so that they understand the problem and why the
bank or building society needs to take action, such as notifying the police of a
possible crime. This should be underpinned by formal and regular staff training to
ensure that there is proper understanding of what is permissible under data
protection legislation, and what action should be taken if it is suspected that
someone may be a victim of fraud.
Safeguarding people
There is an established safeguarding concept or principle which implies that some
people who are particularly at risk in a variety of ways should have statutory
protection arrangements in place. Although this is a broad subject, it has relevance
for helping to protect some people who might be regarded as being especially at risk
of fraud.
England and Wales
The Care Act 2014 covers England and Wales and takes effect in April 2015. It sets
out how local authorities and other health and care services should protect adults at
vi
Telephone interview with ICO, 13 November 2014
36
risk of abuse or neglect. Safeguarding becomes a specific statutory duty, and local
authorities are required to set up a Safeguarding Adults Board in their area, giving
these boards a clear legal basis for the first time. The Act provides a legal
framework so that key organisations and individuals with responsibilities for adult
safeguarding can agree on how they must work together and what roles they must
play to keep adults at risk safe.69
Of particular relevance is the fact that the Act requires local authorities to make
enquiries, or ask others to make enquiries, when they think an adult with care and
support needs may be at risk of abuse or neglect in their area and to find out what, if
any, action may be needed (s.42). This applies whether or not the authority is
actually providing any care and support services to that person. Abuse includes
financial abuse, and this includes:
`(a) having money or other property stolen,
(b) being defrauded,
(c) being put under pressure in relation to money or other property, and
(d) having money or other property misused.’
Scotland
Under the Adult Support and Protection (Scotland) Act 2007, local councils must
make inquiries about a person's well-being, property or financial affairs if it knows or
believes that the person is an adult at risk, and that it might need to intervene in
order to protect the person's well-being, property or financial affairs. It requires
councils and a range of public bodies to work together to support and protect adults
who are unable to safeguard themselves, their property and their rights. The
Scottish Government’s website has a section - `Act against Harm’ – that explains the
legislation and advises people what to do if they feel they need help or know
someone who is being harmed.70
Trading standards services in Angus have found that the legislation is invaluable,
particularly in facilitating partnership work with professionals who are in direct
contact with people in their local communities, such as social workers, tenancy
support officers, meals on wheels services, and local police. This type of joint
approach helps to address a range of factors that may be placing people at risk,
including help to remain living independently rather than going into care homes.
Angus TS are also extremely concerned about people who are in vulnerable
circumstances, for example because of medical conditions and/or social isolation,
and at risk of repeated targeting by fraudsters. Work being undertaken with other TS
services includes exploring what call blocking techniques are most appropriate to
help protect people from MMF carried out on the phone.vii
vii
Telephone interview 30 October 2014
37
Other activities being undertaken in Angus includes Operation Carpus: a partnership
between Police Scotland, Angus Local Policing Area, Angus Council Trading
Standards and Social Work Adult Protective Services. The main objectives are to
keep people safe by preventing and disrupting criminal activity, providing crime
prevention advice and identifying vulnerable adults to provide appropriate support
through partner agencies.71
Approximately 200 people in Angus were identified on a `suckers’ list’, which had
been passed to Angus Council Trading Standards by the National Scam Hub. Where
possible, those on the list were contacted and visited. Their average age was 72
(the range was 32 to 95 years). Some were referred for help and support where
there were concerns about safeguarding and protection, and people were also
referred to trading standards officers for advice and help with protection against
fraud. This included installation of devices to block some incoming phone calls,
registration with the Telephone Preference Service and Mail Preference Service, and
protection to block scam emails.
In addition, where people have been targeted by fraudsters, further assessments are
also being carried out to ascertain potential vulnerability to fraud via other channels
of communication, such as via online methods, on the doorstep and on the phone.
The savings from the intervention activity were estimated at between £1 million to £2
million. The interventions also helped to ensure that the individuals visited as a
result of the operation are less likely to become victims of fraud or repeat victims,
according to a report on the operation.72 Other wider benefits included an increase
in public awareness which has helped people to identify scam approaches and avoid
becoming a victim.
Operation Carpus is now an embedded practice between Police Scotland in Angus,
Angus TS and Angus Council Adult Protection Unit.
US: Financial Abuse Teams
In the US, specialist Financial Abuse Specialist Teams have been set up in a
number of states. These Teams are multi-disciplinary and assist service providers
with expertise regarding financial exploitation. Some FAST teams offer free
community education on financial abuse, and advice on relevant legislation.73 This
type of approach may well offer useful lessons for the UK.
Consumer awareness campaigns and other action
Citizens Advice service (CAS)
The CAS runs an annual Scams Awareness Month, usually in May, together with
citizens advice bureaux, Citizens Advice Scotland and the Trading Standards
Institute. Information provided includes top tips on for dealing with scams and what
to do if someone has been a victim, such as how to obtain advice and report fraud.
38
The latest campaign in 2014 warned people to watch out for non-secure websites
that ask for financial details but also that scammers are at the end of the phone and
on the doorstep.74
FCA
Using funds recovered from the proceeds of crime, the FCA launched a national
Scamsmart campaign in 2014 for eight weeks to warn people about investment fraud
and how to spot it75. It is aimed in particular at consumers who are in retirement and
have financial resources, reflecting the findings of the recent FCA research on
investment fraud76, and intelligence from Action Fraud and the City of London Police.
The aim is to influence consumers’ behaviour, in particular, to encourage people to
be more mindful/ sceptical when they are approached about an investment
opportunity. The FCA hopes this will enable consumers to be more conscious of
possible fraud and sceptical about investment scams. The FCA’s online tool advises
consumers about warning signs to look out for, and consumers can also check firms
that they are considering investing in against the warning list published on its website
of firms running scams or operating without authorisation, and its financial services
register of authorised firms.
The FCA has been working with a range of internal and external organisations to
bring the campaign to life including Action Fraud, the National Crime Agency, the
Financial Ombudsman, the Home Office, the Money Advice Service, Age UK, and
the BBA. As well as the tools on its website, the FCA is aiming to raise consumer
awareness about investment fraud through targeted media coverage, including
identifying potential opportunities to repeat and reinforce the messages.
The FCA is intending to evaluate the effectiveness of the campaign and to use that
information to inform future work and to refine the campaign if needed. This will
include quantitative and qualitative research with consumers, for example, regarding
their understanding of what the campaign was aiming to convey.
In addition, the FCA’s website also advises consumers about other types of fraud
such as those involving banking, early pension release and advance fee fraud.
If consumers suspect that they have been contacted by investment fraudsters, they
are encouraged to report it to Action Fraud. Consumers can also report possible
investment fraud, share frauds or boiler room scams to the FCA via its online forms
or by calling its Consumer Helpline.
The BBA
The BBA is the UK-industry association for the banking sector, and it works with
members and external partner organisations to improve customer protection against
fraud.77
39
The BBA is aware that fraudsters’ tactics are evolving rapidly with a range of
techniques used to target consumers who are assumed to have money in their
accounts. The issue for banks is how staff can balance the need to try to prevent
fraud if they suspect it is happening against personal intrusion into a customer’s
financial affairs. Good staff training on these matters is therefore of key importance,
according to the BBA, who recently established a partnership with the City of London
Police to provide fraud training for banks.
The BBA is keen to get the message across that anyone can be a victim of fraud and
it can affect people of all ages and backgrounds. As well as information on its
website about how to avoid fraud, the BBA launched an awareness drive in October
2014 with UK retail banks, law enforcement agencies and consumer groups called
`Know Fraud, No Fraud’. The campaign is aimed at helping customers spot the
difference between a legitimate call and one from a fraudster. The leaflet gives
advice on how to avoid becoming a victim and instructions on what to do if people
are caught out78. It also lists 8 things a bank would never ask a customer but a
fraudster might, such as asking for their full PIN number or passwords over the
phone or via email, or sending someone to their home to collect cash or bank cards.
The BBA is also having discussions with advice agencies and voluntary
organisations to explore how its material to raise public awareness can be
disseminated more widely and the message adapted for particular audiences.
In addition, the BBA has announced a new Financial Crime Alerts Service due to
start in early 201579. It will allow a range of public bodies to share financial crime
information with banks more efficiently on topics including fraud via real-time alerts.
Building Societies Association (BSA)
The Building Societies Association (BSA) is the UK industry body for building
societies and some other mutual financial service providers. It receives regular
reports from its members about instances of potential fraud being perpetrated
against customers, for example, frontline staff becoming concerned about unusual
transactions or account withdrawals.
The BSA together with the BBA and the Office of the Public Guardian is currently
engaged in discussions with the ICO to clarify how customers being targeted by
fraudsters can be supported. The key issues revolve around whether staff can refer
suspicions of fraud against customers to the relevant authorities, such as local
authority adult services, without the account-holder's permission. This includes
instances where the account holder does not appear to have the mental capacity to
make the relevant decision. In this context the BSA would like to see a review of the
Mental Capacity Act 2005 to clarify the position regarding people with fluctuating
mental capacity. The discussions with the ICO have so far clarified that building
societies can follow up concerns raised by a third party (such as a relative or carer)
40
about a possible fraud by noting the information and investigating further with the
customer.
More broadly the BSA considers that more collaboration and co-ordination of efforts
are needed to prevent consumers targeted for crime from becoming fraud victims, or
repeat victims. This particularly applies to sharing of intelligence with consumers
about different types of fraud taking place and fraudsters' tactics, as it is important to
underline the message that what is happening to them is also happening to other
people. An option could be for one organisation to have responsibility for coordinating, publishing and distributing information on types of fraud and how to avoid
becoming a victim.viii
Cifas
Cifas is a not-for-profit membership organisation which provides two UK databases
of confirmed fraud data, as well as a range of fraud prevention services to protect
organisations from the effects of fraud. 300 organisations from the public and private
sectors currently share fraud information through Cifas in order to prevent further
fraud. Cifas also provides information, advice and a service called Protective
Registration to members of the public who are at increased risk of falling victim to
fraud. 80
Financial Fraud Action UK (FFAUK)
Financial Fraud Action UK is the name under which the financial services industry
co-ordinates its activity on fraud prevention. It works in partnership with The UK
Cards Association on industry initiatives to prevent fraud on credit and debit cards,
with the Fraud Control Steering Group on non-cards fraud matters and the Cheque
and Credit Clearing Company on credit clearing and cheque fraud.
As well as publishing annual statistics on fraud on UK-issued cards, FFAUK
publishes fraud alerts and also information on its website on how consumers can
better protect themselves against fraud. It is also engaged in efforts to help people
to avoid becoming fraud victims through collaborative work with partner
organisations. In general, FFAUK would like to see greater co-ordination of
messages to raise public awareness of financial fraud, particularly to increase the
visibility and consistency of public messages, and to explore opportunities for more
collaboration.
FFAUK receives regular reports from members about fraudulent activities taking
place. Currently it is receiving an increasing number of reports about consumers
being approached by fraudsters by phone or email, in attempts to manipulate
someone into providing personal financial information and, in some instances,
transferring money to the fraudster’s account. Fraudsters may use a one-off
viii
Telephone interview with BSA 6 November 2014
41
approach or concerted attempts to build trust. These fraudulent approaches can be
based on speculation or on using information gleaned about an individual, for
example, from social media, and/or from mailing lists. In some instances, fraudsters
may target older people on the assumption that they may have more money in their
account than younger people.
ThinkJessica
The ThinkJessica charity works to raise public awareness through national poster
campaigns and other material to inform and forewarn other bodies, potential victims,
relatives and carers about the risks of people becoming chronic fraud victims. A
crucial aspect is to convey what can happen with a clear story that people can
recognise and relate to, rather than complicated explanations: Jessica's story can be
read on the ThinkJessica website and in its scam aware literature.81
Government campaigns and initiatives
Much of the focus of the current work of the government in this area relates to
tackling cyber-dependant crime and cyber-enabled crime (such as online mass
marketing frauds, ‘phishing’ e-mails; online banking and e-commerce frauds.)[1]
Following the ‘Get Safe Online’ and ‘The Devil’s in Your Details’ public awareness
campaigns, in 2013/14 the government launched the `Be Cyberstreetwise’
campaign, which consists of a range of online and interactive resources and work to
secure media coverage.82 The aim is to change the way people view online safety,
and provide skills and knowledge regarding cyber security. The campaign is led by
the Home Office, working with BIS and the Cabinet Office, and it involves a range of
organisations such as Action Fraud, the ICO, third sector organisations and
industry.
To complement the `Be Cyberstreetwise’ campaign, a joint Home Office and Avon
and Somerset police initiative – the “Spot It, Stop It” campaign – was delivered in
2014 to encourage people aged 60-85 to adopt behaviours to help protect them
against fraud, whether on the doorstep, via phone or online. The pilot is taking place
in the Avon and Somerset police force area, and the results are currently being
evaluated.
More broadly, the Home Office Strategic Centre for Organised Crime is engaged in
work to support local areas to take action against all Serious and Organised Crime
locally, including fraud. The Government’s view is that local areas should develop
(or using existing structures to deliver) Local multi-agency Partnerships on Serious
and Organised Crime.83 It also proposes that these should be steered by Local
[1]
Cyber crime describes two distinct but closely related, criminal activities: cyberdependent
crimes, and cyber-enabled crimes. Cyber-dependent crimes can only be committed using computers,
computer networks or other forms of information communication technology. Cyber-enabled crimes
(such as fraud) can be conducted on or offline, but online may take place at unprecedented scale and
speed. (Serious and Organised Crime Strategy, Home Office, 2013)
42
Profiles that set out a shared partner understanding of the key local threats and
vulnerabilities. The Home Secretary has now written to all forces with guidance on
the proposed content for the Local Profiles.
As part of this, the Home Office is exploring what levers are available at national and
local levels to help to prevent people from becoming fraud victims, particularly
through multi-agency collaboration. This work includes discussions with the private
sector about their role in helping to prevent fraud; and to encourage better
understanding of data protection legislation regarding data sharing between
agencies when a crime is suspected.
Furthermore, in 2013 the Home Office commissioned a review of cyber crime, which
provided an overview of current published evidence on the scale and nature of this
type of crime in the UK – to identify what is known, where evidence is most reliable
and where major gaps remain.
The review described the introduction of Action Fraud reporting as a key element to
improving understanding of the scale and nature of cyber crime but also suggested
other improvements, including systematically improving the quality and range of
individual measures of cyber crime. In order to capture more information on types of
cyber crimes not covered by Action Fraud, the Home Office has introduced a
voluntary cyber ‘flag’ onto police recorded crime. It has also been encouraging new
questions to be added to the Crime and Justice Survey for England and Wales
(CSEW); and will continue to review the effectiveness of these improvements. A
new external working group will be set up by the Home Office, focusing on improving
the estimates of the cost of cyber crime.
Following the above review, the Home Office is currently engaged in plans for
research into the impact of mass marketed fraud on people who may be particularly
vulnerable. Its current focus is to co-ordinate research on victims of cyber crime
together with the City of London Police, which is planned to take place in early
2015. This work is driven by concern about the rising numbers of people affected by
this type of crime. The results of the research will be used to inform future `Prevent,
Prepare’ policy and service provision.
More generally the Home Office has worked with the Ministry of Justice to produce
the Code of Practice for Victims of Crime, which summarises a list of key
entitlements that victims of criminal conduct are entitled to under this Code.84
The BSI
At the time of writing the BSI was exploring the viability of a national BSI standard to
better protect vulnerable adults in the UK from scams, frauds, rogue traders,
nuisance calls and other such attacks.
Action to tackle unsolicited calls
43
Some unsolicited or `nuisance’ phone calls involve attempts at mass marketed fraud
as this is one of the methods used by fraudsters. Recent research for Ofcomix on
nuisance calls in general found that calls that were perceived to be ‘scams’ were
more likely to be considered distressing.85
Mounting concerns about unsolicited calls and texts have been raised over the years
by a range of consumer bodies, including the Consumer Forum for Communications,
the Communications Consumer Panel and Which?. Although registration with the
Telephone Preference Service (TPS) helps consumers to opt-out of receiving
unsolicited live sales or marketing calls, rogue companies ignore the TPS register
and consumers may consent to receive marketing calls without realising it.86
There have been a number of developments in the last couple of years that have
explored the problem of nuisance calls and what can be done to tackle it. These
include an All Party Parliamentary Group On Nuisance Calls Inquiry87, a report by
the House of Commons Culture Media and Sport Committee88, and the publication of
an action plan by the DCMS. The ICO and Ofcom are working together to tackle the
problem and have produced a joint updated action plan.89
At the time of writing, the report of a stakeholder task force on reform of the rules on
handling personal data for third-party marketing, was due to be published imminently
(as part of the DCMS Action Plan on nuisance calls). Chaired by Which?, other
participants include representatives from government, regulators, consumer bodies
and industry.
In particular, the task force has been looking at issues relating to consumer consent
to being contacted by direct marketing firms. Its recommendations are likely to focus
on improving companies’ policies and practices regarding how consumers are asked
to give consent and their internal recording processes. The task force is also likely
to call for companies to place restrictions on the nature and length of consumer
consent for marketing calls, including their policies with regard to passing on or
selling customers’ details to third parties.
The Privacy and Electronic Communications (EC Directive) Regulations 2003
(PECR) govern when a direct marketing call can and cannot be made. The ICO is
responsible for enforcement, and at present the ICO can issue a civil monetary
penalty of up to £500,000 for those in breach of the regulations. The ICO believes
that the penalty regime must be broadened to create a stronger deterrent effect and
this is supported by a range of consumer organisations.90 At the time of writing the
DCMS was consulting on proposals to lower the threshold.91
ix
The research involved a nationally representative sample of UK adults with home landline phones
who undertook a diary study to record all unwanted calls personally received on their home landline
phone across a four week period (13th January to 9th February 2014).
44
In addition, Ofcom has powers to tackle persistent misuse of electronic
communications networks and services under the Communications Act 2003
(sections 128 to 131). It has been using this power to tackle abandoned and silent
calls. In addition to formal enforcement cases, Ofcom has also taken informal
enforcement action to bring companies into compliance without pursuing formal
action.92 An enforcement challenge is identifying the organisations generating the
calls because many choose to hide their identity by spoofing or withholding their
number. Ofcom has been working with industry and regulators in other countries to
improve call tracing processes. The Internet Engineering Task Force (IETF) is also
working globally to make it harder for callers to use Voice over Internet Protocol to
spoof numbers.
Screening calls by looking at the calling line identification (CLI) is another possible
solution to help consumers to guard against nuisance calls. However, fraudsters can
use number faking or (`spoofing’), which misleads consumers into thinking that they
are speaking to their bank for example. Call blocking and filtering mechanisms can
help to block calls from fraudsters but may not be a complete answer as rogue
callers may change their number frequently or spoof the number of another
organisation. Ofcom is discussing possible technical solutions to these problems
with industry, as well as working with consumer organisations and trading standards
to see what can be done to raise consumer awareness of how to reduce nuisance
calls and where to complain.
While Ofcom’s powers are generally limited in terms of being able to tackle
fraudulent and criminal activity using the telephone system, it works closely with
other bodies and enforcement agencies to identify the best method of tackling such
activity. This includes work with the telecommunications industry to identify network
solutions where certain features of telephony systems are being abused to carry out
fraudulent activity.
An example of this has been Ofcom’s work on tackling courier fraud where criminals
have taken advantage of phone lines being left open even though the person called
may think that the call has finished. For example, a tactic of fraudsters is to call
someone claiming to be from the police or their bank, and then suggesting the
consumer calls back to verify this. When the consumer tries to phone their bank or
the police to check, in reality they end up speaking to the fraudster instead as the
line has been left open.
Consequently Ofcom has been exploring solutions with industry to reduce the time
that phone lines are left open. Due to various changes to fixed-line and mobile
networks, this problem has been largely eradicated due to timers now having been
cut to two seconds (previously two minutes). These changes have already been
implemented for most of the UK, and should apply to the whole country in 2015.
Criminals are moving on to new scams to make the people they are phoning believe
45
they are speaking to a trusted organisation – like a bank – by misleading them by
displaying spoofed numbers (see above).
Calling line identification (CLI) is another possible solution to help consumers to
guard against nuisance calls. However, fraudsters can use number faking or
(`spoofing’), which misleads consumers into thinking that they are speaking to their
bank for example. Call blocking and filtering mechanisms can help to block calls
from fraudsters but may not be a complete answer as calls may also be blocked from
official organisations, for example if they withhold their number. Ofcom is exploring
possible solutions to these problems, as well as working with organisations such as
trading standards to see what can be done to raise consumer awareness.
Key concerns
This research has not identified significant gaps or omissions in the legal framework.
But serious concerns were expressed to us during the course of the work about the
resources available for prevention and enforcement, and the priorities given to
tackling fraud against individual consumers. In addition, efforts to tackle financial
abuse, including MMF and other types of fraud, need to take account of the
opportunities presented by care and safeguarding legislation. However, concerns
also arise about the resources available for social care and safeguarding services,
which may affect victims of fraud amongst other people.
It is welcome that the problem of mass marketed fraud is being paid more attention
alongside a number of initiatives and collaborative activities involving government
departments, regulators, enforcement authorities, industry associations and
consumer bodies. But it has proved to be a time-consuming and complicated
process to find out who is involved, what is happening and how well the various
efforts are being co-ordinated.
There are welcome activities taking place to raise public awareness about mass
marketed fraud. But more needs to be known about the effectiveness of different
types of public campaigns in order to inform future activities. In addition, although
more attention is being paid to alerting consumers to online fraud, this should not
result in less attention being paid to tackling other types of fraud, such as through the
mail or on the doorstep.
The research has also highlighted the importance of appropriate support for older
people and others who become victims of fraud, which may often require multiagency work. There is clearly scope for greater co-operation and partnership work
to provide support and to help prevent people becoming fraud victims, and greater
sharing of information and lessons.
46
References
1
http://www.Action Fraud.police.uk/types-of-fraud/mass-marketing-fraud
Online frauds: Learning from victims why they fall for these scams, Button M et al,
Australian & New Zealand Journal of Criminology published online 28 March 2014,
Sage Publications
3
A better deal for fraud victims Research into victims’ needs and experiences
(2009), Button M, Lewis C and Tapley J, Centre for Counter Fraud Studies,
University of Portsmouth and National Fraud Authority
4
Online frauds: Learning from victims why they fall for these scams, Button M et al,
Australian & New Zealand Journal of Criminology published online 28 March 2014,
Sage Publications)
5
http://www.ageuk.org.uk/latest-press/one-in-four-pensioners-struggling-financially/
6
Policy Brief: Scams & Think Jessica Campaign 2009 (2009), Trading Standards
Institute
7
http://www.thinkjessica.com/faqs.htm
8
Understanding victims of financial crime - A qualitative study with people affected
by investment fraud (2014), NatCen and the FCA)
9
A quantitative analysis of victims of investment crime (2014), Financial Conduct
Authority
10
HMRC press release, 20 October 2014
11
http://www.Action Fraud.police.uk/a-z_of_fraud
12
Serious and Organised Crime Strategy (2013), Home Office
13
http://www.thepensionsregulator.gov.uk/regulate-and-enforce/pension-scams.aspx
14
https://www.gov.uk/government/news/pensions-guidance-providers-unveiled
15
Scammers cashing-in on Green Deal, Citizens Advice press release, 24 April
2014
16
Online frauds: Learning from victims why they fall for these scams, Button M et al,
Australian & New Zealand Journal of Criminology published online 28 March 2014,
Sage Publications)
17
HMRC press release, 20 October 2014
18
Online frauds: Learning from victims why they fall for these scams, Button M et al,
Australian & New Zealand Journal of Criminology published online 28 March 2014,
Sage Publications)
19
The psychology of scams (2009), University of Exeter and the OFT
20
http://www.port.ac.uk/centre-for-counter-fraud-studies/
21
Understanding victims of financial crime - A qualitative study with people affected
by investment fraud (2014), NatCen and the FCA)
22
Understanding victims of financial crime - A qualitative study with people affected
by investment fraud (2014), NatCen and the FCA)
23
A quantitative analysis of victims of investment crime (2014), Financial Conduct
Authority)
24
Annual Fraud Indicator (2013), National Fraud Authority
25
Research on impact of mass marketed scams: A summary of research into the
impact of scams on UK consumers (2006), Office of Fair Trading
2
47
26
Chapter 4: Mass Marketing Fraud (2013), Office for National Statistics
Chapter 4: Mass Marketing Fraud (2013), Office for National Statistics
28
Online frauds: Learning from victims why they fall for these scams, Button M et al,
Australian & New Zealand Journal of Criminology published online 28 March 2014,
Sage Publications on behalf of the Australian and New Zealand Society of
Criminology. Article can be found online at:
http://anj.sagepub.com/content/early/2014/03/28/0004865814521224
29
Online frauds: Learning from victims why they fall for these scams, Button M et al,
Australian & New Zealand Journal of Criminology published online 28 March 2014,
Sage Publications on behalf of the Australian and New Zealand Society of
Criminology. Article can be found online at:
http://anj.sagepub.com/content/early/2014/03/28/0004865814521224
30
Chapter 1: Property Crime – Overview, November 2014, Office of National
Statistics
31
Chapter 1: Property Crime – Overview, November 2014, Office of National
Statistics
32
Chapter 1: Property Crime – Overview, November 2014, Office of National
Statistics
33
Chapter 1: Property Crime – Overview, November 2014, Office of National
Statistics
34
http://www.Action Fraud.police.uk/report_fraud
35
Trading Standards Workforce Survey Report of the TSS 2014 Survey (2014),
National Trading Standards Board and Trading Standards Institute
36
Fraud typologies and victims of fraud Literature review (2009), National Fraud
Authority and the Centre for Counter Fraud Studies, Button M, Lewis C and Tapley J
37
House of Commons Home Affairs Committee - Fifth Report E-crime
38
http://www.Action Fraud.police.uk/support-and-prevention/ive-been-a-victim-offraud
27
39
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/32640
9/pcc-funding-awarded-2014-15.pdf
40
http://www.mind.org.uk/news-campaigns/campaigns/victims-of-crime/
41
http://www.thinkjessica.com/main.htm
42
http://www.financial-ombudsman.org.uk/publications/ar14/complained.html#a1a
43
http://www.financial-ombudsman.org.uk/publications/ombudsman-news/116/116disputed-transactions.html
44
http://www.alzheimers.org.uk/site/scripts/download_info.php?fileID=1983
45
See: http://www.thinkjessica.com/index.php/news/view/1EHfXFihwr8kYtCa
46
The Not So Thin Blue Line After All? Investigative Resources Devoted to Fighting
Fraud/Economic Crime in the United Kingdom (2014). Button M, Blackbourn D and
Tunley M, Policing, November 1-14.
47
Better choices, better deals: report on progress on the consumer empowerment
strategy (2012), BIS
48
www.gov.uk/government/publications/consumer-protection-partnership-priorities2013-to-2014
49
COSLA e-mail 11 November 2014
50
COSLA e-mail 11 November 2014
48
51
Consumer Protection Partnership: Priorities Report 2013-14 (2013), BIS
52
http://www.eastlothian.gov.uk/news/article/1762/more_than_100_000_returned_duri
ng_scam_mail_campaign
53
http://www.tradingstandardsecrime.org.uk/national-e-crime-team-brings-downmicrosoft-phone-scam-operator/
54
http://www.tradingstandardsecrime.org.uk/copycat-web-site-crackdown-2/
55
SUMMARY OF ACTIVITIES APRIL 2013 TO MARCH 2014 (2014), National
Trading Standards Board
56
http://www.bbc.co.uk/news/uk-england-beds-bucks-herts-29140248
57
Consumer Protection: Guidance on the CMA’s approach to use of its consumer
powers (2014) CMA
58
Prioritisation Principles for the CMA (2014) CMA
59
Consumer Protection: Guidance on the CMA’s approach to use of its consumer
powers (2014) CMA
60
Annual Plan Consultation 2015-16, available at:
https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/37848
0/Draft_Annual_Plan_2015-16.pdf
61
REGULATION (EC) No 2006/2004 on cooperation between national authorities
responsible for the enforcement of consumer protection laws (OJ L 364, 9.12.2004,
p. 1)
62
Consumer Protection: Guidance on the CMA’s approach to use of its consumer
powers (2014), Competition and Markets Authority
63
Enforcement Information Guide (2014) Financial Conduct Authority
64
See ss. 83-4, 104 Postal Services Act 2000.
65
http://www.royalmail.com/personal/help-and-support/what-can-I-do-about-scammail (mail) and http://www.royalmail.com/personal/help-and-support/I-think-Ive-hadan-email-from-a-company-pretending-to-be-royal-mail (e-mails)
66
http://www.financial-ombudsman.org.uk/publications/ombudsmannews/45/45_bankers_duty.htm
67
Data sharing Code of Practice (2011), ICO
68
Conducting privacy impact assessments code of practice (2014), ICO
69
https://www.gov.uk/government/publications/care-act-2014-part-1-factsheets
70
http://www.actagainstharm.org/
71
Police Scotland, Angus Local Policing Area OPERATION CARPUS REVIEW
REPORT (2014)
72
Police Scotland, Angus Local Policing Area OPERATION CARPUS REVIEW
REPORT (2014)
73
http://ncall.us/content/fast
74
http://www.citizensadvice.org.uk/index/pressoffice/press_index/press_20140501.htm
75
http://www.fca.org.uk/news/national-campaign-will-target-those-most-at-risk-ofinvestment-fraud
76
http://www.fca.org.uk/your-fca/list?ttypes=Research&ssearch=
77
http://www.fca.org.uk/news/anderson-peacock-pruthi-unauthorised-deposit-taking
78 ]
https://www.bba.org.uk/news/press-releases/poll-finds-millions-leave-themselvesopen-to-scams-as-banks-launch-campaign/
49
79
https://www.bba.org.uk/news/press-releases/banks-team-up-with-government-tocombat-cyber-criminals-and-fraudsters/
80
https://www.cifas.org.uk/
81
http://www.thinkjessica.com/jessicas-story.htm
82
https://www.cyberstreetwise.com/
83
Serious and Organised Crime Strategy (2013), Home Office
84
Code of Practice for Victims of Crime (October 2013), Ministry of Justice
85
LANDLINE NUISANCE CALLS PANEL WAVE 2 (JANUARY- FEBRUARY 2014)
(2014), GfK NOP, Ofcom
86
Ofcom and ICO - Research into the effectiveness of the Telephone Preference
Services (2014), Ofcom and Ipsos MORI
87
House of Commons All-Party Parliamentary Group On Nuisance Calls Inquiry into
the unsolicited marketing industry, Final Report Recommendations, Oral Evidence
and Summary of Written Evidence received, October 2013
88
Nuisance calls Fourth Report of Session 2013–14, House of Commons Culture,
Media and Sport Committee (2013)
89
Update on the ICO and Ofcom Joint Action Plan for tackling nuisance calls and
messages (2014)
90
Update on the ICO and Ofcom Joint Action Plan for tackling nuisance calls and
messages (2014)
91
Proposal to lower the legal threshold for enforcement of the Privacy and Electronic
Communications (EC Directive) Regulations 2003 (“PECR”), for regulations 19-24, to
tackle unsolicited direct marketing calls and SMS text messages. Consultation
Document (2014), DCMS
92
Update on the ICO and Ofcom Joint Action Plan for tackling nuisance calls and
messages (2014)
50