Fraud losses reached almost €85m in 2022 as consumers warned to be on high alert for text message scam – latest FraudSMART report
- Card fraud accounted for over 95% of fraudulent payment transactions by volume in 2022
- 19% decrease in authorised push payments (APP fraud) transactions in 2022 compared to 2021
- Recent survey by FraudSMART indicates that 1 in 2 adults have experienced attempted fraud by text message in the previous 12 months
Friday 14th July 2023 – A new report published today by FraudSMART, the fraud awareness initiative led by Banking & Payments Federation Ireland (BPFI), shows fraudsters stole nearly €85 million (€84.6m) through frauds and scams in 2022, an increase of 8.8% on 2021. The FraudSMART Payment Fraud Report H2 2022 outlines how card fraud accounted for over 95% of fraudulent payment transactions by volume but only 40% of fraud losses at €33.4m. Most of the increase was driven by online card fraud or ‘card not present’ fraud where a criminal uses the victim’s compromised card information to make an online purchase (up by 24% in value year-on-year to €27.1m in 2022).
The report also highlights the continued rise in value of unauthorised electronic transfers (primarily payments through mobile and online banking) which accounted for almost 39% of fraud losses at €32.8m, but less than 4% of transaction volumes. Meanwhile, there was a 19% decrease in authorised push payment (APP fraud) transactions in 2022 compared to 2021, and APP fraud losses dropped by 41% to €9.9m, the lowest value since the data became available in 2019.
The report comes as FraudSMART warns consumers to be on high alert as text message fraud, known as smishing, continues to become more prevalent. A recent survey by FraudSMART revealed that this type of fraud is now the dominant channel for fraud attempts, with 1 in 2 adults having received fraudulent text message in the previous 12 months. These text messages often include a link and sense of urgency requiring immediate action.
Speaking about the latest figures, Niamh Davenport, Head of Financial Crime, BPFI said: “Today’s figures show that card fraud continues to account for the vast majority of fraudulent payment transactions at 95% of the total volume although these transactions tend to represent lower levels of losses on average. On the other hand, other fraud types have relatively low volumes but would have higher average losses, particularly any fraud that leads to account takeover where the fraudster takes control of your main bank account by tricking you into handing over your bank log in details, which we have seen recently through text message scams.”
“Conversely, we also see from today’s report that there was a 19% decrease in authorised push payment (APP fraud) transactions in 2022 compared to 2021. APP fraud can happen when a scammer tricks a consumer into sending money directly from their account to an account which the criminal controls. Examples of this include investment scams such as fake cryptocurrency schemes or romance, holiday or accommodation scams. The decrease in this type of fraud might be attributed to increased consumer awareness or a post-Covid shift, as we have gradually returned to meeting in-person with decreased dependency on online communication. However, figures across all types of financial fraud can fluctuate as fraudsters continually adapt their behaviours and methods.”
Commenting on how consumers can stay alert to text message fraud, Ms Davenport added: “The truth is any of us can fall victim to fraudsters. Frauds and scams are becoming increasingly more complex and credible and are often undertaken by criminal gangs who run large scale operations. Banks are using a range of measures such as encryption and continuous fraud monitoring to protect their customers and ensure every day payments can be made securely, but fraudsters are increasingly targeting businesses and consumers directly through online channels including emails and social media or by phone, so it is important for us all to know how to protect ourselves.”
“If you receive a text asking you for personal or financial information, whether its purporting to be from your bank, eFlow, the HSE, parcel delivery services or any other company, do not to click on the link, especially if there is a sense of urgency to it. Pause for thought and if in any doubt contact the company independently. Don’t be afraid to ask for help if something goes wrong. Sometimes people who have given their bank details to a fraudster keep that fact to themselves out of embarrassment. If you have shared your bank details and realise that it is a scam, report it to your bank and the Gardaí as soon as possible. FraudSMART also provides a wealth of information and tips so visit the website at fraudsmart.ie to keep up to date on the latest advice.”
What to do if you receive a suspicious text message:
- Do not respond to messages with personal information.
- Do not click on links in text messages, instead log into your service provider account through the official website or app
- A bank will never text/email/phone looking for personal information.
- Contact your bank/service provider/employer directly.
- Never use contact details from a text message, always independently verify.
- Always double check before clicking links or attachments in random or unexpected emails or texts and never give away security details such as PINs or passwords to anyone.
Consumers can access a wealth of other advice on how to avoid fraud by visiting www.FraudSMART.ie and signing up for email alerts on current risks and trends.
Data Series: All payment fraud data from 2019 onwards is available in Microsoft Excel format (*.xls) here.
Unauthorised payment fraud happens when a payment is made by another person without the account holder’s authorisation or permission. An example of this is when someone falls victim to a scam such as a text message scam which results in the loss, theft, or misappropriation of sensitive payment data (such as account numbers and PINs). The resulting transactions tend to be of higher value.
Authorised push payment (APP) fraud, also called manipulation of the payer, happens where a fraudster tricks a person or business to instruct their payment service provider, such as their bank, to send money from their account to an account controlled by that fraudster. APP fraud data includes credit transfer payments only.
Smishing occurs when fraudsters send text messages to random phone numbers, claiming to come from a reputable organisation such as a bank, card issuer or a service provider. The message will typically ask you to click on a link to a website or to call a phone number in order to “verify”, “update” or to “reactivate” your account. The website link leads to a bogus website and the phone number leads to a fraudster pretending to be the legitimate company. The criminal attempts to get you to disclose personal, financial or security information.
About FraudSMART: FraudSMART is a fraud awareness initiative developed by Banking & Payments Federation Ireland (BPFI) in conjunction with the following member banks, Allied Irish Bank plc, Bank of Ireland, KBC Bank Ireland, Permanent TSB, Ulster Bank, An Post Money and Barclays. The programme aims to raise consumer and business awareness of the latest financial fraud activity and trends and provide simple and impartial advice on how best they can protect themselves and their resources. www.fraudsmart.ie
BPFI: Banking & Payments Federation Ireland (BPFI) represents the banking, payments and fintech sector in Ireland. Together with its affiliates, the Federation of International Banks in Ireland and the Fintech & Payments Association of Ireland, BPFI has over 125 member institutions and associates, including licensed domestic and foreign banks and institutions operating in the financial marketplace here.