Tech giants were today accused of being “enablers of fraud” as Britain’s top law enforcement body warned they were not doing enough to stop crime gangs from using their sites to cheat people out of huge sums.
In the first of a series examining the issue, the Standard can reveal that the National Crime Agency (NCA) believes that Facebook, Twitter, Google and others are helping to fuel a surge in romance and investment scams and other frauds by not doing enough to stop “predators” from targeting the public.
It added that victims were suffering “catastrophic” losses as a result and that there was “definitely more that could be done” by the tech bosses to prevent criminal activity.
Today’s rebuke was delivered by Graeme Biggar, the head of the NCA’s national economic crime centre, as he warned that “vast amounts of money are coming from people into the hands of organised criminals” because of the scale of fraud taking place.
It comes despite the Government’s announcement of a new Online Safety Bill which requires tech giants to stop “user-generated” content put up by fraudsters. Those which fail face large fines in an advance which Mr Biggar described as “brilliant news” that would improve public protection against fraud. But he warned that large gaps remained — including over online advertising by scammers — and that it remained imperative for social media and tech firms to do more to stop their networks being exploited by fraudsters.
“It is still a massive enabler of fraud, the online world, and these firms have all got a really important role to play in tackling it,” Mr Biggar said.
“None of them have done nothing. They’ve all done some things but it’s a fast-moving picture and there’s more they can do with their enormous power.
“The Online Safety Bill will be relevant to scams that are circulated on Facebook between friends, until Facebook messaging goes end-to-end encrypted, and it will be relevant to romance frauds when it moves from the main platforms onto conversations. But there’s a whole bunch of fraud which isn’t — the paid advertisements and the fake websites. We need to be working with the tech sector to get them to do more.”
He added: “They can stop it happening in the first place, report it when it does happen and use their analytical capabilities to spot patterns and tell us about trends. They can also share it with us and telecoms companies and banks, where if we’re sharing the right information we can spot more stuff and use each other’s powers to stop it.”
He said that tech firms could also help with “takedowns”, which happened only “to a varying extent with different companies” at the moment, and by “sharing with us the information they have on the IP addresses or the bank account details of who paid for different sites”.
“It could be hidden behind layers of anonymity, but they do have impressive capabilities so they can use them to that effect,” he said.
The new plea to the tech companies comes amid growing concern about the extent of fraud being carried out in Britain. Official figures from the Office for National Statistics show there are now an estimated 4.4 million fraud offences being committed each year.
What do I need to watch out for?
Phishing — the ones involving emails and texts that pretend to be someone you trust.The goal is to convince users to click a link that will send them to a dodgy website that may look authentic, where a virus could be installed or people are tricked into revealing passwords.
What can I do to spot suspicious messages?
Criminals often try to mimic important places such as banks or Government departments. Messages that say you have a limited time to respond or face fines are used as a way to trick people into making rash decisions. Threatening language, dubious claims of support, or messages that try to tempt you into finding out more are signs. If it sounds too good to be true, it probably is.
How can I check if I’m not sure?
Go to an official source — do not interact with the message you have received. For example, if you have received something from HMRC or Royal Mail, contact them directly.
What if I have already fallen victim to a scam?
If you have given bank details, you should contact your bank immediately. If you have been hacked, you should change your passwords quickly. Anyone who believes they have installed a virus onto their device should run their anti-virus software.
Common types of offending include online shopping frauds — which have risen during the coronavirus restrictions — investment and romance frauds, and the use of scam messages via text or email to steal people’s bank details.
The largely unchecked nature and extent of the crime recently led the Royal United Services Institute think tank to describe fraud as a national security threat.
Mr Biggar’s deputy, Ben Russell, said that major changes were needed to safeguard the public. These included calling on “our colleagues in policing to really focus resources on the highest harm frauds and those having the biggest impact, particularly where we can spot organised crime behind it” and improving both the victim care and anti-fraud advice being given by forces.
But he echoed Mr Biggar’s call for tech giants such as Facebook to also use their data analysis capabilities to identify and remove fraudsters from their networks. He accused them of failing in their responsibility to prevent romance scams — where people are duped via the lure of a relationship into giving money to criminals — and other frauds.
Mr Russell said that Google could help “in terms of Google adverts linked to investment fraud”, while telecoms companies should be assisting by identifying numbers being used to send out bulk text messages to cheat people.
In response a Facebook spokeswoman said: “cammers use multiple methods on and offline to exploit people, including fake phone calls and text messages, phishing emails and online scam ads.
“We’re dedicating significant resources to tackling this industry-wide issue on and off our platforms. To fight this, we work not just to detect and reject scam ads on our services, but block advertisers and, in some cases, take them to court.
“While no enforcement is perfect, we continue to invest in new technologies and methods to protect people on our service from these scams. We have also donated £3 million to Citizens Advice to deliver a UK Scam Action Programme to both raise awareness of online scams and help victims.”
A Google spokesman said protecting consumers and l”egitimate businesses operating in the financial sector is a priority for us”.
“We have been working in consultation with the FCA for over a year to implement new measures and we are developing further restrictions to financial services advertising to tackle the scale of this increasing issue. We are the first technology company to join Stop Scams UK to develop and share best practices with existing members from financial services and telecoms industries.”
A Twitter spokesman said: “It is against our rules to use scam tactics on Twitter to obtain money or private financial information. Where we identify violations of our rules, we take robust enforcement action.We’re constantly adapting to bad actors’ evolving methods, and we will continue to iterate and improve upon our policies as the industry evolves.”