The Intermediary – February 2025 - Flipbook - Page 68
T E C H N O L O GY
Opinion
Things that keep
you awake at night
F
or companies, a breach
of their systems,
cloud access or client
or customer data is a
terrifying prospect. A
cyber aack can cause
panic among customers and feed a
litigation frenzy.
The threat is doubly compounded
by insurance arrangements that will
exclude certain types of aack. Unlike
forest fires, there is no historical
data upon which to model cyberaacks. Cybercrime is no respecter of
geography or seasons.
For individuals, the threat of
companies losing their personal
and private data to criminals and
fraudsters is even more terrifying.
Looking at the numbers
The Office for National Statistics
(ONS) publishes crime stats against
households and people aged 16 years
and over – using data from police
recorded crime and the Crime Survey
for England and Wales – every
six months.
In the year to the end of June 2024,
more than 3.5 million people were
victims of fraud. Fraud makes up 37%
of all crimes experienced by the UK
public, making it the most commied
crime in the country. The ONS figures
reveal that there was a 19% increase
in consumer and retail fraud, to
approximately 963,000 incidents,
compared with the previous year.
Overall, police recorded fraud
was 11% higher – by a whopping 1.3
million offences – compared with year
ending June 2023. Most of that rise
came from offences referred from UK
Finance – they reported a 22% increase
to 569,933 offences, compared with
the previous year when there were
465,894 offences.
The actual figures are likely far,
far higher. The Crime in England
and Wales: Annual Trend and
Demographic dataset estimates that
only one in seven fraud offences were
68
The Intermediary | February 2025
reported to the police or Action Fraud
over the 12-month period to the end
of June last year. According to the
recorded figures, approximately 2.7
million fraud incidents involved a
loss of money or property, and the
victim was fully reimbursed in 1.9
million of these incidents. That means
it’s probable that almost 19 million
frauds took place over that one year,
with 13.3 million of those individuals
reimbursed fully.
Reckoning with risks
Just think about those numbers.
We are talking billions of pounds
– much of it lost through banks as
a consequence of customers being
scammed. The risks presented by
cybercrime are mindbogglingly
numerous: from the loss of
individuals’ data, property and money
to the rising cost of insuring against
those losses, reputational damage and
even criminal charges.
According to the National Fraud
Intelligence Bureau, four-fihs of
reported fraud is cyber-enabled. For
example, the National Economic
Crime Centre and National Crime
Agency teams were involved in the
successful takedown of one of the
biggest online marketplaces selling
stolen credentials to criminals
worldwide recently.
Known as Genesis, this was an
online marketplace for criminals
seeking to defraud victims. The
site hosted more than 80 million
credentials and digital fingerprints
stolen from more than two million
victims, which were sold on the
marketplace as ‘bots’.
These ‘bots’ contained real-time data
that had been harvested from victims’
devices during malicious aacks. This
data could then be used by criminals
for a range of illicit activity against
individuals and companies, including
accessing online banking to move
victims’ money out directly, or to
use credentials to pay for goods and
STEVE CARRUTHERS
is business development
director at MSO Mortgages
services for their benefit. Cyber
security and digital fraud threats grow
year-on-year, and it takes deeper and
deeper pockets for firms to invest in
the protection and defences they need
to keep pace.
In financial services it can be made
more challenging within the bounds
of considerable regulation by multiple
regulators. As cyber criminals find
new and ever more complex ways to
play the system, it’s oen impossible
for firms to keep up, let alone
get ahead.
During the last Mortgage Efficiency
Survey we carried out, we found that
lenders’ views of the risk presented by
cybercrime and digital fraud varied
according to the size of their perceived
potential exposure. In many cases,
smaller lenders pointed to their
investment in InfoSec posts and the
building of specific departments to
address threats.
For larger lenders, provisions and
huge infrastructure investments
formed a large part of their response.
We found there was a real tension
between the need to bring in external
expertise by integrating with thirdparty systems and the cracks this could
open up in their own cyber security.
To quote one participant, “cybercrime
is the thing that keeps us awake
at night.”
There is absolutely no doubt that
these threats are only going to grow
more sophisticated and diverse, and
lenders of all sizes must recognise the
many doorways criminals can use to
access and subvert their organisations
and customers. ●
