Victims of investment fraud lost an average of £45,242 last year after the Covid-19 pandemic spurred a spike in the number of scammers.
In total, ‘clone’ scammers purporting to be legitimate firms stole £78 million from unsuspecting victims in 2020, according to Action Fraud data. The findings showed that the number of scams increased by 29% in April 2020 compared to March, when the UK entered its first lockdown.
The Financial Conduct Authority, which released the data as part of its ScamSmart campaign, warned people to be more alert to potential scammers, with the ongoing financial impact of Covid-19 making people more susceptible to clone scams.
Over two fifths (42%) of investors say they are worried about their finances because of the pandemic and over three quarters (77%) have or plan to make an investment within the next six months to help improve their financial situation.
The watchdog said scammers use the name, address and firm reference number of real companies authorised by the FCA to set up clone firms and send out sales materials linked to websites of legitimate firms to dupe potential investors into thinking they are the real firm.
Tom Selby, senior analyst, AJ Bell, said: “Cloning appears to be an increasingly popular tactic among scammers. The appeal of this model to fraudsters is obvious – regulated firms and particularly well known brands are trusted by their customers, which will likely mean potential victims are less wary when dealing with someone pretending to be that firm.
“While important work has been done by the Government, regulators and the pensions industry to tackle fraud, it is ultimately down to individuals to be vigilant and protect themselves from financial disaster. That means familiarising yourself with the tell-tale signs of fraud, rejecting any investment offers made out of the blue and only dealing with legitimate, bona-fide organisations.”
Trade association PIMFA said it was “disappointed” by the latest data and said that without change to hold online platforms to account the situation will worsen.
Liz Field, chief executive, PIMFA, commented: “It is a cause of deep frustration to our members and the Regulator that they can do little more themselves to combat these criminals and prevent harm from being perpetuated than report such frauds to internet service providers, domain name registration services and online platforms.
“One way such frauds could be prevented would be for the Government to include economic harm within its upcoming Online Safety Bill. In doing so, it could require online platforms, internet service providers and domain name registration services to take swifter action against fraudsters or take preventative action to stop fraudsters reaching their victims in the first place.”
Meanwhile, Anthony Rafferty, CEO, Origo, said the issue was not just of fraudulent transactions resulting in huge sums of money being stolen, but also of identity fraud where investment and adviser firms are tricked into making transactions on behalf of fraudsters masquerading as customers.
Rafferty explained: “Attempts at this type of fraud are now not uncommon in the financial services market. More often this is enabled by the hacking of unsecured email which gives the criminals access to all the information they need to perpetrate a fraud attempt. Cybercriminals have been taking advantage of the necessity for firms to implement home working as well as the general increased use of online services to put out a flood of phishing and scam emails, looking to capture individuals’ personal and financial details as well as penetrate companies’ security systems.”
Rafferty warned that firms need to strengthen their technology and email systems to protect clients.
He added: “Unsecured email is vulnerable to hacking. Therefore, a first, simple and effective way for companies to protect themselves and their clients when communicating on financial transactions and confidential information is to employ military-grade encryption which requires a challenge question to be answered through secure messaging. This is a sensible precaution both to help firms protect their communications with clients and to prevent unintended disclosure of information.
“Large providers such as Aegon and Royal London are implementing encrypted email as a matter of course between themselves and their intermediaries to protect against this kind of business risk.”
