It's good to talk but not to fraudsters

4 Jul 19

Phone calls are one of the most popular ways for fraudsters to make contact with their victims but, together, law enforcement and businesses can fight back, writes City of London Police commander Karen Baxter.

Recently, HM Revenue & Customs announced that it has introduced new controls to prevent fraudsters from impersonating HMRC on calls. Since putting these controls in place, HMRC has not received a single report of the ‘spoofing’ trick being used, leading to a 25% fall in reported scams compared with March 2019. HMRC isn’t the only organisation that fraudsters have tried to impersonate. In fact, any well-known company or organisation is open to being used as a way for fraudsters to steal money and personal details from their victims.

The most commonly spoofed sectors are telecoms companies, technology brands and government organisations. Fraudulent calls are a form of phishing, known as ‘vishing’. Criminals use technology to make the numbers displayed on phones match up with those used by a well-known company or organisation. This then convinces victims that the calls are genuine and often leads to them making payments based on this false trust.

Phishing calls and messages are a fraudster’s gateway to the victim. By providing personal details in response to these messages, it can give criminals access to banking and online accounts, leaving them free to commit fraud. Action Fraud, the national fraud and cyber-crime reporting centre, received over a quarter of a million reports of phishing between April 2018 and March 2019.

Phone calls are one of the most popular ways for fraudsters to make contact with their victims. Between April 2018 and March 2019, one in four phishing reports made to Action Fraud were about fraudulent phone calls. One phishing victim who spoke to our Economic Crime Victim Care Unit said he felt stalked and warned people to be cynical, to never doubt their instincts and to always react quickly to an attack.

He knew he was compromised at the time and changed his passwords, but says that he now wishes he had reacted quicker. It wasn’t until speaking to people he knew who worked in IT that he learned what further steps to take. He then spent 24 hours cancelling false logins and changing passwords.

As the national lead force for fraud, the City of London Police has a number of partnerships in place with industry that allow us to identify the current fraud and cyber-crime threats and put in place accurate protection advice for the public and businesses.

The National Fraud Intelligence Bureau works closely with industry, including telecoms companies, to protect the public. However, we avoid sharing details of this work to ensure that fraudsters can’t manipulate their tactics accordingly.

Furthermore, when phishing emails are reported to the bureau, we use them to identify trends and new phishing attacks. This data is then used to produce weekly alerts, media releases and to further protect or pursue collaboration with internal and external partners. This is why it’s so important that people report any incidents to Action Fraud and register for fraud alerts.

As is the case with the announcement from HMRC, we always find it encouraging to hear about the measures that industries are taking to protect both themselves and the public. It is essential that law enforcement agencies and industry continue to unite in this way in order to combat fraud and cyber crime effectively in the interests of the public. 

City of London Police commander Karen Baxter is the NPCC national coordinator for economic crime

  • Karen Baxter

    City of London Police commander, Karen Baxter is the NPCC national coordinator for economic crime

Did you enjoy this article?