Scammers are winning: EUR 41.3 (USD 47.8) billion lost in scams, up 15%

The number of reported scams increased from 139 in 2019 to 266 million in 2020. The massive growth is caused mainly due to the COVID-pandemic, and in part, because more countries have started to report online fraud.

Nearly all nations have reported large increases in the number of reported scams. Egypt (190%) and Nigeria (186%) disclosed the most dramatic increase. Other developing countries such as Iran, India, and Pakistan also communicated a strong growth in the number of scams of around 90% as the population massively moved to the internet. Only a few countries reported minor decreases including Belgium, Japan, and Sweden. 

The amount lost grew from EUR 36 (USD 41.7) to EUR 41 billion (USD 47.8). The number of scams and money lost is likely to be only a small fraction of the actual size of online fraud. Depending on the country, less than 3% and up to 15% of consumers report a scam. Based on a previous study by ScamAdviser, these figures result from the fact that 23% of consumers don’t know where to report scams, and 11% do not believe this will contribute to any improvement.

Investment scams are on the rise

The money lost per victim and the type of scams differ strongly by country: from less than EUR 10 for fake shops, counterfeiters, and subscription traps to several hundreds of thousands for ransomware, Business Email Compromise (BEC), and investment/crypto scams.

In 2020, scammers first focused on masks, respirators, and disinfectants. Moving forward, they introduced ‘COVID-19 charities’, ‘vaccine pre-registration’, and ‘get your corona government grant’. Delivery scams, in which the victim first buys a product that never ships, and then is charged custom fees by the same scammer, boomed. Fraudsters seem to be able to translate the latest developments into scams within hours. For instance, they used bush fires in Australia for charity hoaxes and the Evergreen containership crisis for investment scams.

Some scams seem to be region-specific. Australia reported an increase of 140% in threat-based scams, which typically involve fraudsters threatening victims with arrest, deportation or legal action unless money is paid. Likewise, Malaysia reported an increase of 450% in ‘Macau’ scams where a fake bank, government or police officer approaches the victim with a fee that must be paid within hours or consequences have to be faced. Switzerland has proven to be extremely vulnerable to investment scams, reporting the highest amount stolen per report of more than EUR 25,000. 

Countries are becoming creative

A strategy applied by the Irish police seems quite cheap and effective: each week a new kind of scam is published on social media, to both local and national media agencies. This strategy helps to keep cybercrime in the minds of consumers. 

The government of Iran made two-factor authentication mandatory for banking apps. As a result, the number of banking phishing scams dropped by 90% in one year. 

The Center for Cybersecurity Belgium (CCB) launched an email address to report phishing emails. In 2020, the CCB received 3.2 million emails. The data collected is used to feed Internet filters, protecting Belgium citizens from malicious domains. 

The government of Taiwan has launched an Open Data Initiative, sharing cybercrime related data with both government organisations, non-profits, and commercial organisations to combat online fraud. Pakistan is training CyberScouts, who can be police officers as well as students and youngsters, aiming to ingrain cybercrime awareness in local communities.

The Japanese Minami Precinct launched the operation ‘Pretend to Be Fooled’. This new crime-fighting programme asks people who have been contacted by someone claiming to be a family member or friend in need of cash to notify the police. The potential victim and the police then work together to catch the scammer. The target victim receives a reward of 10,000 yen.

How can we turn the tide?

While many developing countries are now focusing on building cybercrime awareness amongst their populations, more industrialised countries have learned that education alone is not enough.

Spain, with its 017 initiative accessible via phone, WhatsApp and Telegram, and the Netherlands with easier online reporting have seen strong growth in reported cybercrime. While this may not look good in police statistics, better data is the first step to fighting back.

The next step is increased national sharing of data. In the US, the Federal Trade Commission is taking a leading role in gathering all fraud-related data, collecting and sharing data with 3,000 federal, state, and local law enforcers across the country. Likewise, ScamWatch Australia is intensifying cooperation with Australian law enforcement, the Financial Regulation Commission, banks, telecom operators, and social media companies. 

In Europe and Australia, new legislation is making banks more responsible for phishing and investment scams. If the scam could have been prevented by the bank, the victims have to be compensated for their loss. This has spurred banking associations to fund anti-phishing campaigns. According to several countries, the next action to take should be for tech giants to take more responsibility, using their own data to better identify and prevent fraud. 

While the US, Canada, and Australia have started sharing scam data amongst each other, most countries still linger. Yet, sharing online fraud data globally is the only real solution to turning the tide on the worldwide epidemic of scams as it allows faster identification, prevention, investigation, and prosecution. A lot of work remains to be done.

This editorial is part of the The Fraud Prevention in Ecommerce Report 2021/2022, the ultimate source of knowledge that delves into the evolutionary trail of the payments fraud ecosystem, revealing the most effective security methods for businesses to win the battle against bad actors.

About Jorij Abraham

Jorij Abraham has been part of the international ecommerce community since 1997. He has been ecommerce manager at Bijenkorf, TUI, online publisher at Sanoma Media, and Director of Consulting at Unic. He also co-founded two companies: eVentures Europe and vZine. From 2013-2017 Jorij has been Director of Research & Advise at Thuiswinkel.org and Ecommerce Europe.

About ScamAdviser

ScamAdviser is an initiative of the Ecommerce Foundation. Since 2012, ScamAdviser has been developing an algorithm that gives every domain a Trust Score based on 40 different data sources. More than 100,000 consumers check ScamAdviser.com every day and ScamAdviser adds over 1 million new websites to its database every month. Its data is used by anti-virus software, browsers, and internet filters to keep more than 1 billion users safe, every month. For questions, you can contact jorij.abraham@ecommercefoundation.org.