This has been a year like no other in living memory. It has upturned our lives, disrupted our work, and separated us from loved ones. In response, many of us have been working from home, keeping in touch with friends and family over Zoom and Skype, and shopping online.
Without the technology to do all this, the harsh impact of this pandemic would have been even worse. Technology has been a huge part of how we have responded to coronavirus, and it has given us some semblance of normality during this crisis. However, there are also fraudsters at work who seek to prey on consumers through their computers and smartphones. They are taking advantage of the fact that more of us are living online this year, a worrying fact which is reflected in the increase in fraud attempts we have seen during 2020.
Smishing, where fraudsters send text messages to mobile phones pretending to be genuine businesses, has become the main threat to consumers
Defeating the fraudsters, and protecting consumers, is extremely important. It is a collective effort. All lenders in Ireland work closely with law enforcement to combat online fraud attempts. That includes from the initial reporting of fraud cases right through to providing evidence in court. But to have more success we need more collaboration between industry, Government and law enforcement.
I believe we should be able to share real-time information between financial institutions on fraud. Right now, we don’t have a legal framework to share this information. This means fraudsters can and do move from one financial institution to another as part of an ongoing campaign of criminality. To tackle this, Bank of Ireland is calling for the urgent development of a shared fraud database to allow lenders share information on fraud.
This is something that Bank of Ireland has first-hand experience of in the United Kingdom. Since 2006, a range of organisations – including lenders, postal services, insurance companies, credit unions and government authorities – can share fraud data and intelligence. This information is managed and co-ordinated by a not-for-profit organisation, Cifas, and more than 400 member organisations can access an information database to help identify potential fraud cases and stop them before damage is done.
Bank of Ireland’s UK business uses this database every day. In the 12 months from mid-2019 to mid-2020, Cifas helped us prevent £15.4 million (€17 million) worth of fraud loss. In the same time period, we filed over 750 instances of fraud to the database to prevent our customers and other organisations from falling victim to the same criminals.
This shared database has also been particularly important in preventing identity theft. Cifas has reported that, across its UK members, it has prevented tens of thousands of repeat identity-theft cases each year. The establishment of an Irish database would similarly allow us to detect fraud and combat identity theft, protecting customers from financial loss.
Individual action and an awareness of the tricks used by fraudsters is also important. Recent research that we commissioned shows that more than half of consumers will shop online more this Christmas than last. Online banking and online shopping is perfectly safe. However, we have seen criminals, pretending to be reputable businesses, attempt to trick customers into giving away sensitive financial information. And, most importantly, we have seen first-hand the stress this causes to our customers.
The development of a shared fraud database would be a big step forward, and would add considerably to consumer protection in Ireland
Our research also shows that two out of three of us are worried about being targeted by online fraudsters. Nearly half of us feel more exposed due to the pandemic and the need to be online. Fraudulent email remains a big problem but smishing, where fraudsters send text messages to mobile phones pretending to be genuine businesses, has become the main threat to consumers.
For businesses, the tactics are different but the threats are just as real. Invoice redirection, where a fraudster tricks a business into changing the bank account details they use to pay a supplier, and CEO impersonation fraud (most CEOs will know how this feels), where a fraudster impersonates a senior manager in a business and convinces a staff member to make a payment, are the biggest threats.
As a bank, we have a responsibility to be extremely vigilant to these attacks and to advise our customers on how to deal with these various threats. As part of our response, we have launched a national fraud awareness campaign which provides practical advice and guidance.
Fighting fraud is a constant battle for banks and requires significant investment and resource. Every day we identify and shut down fraudulent websites, combat smishing and monitor transactions. We are determined to do everything we can to stop fraudsters and to protect the financial wellbeing of our customers.
Fraud and cybercrime is serious criminal activity. And, like any criminal activity, it evolves and adapts to find new ways into our lives. We need to evolve and adapt our response. The development of a shared fraud database would be a big step forward, and would add considerably to consumer protection in Ireland.
Francesca McDonagh is chief executive of Bank of Ireland