Tread carefully, warns expert, as cases rise
With £570 million stolen in the first half of 2024, payment fraud remains a huge problem in the UK, and has major implications for the mortgage industry.
This was the highest level of cases since 2020, according to the trade association UK Finance - up by 16% on the same period a year before - and it’s potentially worrying for a business where large sums of money are transferred routinely.
Specialist lender OSB Group, which focuses on lending in areas such as buy-to-let, commercial and semi-commercial mortgages and residential development finance, is highlighting the challenges which face financial services and its customers, to mark International Fraud Awareness Week.
It warns that with technological advancements, it’s becoming ever more of a challenge to detect fraud, as the culprits become more sophisticated in their attempts to deceive.
OSB’s group chief credit & money laundering reporting officer, Richard Wilson, has a breadth of industry experience, having previously worked for businesses such as Morgan Stanley and Yorkshire Building Society during a career of nearly 40 years. He points to a fraud landscape that is continuously evolving.
“As technology advances, it can be increasingly difficult to detect fraud as documentation can easily be altered or falsified,” Wilson (pictured) told Mortgage Introducer.
It may seem obvious, but brokers and lenders should be sure to check that internet links always start with the customary https – it’s a small, but often overlooked detail. They need to be aware, too, of spelling errors in communications, which potentially expose a fraud.
QR codes have become increasingly common in recent years, Wilson noted. These give users the ability to scan codes with just a phone camera, but fraudsters have seized the opportunity to get people to unwittingly scan fake codes. Industry professionals need to be on the lookout for QR codes which have been tampered with - perhaps where a sticker has been positioned over the original code. When scanning a code, it’s also important to be sure that it leads to a secure site.
Beware of deepfake scams
One area of fraud that has emerged in recent years is deepfake scams - types of synthetically generated or modified media used to impersonate someone or something. Their use increased by 550% between 2019 and 2023, according to Ofcom data, and with more mortgage personnel often working remotely this arguably presents another potential risk.
“With the advancement of artificial intelligence, the ability to clone someone’s voice or image is already well documented, with surprisingly realist results,” Wilson said. “New Generative AI models mean fraudsters can create and manipulate image, video, and audio content with limited technical skill needed, often for free or via a subscription-based service.”
Wilson highlights an example of a case that hit the headlines early this year that involved an employee at an overseas multinational firm. Fraudsters used technology to create a video call featuring several deepfake recreations, so that it looked like his colleagues were on the call, and he was duped into transferring the equivalent of £20.3 million.
Read more: New study shows mortgage brokers are safe from AI – for now
How many people are using Gen AI?
Data suggests that 18 million people in the UK are using Gen AI, which is a 35% increase on the previous year. According to Deloitte’s Digital Consumer Trends UK 2024, seven million people confirm using it for work purposes, claiming it benefits productivity, with the top three uses being idea generation, looking up information and creating written content.
“Don’t get me wrong, there are lots of ways in which AI could be seen as a benefit,” Wilson said.
“However, we all need to remember that there is little advice and no regulation for the use of Gen AI in the workplace currently. Businesses are having to navigate the landscape themselves, which could expose them to risk if they aren’t aware of the associated limitations and opportunities.
“In order for Gen AI to work best, you could find yourself having to input sensitive data which then raises the question about security. Even if you aren’t feeding in your figures, there is a risk that the information it provides could be wrong and/or shared elsewhere without your knowledge.”
He added: “No matter what side of the fence you are sitting, these tools look set to stay and currently it’s everyone for themselves when it comes to adopting it into work life, so my advice would be to tread very carefully.”
Brokers need to be wary of conveyancing and deposit fraud and advise clients accordingly, Wilson suggested. For example, a client may get a last-minute email from a compromised email account pertaining to be from their solicitor advising them to change the account to pay any funds. They should aways contact the solicitor directly via a known telephone number to validate any changes in payment details. More widely, Wilson’s advice is that any notification received in respect of changed payments as part of the mortgage journey should be validated with the recipient.