They say that the customer is always right. But that is not true when the customer is trying to transfer thousands of pounds to a fictitious lover invented by a criminal gang.
John Wilson* had been so convinced by fraudsters that he was willing to bet a Lloyds case manager £20,000 that his online girlfriend was real.
As soon as the bank released the £10,000 he needed to get her into the country, he would take Sandra to his local branch to prove everyone wrong, the 75-year-old vowed, indignant at the suggestion he was being taken for a ride.
The only reason that he had yet to meet Sandra in person was because she had been working on an oil rig off the United States. Besides, it couldn’t be a scam, he had already transferred £20,000. Would the staff member on the other end of the telephone line be willing to bet the same amount that Wilson had been fooled?
Having heard an almost identical story a number of times, the bank employee sheepishly agreed he would. “I do apologise, but this is not genuine. It is a scam,” he repeated.
Lloyds couldn’t let Wilson hand his savings over to criminals, no matter how exasperated he was or how many times he said that he would take full responsibility for the loss.
Wilson couldn’t be convinced and so staff in Lloyds’s fraud centre, to which The Telegraph has had unprecedented access, asked him to go to his branch where they hoped staff, or even the police, could persuade him he was the victim of crime.
Fraud case managers must persuade customers that the payment that they are being asked to make – to their online lover; to their “son” who is locked out of his bank account; for a once-in-a-lifetime investment opportunity – is actually going to criminals.
Often as they try to “break the spell” the customer gets angry, ready with a response that the criminals have coached them to use. The team deals with thousands of calls a day as they try to stem the tide of what has been described as an “epidemic” of fraud.
Meta and the fraud ‘epidemic’
It is now the most common crime in the UK, accounting for 40 per cent of all offences recorded in England and Wales. Overall, it is estimated to cost the UK more than £200 billion a year.
Fraud against individuals is split between “unauthorised” fraud, for example when a person’s bank details are stolen, and “authorised push payment” cases, where someone is convinced to hand over their money, for example to buy fake goods.
In terms of volume around 90 per cent is unauthorised fraud, according to figures from industry body UK Finance. But by value it is split more evenly – 58 per cent for card frauds compared to 42 per cent for the scams, 80 per cent of which start online.
The single biggest source of purchase scams – accounting for more than 70 per cent – is Meta, with the vast majority on Facebook, particularly through its Marketplace function, Lloyds data shows.
That means that around 1 in 50 crimes committed in England and Wales is estimated to originate on the social media platform.
These are not opportunistic social media users looking to make some quick cash, says Liz Ziegler, fraud prevention director at Lloyds Banking Group.
“Most fraud is not done by the teenagers sitting in their bedroom. Most fraud is by organised criminal gangs or nation state actors. Their job is to do fraud. They are not just there to say I want Mrs Jones to give me £500 pounds, they don’t actually care about £500.
“They care about how many people they can get money out of because they need to fund something else, which could be terrorism, the drugs trade, human trafficking and other major types of offences.”
Simon Fell MP, the Government’s Anti-Fraud champion, says around 70 per cent of fraud starts overseas and both ministers and police are working with their international counterparts to follow the money.
It cannot be ruled out that the Kremlin or the Chinese Politburo are playing a role in some of this fraud, he says, just as they have been linked to hacking groups “trying to infiltrate our systems and hurt our businesses”.
“I am sure that there is a link to some foreign actors that are not friends of the UK or the West generally,” he says.
Fears of links to Vladimir Putin will be underscored by the fact that Ziegler has noticed a spike in fraud emanating from Russia since his invasion of Ukraine.
“I can’t say whether it was connected or not,” she says, pointing out that her job is to look after Lloyds’ customers rather than investigate international criminal networks. “I’m just saying we just saw some more. We see waves of activity coming up the Middle East at times.”
But there are also changing threats from the US and south east Asia so not all fraud is “directly linked to conflict”.
Security sources told The Telegraph that such spikes are not attempts to fund warfare, but criminals seeing an opportunity for exploitation, a chance to pump out fake fundraising pages.
Philip Robinson, Lloyds’ customer specialist support director, says that economic crime is now so serious and so widespread the banks believe it is time for the Government to designate it as a threat to national security.
“It is a money generating business for organised crimes or state sponsored terrorists, or state sponsored actors. Designating it a national security threat we think can give investigators more resources, which would put it on par with other economic crimes.”
Lloyds now have more than 3,000 people working on fraud and in the last three years the bank has spent more than £100 million pounds on fraud defence.
Who carries the can?
Legal and regulatory frameworks means that banks have an incentive to tackle fraud – because they are largely liable for reimbursing the customer. But the same isn’t true for the other industries involved in the process, including Facebook, which is not liable for a penny despite being the “trigger point for the vast majority of fraud”, says Ziegler.
“Everybody who has a part to play should shoulder responsibility in reimbursing victims,” she says. “The reason I say that is because we all need a common set of incentives to act.”
But it is not just a share of the financial burden. Banks want social media companies to take responsibility for stopping fraud at the source, for sharing data with them, as well as the police and security services with whom they work closely.
Lloyds sees the same scam again and again, so why don’t the social media companies, with their sophisticated algorithms, see the same thing?
“The ask we have of social media is for them to use the skills they already have,” says Ziegler. “They’re pretty good advertising to all of us and saying ‘we think you might like this next’ – can skills like that not be used to do some good?
“They should be able to spot these trends. Are multiple profiles being set up, have they got similar types of photos being used across multiple profiles, is that an indicator? Data sharing is the power, the kernel we have to be able to collectively act.”
Her comments were echoed by Robinson. “We think they should be compelled to do more and harness the technology that they have, because they’re basically the front, they are seeing the fraud right in the beginning.
“They can see the same car being resold 20 times over. It might have changed colour, but it is a car with the same number plate, the same price, and the same description. I would have thought you could spot that.”
He says that rules compelling everyone in the chain – including tech companies and the telecommunications industry – to invest in prevention is one of a number of things that could be done to tackle the epidemic.
Along with legislation to mandate data sharing to prevent fraud before it happens, banks are keen to see regulation to spread the cost of reimbursing customers and an economic crime minister to take responsibility for an issue that currently crosses more than one government department.
Such pressure comes as advances in technology – including artificial intelligence and sophisticated computer generated impersonations known as deep fakes – allow fraudsters to become quicker and more sophisticated in their deceptions.
Trying to stop the conmen
Back in offices in the City the Lloyds fraud team – made up of investigators, behavioural, data and computer scientists – are busy trying to stay one step ahead to stop the money leaving customer accounts.
Robinson says online scams began flooding banks around 2019. At that time banks were ready to respond to card fraud. But the fraudsters had identified a different vulnerability: the customer.
“Banks have all had to gear our systems towards the fact that it’s the individual that has been manipulated, it’s not the banking system.
“We now all use AI and machine learning tools to spot big patterns of data on a large scale and we have become significantly better at tackling the issue. We’re spotting north of three quarters of all the fraud which we prevent up front.”
But with the number of attempted frauds constantly increasing, improved detection has only managed to keep the amount lost static in recent years, rather than reducing it.
Banks also use machine learning to profile those at risk and watch patterns of behaviour. While the stereotype of a fraud victim is a pensioner bamboozled by technology, in reality most victims are under 45 and the most common age targeted is those between 25 and 34, the generation who live their lives online and are comfortable sharing everything virtually.
For them, Ziegler says Facebook Marketplace scammers are able to put out adverts “like bait, just waiting until you click it”.
The criminals target people’s wants, as demonstrated by the fact more than 600 of Lloyds customers reported being ripped off by a ticket scam when Taylor Swift announced the UK leg of her Eras tour in April, leading to an estimated £1m in losses.
In response, fraud teams are constantly devising new warnings to pop up as people make transactions, changing the colours and style to catch the customer’s eye, flagging up the latest scam.
One of the fraudsters’ current favourites is the “Hi Mum” WhatsApp message scams in which criminals pose as family members with a string of bogus explanations for why they are using a different phone number, cannot answer the phone and need a quick injection of cash.
So when a mother calls the fraud team saying she needs to transfer a large amount of money to her son, through a third party account because his phone is broken and he needs to pay a bill, they are ready.
You can almost hear the penny drop as a member of staff describes exactly the chain of events the mother has been through, despite her not telling him the details.
Indeed, frauds can often be exposed by the fact that conmen follow the same script, successful not because of their complexity but because they pull at a customer’s heart strings – preying on their willingness to help their children, or their desire for love and companionship.
‘Suckers’ and where their money goes
After a fraud has been detected – even if the customer refuses to believe it – then the case is passed on to a complex investigation team who follow the money.
What unfolds can often be a web of deception in which thousands of pounds are transferred through multiple accounts before leaving the country – lost forever.
In the case of one romance fraud, a 78-year-old man living in a nursing home, with no family support, was noticed by Lloyds staff to be making a series of unusual transactions to people he said he had met online.
By following the money from the 78-year-old’s account they could see that there were 113 other victims at Lloyds. In total the fraud amounted to £2m, most of which ended up in Ghana.
Investigators have to be proactive as they find that even if they realise that they have been scammed, people are too embarrassed to admit it, and therefore won’t report it. They work closely with the Dedicated Card and Payment Crime Unit (DCPCU) and City of London police.
In one case, an 85-year-old man refused to admit that he was being defrauded and insisted that transactions – including to hotels in Ibiza and card transactions taking place simultaneously in different parts of the country – were all part of his personal spending.
Lloyds’ complex investigation team followed the cash and the perpetrator of the scam was arrested and pleaded guilty in court before the pensioner admitted that he was a victim.
The 85-year-old, like many others who have handed over cash, is believed to have ended up on a “suckers list” which is often sold on the dark web and sees them targeted repeatedly.
Once they piece together the web of a fraud, Lloyds will proactively contact the other victims to inform them they are being targeted and to stop them handing over any more money.
Investigators can spend years dealing with the same customer. One case in the north of Scotland took over two years to investigate after practically an entire village fell victim to an investment scam as the original target borrowed money from his friends, family and neighbours to pay the criminals.
Turning the tide of fraud
Fell, who spent a decade working in the fraud prevention industry before being elected to Parliament, says that it is important to raise awareness of fraud as “the single biggest weakness in the chain is the individual” and “prevention in this area is far, far better than the cure”.
He believes that the tide is beginning to turn, as evidenced by the fact that leading tech companies – Amazon, eBay, Facebook, Google, Instagram, LinkedIn, Match Group, Microsoft, Snapchat, TikTok, X (formerly Twitter) and YouTube – last year all signed up to a charter to tackle online fraud.
Yet the charter is voluntary and, just six months in, it is not year clear whether promises of increased verification processes and a crackdown on scam posts and illegal adverts will have the effect that is needed. Fell admits: “The proof will be in the pudding.”
“Fraudsters will constantly evolve,” says. “The people we should be really concerned about are organised criminal gangs who are doing this on a sustained basis. We need all the companies here to share data so that we can design fraud out of the system and then we need that data to be shared with law enforcement too. We need to create a feedback loop.”
A spokesman for Meta, Facebook’s parent company, says that they “recognise our important role in tackling the industry-wide issue of online purchase scams and are continually investing in systems to block scams”.
The company says that it does not facilitate payments or shipping for Facebook Marketplace which it describes as a “local meet-up and collection service”.
It encourages customers to report scams immediately and to check whether a profile appears new or incomplete, whether there are any reviews and to insist on seeing the item before completing a purchase.
The spokesman adds: “We are committed to continuing to invest in protections against fraud for people who use our platforms including through the commitments set out in the online fraud charter.”
Following a fraud strategy, and the announcement of a national fraud squad, the industry believes that the Government is more engaged than ever. But despite promises that they will hold the tech giant’s feet to the fire on the voluntary charter, if it is not mandatory, will it be enough?
“We see very little evidence that it will be at the moment,” says Ziegler. “They are very limited in what they’re willing to share.”
*Names have been changed
