In 2024, Cifas members recorded a case to the NFD every two minutes, with identity fraud again the most commonly reported fraud risk type, accounting for 59% of all filings. The second most reported  case type was facility (account) takeover. This was the driver behind the overall rise in cases, recording an unprecedented 76% increase in filings, with fraudulent activity particularly against the telecoms and online retail sector. These together accounted for over 55,000 filings.

This increase reflects reporting on the scale of UK fraud and associated harm more widely. The Crime Survey for England and Wales reported a 19% rise in fraud incidents (year ending September 2024) and GASA (Global Anti-Scam Alliance) estimated that  UK individuals lost £11.4billion to scams, up £4billion on the previous year.

The increase in identity fraud cases is predominantly linked to an unprecedented spike in impersonations targeting the telecoms sector (up 73%). These mainly relate to mobile phone products - a rise of over 16,000 cases (87%). The rise in cases is linked to a well-established impersonation/account takeover fraud involving victims receiving scam calls offering the latest upgrades or discounts on a new handset.

Other products targeted in identity frauds include personal store cards (up 35%), personal bank accounts (up 12%), personal credit cards (up 8%) and motor insurance (up 8%). Collectively these products accounted for 63% of identity fraud cases highlighting a growing fraud threat in these sectors.

The most common filing reasons are  ‘impersonation – current address fraud’ and ‘impersonation – previous address fraud’ which account for 82% of all cases.

The greatest number of victims are over 61yrs (25%). This is consistent with 2023 filings.

The rise in misuse of facility cases is primarily linked to the misuse of company current accounts and the evasion of repayments for personal loans. The majority of cases (68%) concern bank accounts that have been filed for ‘funds received – conduct unexplained’, ‘payment fraud’ and ‘retaining wrongful credit’.  

One in ten cases related to the misuse of a company account (over 8,000 cases in 2024, a 198% increase over 2023) which points to the growing threat posed by companies being targeted to facilitate fraudulent activity including the laundering of funds.

Organisations continue to report applications submitted for loans, assets, and credit cards where there is no clear intention of payments being made.

The reduction in money muling cases can be partly explained by a number of organisations filing fewer cases in 2024. This has been caused by regulatory concern at the criminalisation of some vulnerable young people as a consequence of reporting. This has resulted in greater, and welcome, caution on the part of some organisations when filing muling activity involving young people.

Despite this overall reduction, there are some organisations who have observed significant volumes/increases in money muling cases, with many defining  muling as an ‘ever-expanding issue with no respite’. Muling cases account for 57% of  bank account misuse cases filed to the NFD. This underpins  the ongoing threat posed by personal and company accounts being used for muling.

With over 34,000 cases of suspected money muling filed to Cifas, it is unsurprising that Cifas members have described muling as an ‘ever-expanding issue’. Cifas members have reported concerns at the growth of ‘money making opportunities’ promoted on social media platforms, which predominantly targeted ‘young people’ and often vulnerable individuals into this illegal activity. Much of this content is disguised as attractive employment opportunities with generous  working patterns and benefits.

Filings by Cifas members reveal that it is most often personal current accounts (77%) that are used in muling. This is down from 90% in 2023 following the growth in the use of company current account for muling. Filings in relation to the use of company current accounts rose to 4,500 cases, accounting for one in five suspected mule cases filed to the NFD.

It is younger people, individuals under 30 years old who account for the majority of cases (61%). This highlights the ongoing challenge of educating young people around the dangers of engaging in money mule activity.

Consistent with the filings recorded in 2023, the majority of cases were facilitated through online channels (67%). It is noteworthy that the number of takeover attempts occurring ‘in store’ recorded to the NFD is up by 83% potentially indicating a rise in less sophisticated ‘back-to-basics’ or ‘in person’ takeover attempts.

Research1  also shows that account takeover through the mass targeting of consumers online grew quickly in 2024. This has been driven by sophisticated use of malware and automated attacks that have become more difficult to detect.

A high proportion of account takeovers are targeted at the online retail sector. Key tactics employed by criminals includes changing consumers details on accounts or diverting orders to alternative addresses or collection sitters.

The age group most impacted by account takeovers are those aged 61+. They account for 29% of such cases filed to the NFD (previously 27%). Filings in relation to this age group also increased by 90% when compared to 2023, with people targeted in relation to telecom products, and cards (up 52%).

It is younger people, individuals under 30 years old who account for the majority of cases (61%). This highlights the ongoing challenge of educating young people around the dangers of engaging in money mule activity.

Consistent with filings in 2023, 40% of cases were in relation to bank accounts. A significant number of cases were filed for ‘residence - undisclosed address and adverse’ accounting for 46% of bank account related filings. Combined with ‘documents-false’, these two filing reasons account for 82% of cases involving bank accounts.

Cifas research1  suggests that nearly half (48%) of adults believe it is ‘reasonable’ to commit some form of first party fraud, with members citing a growing social acceptance of engaging in this activity. This willingness to commit fraud is perhaps reflected in the filings to the NFD in relation to false applications.

The most common reason for filing was ‘documents-false’ (30%). These tended to focus on the bank account and insurance sectors which together accounted for 69% of such cases filed. The cause of the increase in filing for this reason has been  an uplift in insurance filings, up 272% when compared with 2023, particularly in relation to  motor insurance applications. Insurance cases were also up overall, caused by a  spike in ‘false no claims discount’, up 86% on 2023.

It is younger people, individuals under 30 years old who account for the majority of cases (61%). This highlights the ongoing challenge of educating young people around the dangers of engaging in money mule activity.

Despite this decrease, insider threat remains a significant risk to organisations with particular vulnerabilities caused by continued remote working, especially reduced supervision, and ongoing cost-of-living pressures. Detecting or predicting insider activity can be challenging, particularly where employees have good knowledge of  company systems and are able to mask their activity or alter their tactics to fly under the radar.

The reduction in cases reported to the Insider Threat Database is driven by declines in filing in relation to two high volume case types, dishonest action (down 21%) and false employment unsuccessful (down 30%). The reductions in these case types mostly centred on filings of ‘concealed adverse‘ and ‘theft of cash and IT equipment’.

Consistent with figures for 2023, the leading case types were ‘dishonest action by staff’ (47%) followed by ‘false employment application (unsuccessful)’ accounting for 29%. The high proportion of ‘dishonest action by staff’ (nearly half of cases) recorded despite the reductions noted above, highlights the threat posed by existing as opposed to new employees , and the importance of regular screening to mitigate risks.

It is to note that the majority of the ‘dishonest action’ cases were discovered through internal controls and audit functions (57%) – highlighting the importance of strong internal fraud controls and training.