Cyber enters a new phase with criminals offering it as a service
Over £319m of alleged fraud hit UK Courts in the first half of 2019, down from £345m in the same period last year according to KPMG’s Fraud Barometer, released today. 217 cases of alleged fraud were heard in Courts across the country, a decrease of 13% on the same time last year, which saw 249 cases.
The Fraud Barometer, which records fraud cases coming to UK Courts with a value of £100,000 and above, noted a worrying commercialisation of cyber-crime and a number of repeat offenders making their way back to court amongst the cases recorded.
Commercialisation of cyber-crime
The Fraud Barometer recorded a number of cases in which the commercialisation of cyber-crime had been a factor – with criminals advertising their services on the dark web. In one case, a cyber criminal who created a virus and launched an attack which knocked a communications company in Liberia offline, was jailed for 32 months. He had been paid $30,000 by a rival company to cause the mass disruption - which the victim spent $600,000 repairing.
The data also recorded a 57% increase in the number of account takeover cases reaching court, in the first half of the year where digital scammers used a range of techniques including email, SMS and apps to get hold of personal data that then enabled them to take over bank and credit card accounts. In one case, a Tyneside man who was the UK front of a scam conducted in India was jailed for 28 months at Newcastle Crown Court. The fraud involved online scammers who fleeced vulnerable computer users out of hundreds of thousands of pounds by pretending to help them fix bogus viruses or by hacking attacks on their computers.
Victims, many of them elderly, were panicked into contacting the fraudsters after messages informing them their computers had been infected either popped up on screen or were played through speakers.
When they followed instructions to contact a free number, they were put through to India-based crooks who said they could fix the problem for a fee. But once the scammers had access to victims' banking details, they plundered their accounts and sometimes installed software to allow them to steal more.
Roy Waligora, KPMG UK Head of Investigations observed:
“We are noting a worrying move from criminals simply hacking as a means to an end to being industrialised personal data brokers on the dark web. As our digital footprints get larger, cybercriminals will continue to develop new and innovative ways to steal personal data. If we are not alive to the threats, there is a great risk that we increase our vulnerability to criminals through our inaction.
The Cyber-Attacks (Asset-Freezing) Regulations 2019 (SI 2019/956) entered into force in June, and require banks to repay funds to customers stolen as a result of account takeover. Whilst this is a very positive step for the customer, we all need to remain vigilant as consumers will continue to bear such costs indirectly.”
Repeat offenders fail to learn their lesson
Another trend coming through in the Fraud Barometer data saw a number of repeat offenders heading back to Court. The Fraud Barometer recorded four cases of people with previous convictions for fraud coming back to court under new charges totalling £2.6m. In some cases, the alleged repeat offenders were able to secure employment in new roles where they subsequently were able to circumvent internal controls to continue to commit fraud.
In one case a fraudster was caught trying to pay a £100,000 tax fraud debt with money he had stolen by staging another scam. The 57 year old fraudster first appeared in court in 2016 where he told the judge at Leicester Crown that he could repay the sum of £107,000 if given more time to come up with the money. Investigators from HM Revenue and Customs later discovered he was raising the money to pay the debt through a second scam that involved stealing more than £580,000 from other businesses. He admitted the second fraud at court in 2019 where he was jailed for four years.
Roy Waligora said:
“Whilst for most fraudsters, being caught and convicted once is enough to ensure they don’t continue to commit crime, for some the lure of the prize on offer is too much to resist – regardless of the consequences. Businesses need to ensure they are doing thorough due diligence on the people they are hiring into their organisations – particularly if they are filling roles with financial responsibilities.”
Notes to editors:
For media enquiries, please contact:
Emma Murray, KPMG Corporate Communications
T: 020 7694 6506
KPMG Press Office: T: +44 (0) 207 694 8773
KPMG LLP, a UK limited liability partnership, operates from 22 offices across the UK with approximately 16,300 partners and staff. The UK firm recorded a revenue of £2.338 billion in the year ended 30 September 2018. KPMG is a global network of professional firms providing Audit, Tax, and Advisory services. It operates in 154 countries and has 200,000 professionals working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative ("KPMG International"), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.
© 2020 KPMG LLP, a UK limited liability partnership, and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved.
KPMG International Cooperative (“KPMG International”) is a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.