How data sharing can protect victims and prevent fraud
In this article
- Summary
- Some victims don’t know how to report the scam
- Victims are underusing scam reporting routes
- Most victims report fraud to their banks
- Some victims struggle to report the scam
- Victims support their experience being shared across organisations to help prevent fraud
- Proposed solutions
- Recommendations for Government
Summary
Fraud has become increasingly sophisticated, exploiting the vast array of online platforms and communication channels available. Our recent survey reveals the fragmented nature of the fraud reporting landscape. While most victims report fraud to their banks, other key reporting bodies, such as Action Fraud and the police, are underutilised. Moreover, not all organisations that have a role in identifying and preventing fraud are currently sharing their fraud data from victim reports with one another, which leaves gaps in the overall understanding of fraud trends. Cross-sector sharing of data from fraud victim reports would also prevent victims from needing to report the same scam to multiple places. By sharing intelligence across sectors, organisations can develop a more comprehensive understanding of fraudulent activity, spot red flags, identify patterns, and collaborate to protect consumers more effectively against fraud.
Key findings
- Most victims report fraud to their banks - 63% - three times more likely than any other organisation.
- Victims are underusing other scam reporting routes - only 19% used Action Fraud, 17% the police and only 8% to the online company where the scam took place.
- Victims had a difficult experience reporting the scam to certain organisations - 49% struggled with the receiving bank (where the scam money was sent) and 37% struggled with the online company where the scam took place.
- Most victims (75%) are comfortable with their data about the scam being shared across organisations to help prevent future scams.
We are calling for:
- The Government to re-establish the Home Office fraud data sharing taskforce to drive greater collaboration and data sharing about fraud and scams between banks, telecoms providers, online platforms, technology companies and other organisations.
- The Home Office to ensure this taskforce has representation from all relevant sectors and quickly moves to developing practical solutions to data sharing to counter fraud and scams.
- The Government to work with industry and civil society to standardise fraud reporting. This must include consideration of how best to standardise reporting processes across multiple reporting routes, and also explore the potential benefits of a single, centralised reporting route.
- The Government to contribute its own relevant data to fraud data sharing efforts.
Some victims don’t know how to report the scam
Consumer reports about fraud experiences are crucial for identifying and stopping new scams. We want victims to report fraud not just to recover their losses, but because information about their experiences can help prevent future cases if shared across industries. Even now, not all victims go on to report their fraudulent incident. From the 1,000 victims that we surveyed who had lost money to fraud, one in ten (10%) said they didn’t report the incident to anyone.
It is essential that people know where and how to report fraud. Beyond your own bank, key places to report include the receiving bank where the money was sent and Action Fraud. If the scam occurred online, it’s also important to notify the website or app hosting the scam. The main reasons victims gave for why they didn’t report the scam to these organisations was because they didn’t know they could report it to these places, or they didn’t know how to do so - see Figure 1.
Figure 1 - Top reasons why victims didn’t report the scam to the following organisations
| Those who didn’t report the scam to… | Top reason for not reporting | Second reason for not reporting |
|---|---|---|
| The website/ app hosting the scam | I didn’t know I could report it to them (23%) | I didn’t know how to report it to them (20%) |
| The receiving bank | I didn’t know I could report it to them (22%) | I didn’t know how to report it to them (20%) |
| Action Fraud | I didn’t know I could report it to them (27%) | I didn’t know how to report it to them (24%) |
Q13. Why didn’t you report the scam to the following organisations? The question was asked to those who reported the scam to at least one organisation (Base=932)
Victims are underusing scam reporting routes
Our research shows that while there are many places to report fraud, they aren’t always well-known or widely used. Fewer than one in five victims reported their case to Action Fraud (19%), the police (17%), or the online company/app where the scam took place (8%) - see Figure 2. It’s concerning that these formal reporting routes (in particular the police) are so underutilised by victims and suggests that victims may feel unsure about where to turn for help or may lack confidence in these organisations’ ability to take action.
Even smaller proportions disclosed the scam to reporting services, such as ‘call 159’ and ‘text 7726’, which are designed to help victims report fraudulent phone calls and text messages respectively. We found that 2% of victims surveyed reported the scam to 159 and only three people (recognised as 0.3%) used 7726. These channels may be useful for gathering intelligence on current fraud attempts, but they are not always helpful reporting routes for people who have already fallen victim to a scam.
Most victims report fraud to their banks
Once victims lose their money from fraud, they don’t think about how to share the evidence with fraud prevention services. Rather, they prioritise contacting their bank and letting them know that money is missing. This is true of our research, where victims were three times more likely to report the fraud to their bank - six in ten (63%) - than any other organisation that we asked about. This was the most common pathway taken by victims. It’s likely that of all the organisations we capture in this research, banks will have one of the largest shares of data on record for cases of fraud and, perhaps unknowingly, one of the clearest pictures of the fraud landscape to date.
However, the visibility of the fraud landscape remains foggy and fragmented across organisations. There is currently no systemic, sector-wide process in place that allows banks, and other organisations, to share their piece of the fraud puzzle with one another. Currently, organisations do not have access to useful details from the fraud cases recorded by banks, and banks are similarly blind to the data held by Action Fraud, Citizens Advice, and others. This lack of shared information leaves everyone with only part of the puzzle, severely limiting their ability to combat and prevent increasingly sophisticated fraud on a large scale.
Some victims struggle to report the scam
Victims shouldn’t have to face a tough reporting process on top of dealing with the stress and anxiety from their financial loss. Our survey showed that the scam experience had a heavy emotional toll, with 72% of victims feeling more stressed and 66% feeling more anxious as a result of being scammed. We also found that one in seven (15%) victims who didn’t report the scam to their bank said it was because they felt too embarrassed or too overwhelmed.
The reporting process should be straightforward and accessible for victims, ensuring they can easily share their experience without added stress or confusion. On the whole, organisations like the victim’s bank, Action Fraud and Citizens Advice do a good job of making the reporting process smoother for many victims. More than seven in ten victims find reporting easy when it’s to their bank (75%) and Action Fraud (72%), as well as six in ten for Citizens Advice (61%).
Yet, not all organisations are providing the same level of support, with some making it more difficult for victims to report the fraud. Almost half (49%) of victims struggled to report to the receiving bank (where the money from the scam was sent), and 37% found it difficult to report to the online company (e.g. the website or app) where the scam took place.
Victims support their experience being shared across organisations to help prevent fraud
There is a concern that sharing fraud reports across organisations might involve disclosing sensitive personal information about victims. To gauge what victims thought about this, we asked those surveyed how they felt about the details of the scam being shared between their bank, online platforms and the government to prevent future fraud. The response was largely positive: 3 in 4 victims (74%) were comfortable with their data being shared, with 41% saying ‘fairly comfortable’ and 33% saying they were ‘very comfortable’.
It is reassuring that victims are supportive of measures that could help prevent similar scams happening in the future, even if it involves sharing the details of their case. Organisations should move beyond debating whether data sharing is the right approach and focus on doing what’s best for victims by supporting their wishes. Consent can be given for data sharing and this should be factored into data sharing processes.
Proposed solutions
Solution 1: Better data sharing between organisations
The key benefit of improving data sharing across industries is the ability to build a clearer and more comprehensive picture of where fraud is occurring and how it spreads. Currently, organisations work in isolation and only see fraud within their own sector, which limits their understanding of the broader fraud landscape.
A bank might block a fraudulent transaction based on suspicious account activity, but without insights into other aspects of the scam like spoofed phone numbers or fake websites, the full scope of the threat remains hidden. By sharing intelligence across sectors, companies can develop a more comprehensive understanding of fraudulent activity across multiple platforms and channels, spot red flags, identify patterns, and collaborate to protect consumers more effectively. Banks could enable this by sharing certain details from reported fraud cases with other sectors and organisations. This would help efforts to disrupt fraudsters more effectively and therefore better protect consumers. This collective and coordinated approach not only supports victims, but also ensures that critical intelligence is shared across sectors to combat fraud on a larger scale.
Solution 2: Standardised reporting processes
Organisations across sectors need to share fraud data from victim reports effectively with each other to prevent victims from needing to report the same scam multiple times. Scams can involve several channels, many of which have their own routes to report fraud. This means the reporting journey isn’t always clear or straightforward for victims. It shouldn’t be the victim’s responsibility to connect the dots and contact every relevant organisation when they’ve been scammed. Instead, effective data sharing can relieve victims of this burden, allowing the consumer to report to just one place while still ensuring the relevant information from the scam is shared with all relevant parties.
Clear and consistent reporting routes across different channels are essential to guide victims on where and how to report scams. We need standardised reporting processes across these channels—asking the same questions, using the same language and capturing the same data—to facilitate effective data sharing and make it easier to take action against fraud.
The range of places consumers can report fraud, whether or not they are being utilised, highlights that there is a clear need for standardisation of the process across reporting routes to ensure victims clearly know where to report fraud and that they have a similar experience across those reporting routes. However, the complicated nature of the current reporting landscape also raises the question as to whether a single, centralised reporting process could be part of this solution. We are agnostic as to whether a single, centralised reporting process is the way forward, but note that the need for standardisation is clear to support data collection, improve the consumer reporting experience and enhance fraud prevention efforts.
We would encourage industry and Government to discuss the benefits of both a centralised reporting route and a more standardised process across multiple reporting routes. Provided there is standardisation in the questions asked and data gathered, both these options have the potential to enable sharing of relevant information to support victims, learn about the fraudsters’ tactics and inform preventative action. The Home Office taskforce on fraud data sharing is well-placed to explore these options.
Recommendations for Government
Our recommendations for the Government to work with and drive industry to implement and achieve these solutions are set out here.
The Government must drive greater collaboration and data sharing between banks, telecoms providers, online platforms, technology companies and other organisations. This will ensure that fraud prevention efforts are comprehensive, enabling quicker detection and response to scams, regardless of the channel through which they are initiated.
The Home Office must ensure its data sharing taskforce has representation from all relevant sectors and quickly moves to developing practical solutions to data sharing. This must involve discussions about how to standardise data collection about fraud across different industries. This taskforce should also look at how ‘real time’ data can be enabled (via APIs or other technologies) for active fraud detection and prevention, as well as how trends and patterns can be identified from the data and shared more widely to inform preventative measures.
The Government must work with industry and civil society to explore options to standardise fraud reporting. We would encourage the taskforce to also explore the potential benefits of a single, centralised reporting process for victims against a standardised process across multiple channels.
The Government must contribute its own relevant data to fraud data sharing efforts. A number of government departments will hold information that businesses could find useful for fraud detection and prevention purposes; for example, HMRC and Companies House data that could be used in verification checks. It’s important that the Home Office data sharing taskforce also considers what government-held data needs to be included for data sharing efforts to be most effective.
Methodology
Focaldata, on behalf of Which? conducted an online survey of 1,013 victims in the UK who had lost money to fraud in the last 2 years. The survey was conducted between 4th and 15th April 2024. The results have been weighted using data from the latest Office for National Statistics (ONS) Crime Survey.