Press Release
- Plastic card fraud up 26% in first six months of 2007
- Card fraud abroad doubles, yet UK domestic card fraud down 4%
- Online banking fraud losses down by 67%
Figures released today (3 October 2007) by APACS, the UK payments association, show that total card fraud losses increased by 26 per cent in the six months to June 2007 compared with the first half of 2006. This increase has been driven by a 126 per cent rise in fraud on UK-issued cards being used overseas. In contrast, domestic card fraud continues to fall thanks to chip and PIN, with losses at UK retailers down 11 per cent (see notes to editors (2))and losses at UK cash machines down 57 per cent.
UK PLASTIC CARD FRAUD LOSSES
Type of fraud |
January to June 2005 |
January to June 2006 |
January to June 2007 |
+/-% (06/07) |
Online, phone and mail order (CNP) fraud |
£90.6m |
£95.3m |
£137.0m |
+44% |
Counterfeit |
£45.6m |
£52.8m |
£72.3m |
+37% |
Lost/stolen |
£44.3m |
£36.1m |
£30.7m |
-15% |
Mail non-receipt |
£22.8m |
£9.8m |
£4.9m |
-50% |
Card ID theft |
£16.1m |
£15.0m |
£18.7m |
+24% |
Total |
£219.5m |
£209.0m |
£263.6m |
+26% |
Contained within this total: |
|
|
|
|
UK Retailer (face-to-face) |
£73.2m |
£42.1m |
£37.5m |
-11% |
UK Cash machine fraud |
£28.8m |
£39.5m |
£17.1m |
-57% |
Domestic/ international split of total fraud: |
|
|
|
|
UK fraud |
£177.6m |
£160.8m |
£154.8m |
-4% |
Fraud abroad |
£41.8m |
£48.1m |
£108.8m |
+126% |
ONLINE BANKING FRAUD LOSSES (incl. phishing incidents - see notes to editors (5))
Type of fraud |
January to June 2005 |
January to June 2006 |
January to June 2007 |
+/-% 06/07) |
Online banking fraud |
£14.5m |
£22.4m |
£7.5m |
-67% |
Phishing incidents |
312 |
5,087 |
7,224 |
+42% |
The introduction of chip and PIN has made it more difficult for fraudsters to commit card fraud in the UK. Criminals are now being forced to commit card fraud overseas on UK-issued cards. They copy the magnetic stripe data on our cards to create fake cards that they use in countries that have yet to upgrade to chip and PIN. However, as more countries rollout this secure technology the opportunities for criminals to use fake magnetic stripe cards overseas will decrease. To help achieve this end, the European banking industry has set itself the target of completing its chip card rollout by 2010.
Losses from online, phone and mail order shopping fraud have continued to increase year-on-year. However, this increase has to be seen in the context of increasing numbers of people shopping online and ever-growing numbers of online transactions. According to APACS figures, the number of adults shopping online has increased by 157 per cent in the last five years, from 11 million in 2001 to over 28 million last year. By comparison, online, phone and mail order fraud has grown by 122 per cent during the same time period. The fraud to turnover ratio on online card transactions has also decreased – down from 0.7 per cent in 2004 to 0.5 per cent in 2006.
Online banking fraud losses fell by 67 per cent from £22.4m in the first six months of 2006 to just £7.5m in the same period this year. This decrease occurred because online banks have successfully implemented a range of measures to detect and prevent fraud, coupled with the fact that there was an unusually high level of online banking fraud in the first few months of 2006.
Sandra Quinn, director of communications at APACS, says:
“These figures show how the fraudsters have changed tack. A couple of years ago they were mainly stealing cards and card details for use in UK shops and cash machines, but today, because of chip and PIN, they have been driven overseas - using fake magnetic stripe cards specifically in countries which have yet to upgrade to chip and PIN. During the interim we will continue to use fraud intelligence systems to tackle overseas losses and encourage those countries that are lagging behind on chip and PIN to follow our lead.
“The banking industry also continues to work with law enforcement, card accepting businesses, the Home Office and organisations such as Crimestoppers to help deter and prevent the fraudsters. Consumers should also play their part - for example, cardholders should be aware that the majority of online fraud involves a criminal obtaining card details in the real world that are then used to shop fraudulently online. So we continue to urge people to register with the secure online payment systems - MasterCard SecureCode and Verified by Visa - which help prevent cards being used fraudulently over the internet.”
To further raise awareness around card security APACS, last month, published a consumer advice guide - Protect your PIN - to remind cardholders of the need to keep their PIN and card details safe and secure at all times. Educating consumers about the importance of keeping PINs safe and secure can play an important part in tackling fraud. This, together with a range of fraud prevention material and information for consumers and retailers alike, can be found at the banking industry’s fraud prevention website www.cardwatch.org.uk.
For more information contact APACS on:
020 7711 6234 / 020 7711 6340 / 020 7711 6251
For broadcast requests contact APACS on 020 7711 6316.
ENDS
Notes to editors:
1 APACS is the trade body that gives banks, building societies and card issuers a forum where they can work together on non-competitive issues. In a nutshell we help manage the way that businesses and individuals in the UK move their money around - this covers cash, credit and debit cards, cheques and automated payments such as direct debits, salary payments and online/phone transactions. We also champion the fight against banking fraud and are the people who have been working to give consumers greater card fraud protection by introducing chip and PIN. Twice a year we publish figures on banking fraud losses.
2 Card fraud losses in the UK high street have declined dramatically since peaking at £218.8 million in 2004. This is directly attributable to the implementation of chip and PIN in the UK. Losses in 2006 were £72.1 million – a decrease of 67 per cent from the peak year in 2004.
3 Online, telephone and mail order card fraud - card-not-present (CNP) fraud
A CNP transaction is one made when neither the card nor the cardholder is present at a till point in a shop, such as transactions made over the internet, telephone, fax or by mail order. APACS has produced best practice guidelines for preventing CNP fraud, available in a number of formats. The publication Spot & Stop Card-not-Present Fraud is available to download from www.cardwatch.org.uk. This site also contains an e-learning version of the guide, which is also available to order as a CD-Rom.
4 Verified by Visa and MasterCard SecureCode
These are secure online payment systems that enable cardholders to authenticate themselves when shopping online at participating merchants through the use of a password. More information is available at www.visaeurope.com and www.mastercard.com/uk
5 Phishing
Phishing is the name given to the practice used by fraudsters who send emails at random that seem to come from a genuine online bank or business, in an attempt to trick customers of those companies into disclosing personal security information - typically at a bogus website operated by the fraudsters.
These emails usually claim that it is necessary to ‘update’ or ‘verify’ your customer account information and they urge people to click on a link from the email which takes them to the bogus website. Any information entered on the bogus website will be captured by the criminals for their own fraudulent purposes.
You can prevent yourself from becoming a victim of phishing by being wary of all unsolicited emails, even if they appear to originate from a trusted source. Although your bank may contact you by email, it will never ask you to reconfirm your login or security password information by clicking on a link in an email and visiting a website. For more information, visit www.banksafeonline.org.uk
Phishing incidents relate to the number of recorded phishing attacks on UK banks and building societies: each phishing incident typically involves fraudsters setting up a website that is a fake version of a genuine bank website, and then sending out thousands or even millions of spam emails trying to convince people to click on a link that will send them to that fake site. The objective is to fool people into then entering their online banking security information – such as user names, PINs and passwords – onto the fake site.
6 Advice to help avoid being a victim of fraud
- Don’t let your cards or your card details out of your sight when making a transaction.
- Destroy, preferably shred, any documents or receipts that contain personal financial information when you dispose of them.
- Do not keep your passwords, login details and PINs written down.
- Do not disclose PINs, login details or passwords in response to unsolicited emails claiming to be from your bank or the police.
- When entering your PIN in a shop or a cash machine use your free hand to shield the number from prying eyes or hidden cameras.
- Only divulge your card details in a telephone transaction when you have instigated the call and are familiar with the company.
- Make sure your computer has up-to-date anti-virus software and a firewall installed.
- Sign up to Verified by Visa and MasterCard SecureCode.
- Access internet banking or shopping sites by typing the address into your web browser. Never go to a website from a link in an email and then enter personal details.
- Shop at secure websites by ensuring that the security icon (locked padlock or unbroken key symbol) is showing in your browser window.
