Tricks not hacks: How fraudsters stole £1.28bn last year in the UK
New UK Finance figures reveal fraud losses rose to £1.28bn in 2025, with more than four million fraud cases reported across the UK. Behind this startling figure is a hidden trend, say experts at global analytics software leader FICO (NYSE:FICO).
“Every scam that requires technical access to an account is declining,” said James Roche, fraud consultant at FICO. “Every scam that requires psychological access to a person is accelerating. This is because fraud prevention systems were designed to detect unauthorised access. Now, they need to identify people who are being tricked in real time.”
This shift in criminals’ attacks is represented in the figures.
Authorised/authorised push payment losses, rose 19% to £576.4m. This rise was driven by “malicious payee” fraud – where victims believe they are paying for something legitimate.
- Investment scams soared by 40% to £221.5m
- Purchase scams rose 20% to £118.1m
- Romance fraud climbed 23% to £39.2m
- Advance fee scams ballooned by 65% to £58.4m
While these scams hit their highest levels ever, there was a drop, in “malicious redirection” scams, where criminals impersonate police/bank staff, CEOs, procurement individuals, etc. These fell to their lowest levels since 2020.
“We are seeing a real impact from the use of our innovative Scam Signal solution, in collaboration with Jersey Telecom,” said Roche. “This solution uses telecommunications data to identify when a consumer may be being tricked in a conversation such as an impersonation scam, enabling the bank to reach out to the consumer and thwart the attempt.”
Unauthorised Fraud: The number of card fraud cases went up by 11%, but losses were broadly flat.
“Criminals are targeting far more people for smaller sums in this space, perhaps because the perpetrators are less sophisticated fraudsters using compromised cards or stolen cards,” said Roche. “Remote purchase (card-not-present) fraud now accounts for more cases than all unauthorised fraud categories combined. Social engineering to extract one-time passcodes (OTPs) for digital wallet registration is highlighted as a key driver — this is another problem that Scam Signal helps banks fight.”
Changing the Fight Against Fraud
Roche pointed out major changes in the rapidly growing fraud industry. “Criminals are shifting from system compromises to human exploitation and from opportunistic or physical fraud to organised fraud ecosystems,” Roche said. “The financial services industry is responding by moving from isolated and point-level solutions to shared ecosystems and platforms that can receive and share insight across multiple use cases and sources. This enterprise approach is vital.”
Roche said financial institutions now need to:
- Detect customer intent before payment authorisation
- Identify behavioural anomalies in real time
- Collaborate with risk teams and across the enterprise
- Use AI with more sophistication than fraudsters, making customer-centric decisions with full explainability
- Prepare for the next wave of fraud threats, with agentic-led interactions and prevention technology
“Fraud teams need a deep cross-channel, cross-product, customer-centric view of everything their customers do, and who they are,” Roche said. “This is how banks win against the fraudsters. The banks’ advantage is that they can create context and deep-level relationships to protect customers when they need them the most. Fraudsters can’t achieve that; they deploy the same strategies to many hoping to find the most susceptible people.”