Cifas Homepage
NewsroomCareersContact Us

The role of the internet in the evolution of identity fraud

29 October 2021

Today marks International Internet Day 2021, celebrating 52 years since the first internet connection was made. The pandemic has proven the value of the internet, from enabling us to stay in contact with friends and family, to allowing us to work remotely. Data from Ofcom shows UK adults spent, on average, over 4 hours online every day in 2020, up from 3.5 hours in 2019, and we can expect that number to have increased again in 2021.

However, our increased reliance on the internet has left many individuals vulnerable to a range of fraudulent activities where the internet was a key platform used to launch the attack. Examples of these attacks include vaccine-related phishing messages, fake delivery company emails and romance scams. These attacks remain prominent threats, and are key enablers of identity fraud.

The evolution of identity fraud

In 1990, two years after Cifas was established, only 0.1% of the UK were using the internet according to the World Bank. During this time, much of identity fraud consisted of individuals physically walking from shop-to-shop using stolen personal details to open store cards under a victim’s name. They’d then spend money on the card, and move on to the next store to do the same thing again.

Leap forward to 2011 and 85% of the UK population were on the internet. That year, Cifas members recorded over 113,000 instances of identity fraud, particularly targeting mail orders, telecoms companies and banks. Nine years later in 2020, and internet usage has continued to surge, with almost 95% of the population online. The number of instances of identity fraud also grew to over 185,000 cases, or one case fewer than every three minutes. This trend looks set to continue, with an 11% increase in identity fraud recorded during the first six months of 2021.

How has the internet enabled the evolution of identity fraud?

The internet has been a key platform to launch fraud attacks, with identity fraud being an enduring threat throughout. An important factor in this is the vast amount of personal information that can be harvested online from various sources including social media platforms, company websites, public registers and online marketplaces. Once this data is in the hands of criminals, it can be used to impersonate businesses and individuals.

The growth in cybercrime-as-a-service (CaaS) is another example of how the internet has supported the evolution of identity fraud through the trading of sophisticated fraud products via online marketplaces – including products such as bespoke phishing kits and ransomware services. Coupled with these threats are secure messaging platforms with end-to-end encryption. These allow perpetrators to recruit specialists in their field, such as hackers or professional money launderers.

While historic identity fraud attacks may have been perpetrated by career criminals, the growth of CaaS has provided an environment to support novices looking to commit fraud.Identity packages, known as ‘fullz’, and social engineering scripts are readily available to purchase on both the surface web and dark web to facilitate fraud. The demand for compromised information has grown to the benefit of those with the skills to steal them. Research suggests the price of stolen credit card details has seen triple-digit growth while the price for DDoS-for-hire services have nearly quadrupled since 2017.

Cifas members and law enforcement share these threats with each other through Organised Fraud Intelligence Group (OFIG) meetings. These meetings demonstrate the cross-sector threat internet-enabled fraud presents to businesses, with the harvesting of personal and financial information remaining a key theme for all involved.

However, our members don’t only share what the threats to each other are in these meetings – but also how they overcome them. Many of these solutions rely on some of the benefits the internet brings.

How does the internet help businesses fight identity fraud?

From 1988 until 2003, Cifas members recorded their cases via the Credit Reference Agencies by fax or post. In 2003, Cifas launched the Fraud Investigation Database (FIND) to enable Cifas’ 200 members to submit and access data 24 hours a day via the internet. The National Fraud Database (NFD), hosted in FIND, now assists over 600 members in preventing over £1 billion of fraud each year through the provision of data.

This internet-enabled system has improved functionality in recent years, providing greater value to members than the simple name and address matching that used to exist. The NFD now allows members to search faces against previously identified fraudulent documents; CaseLink allows complex fraud networks to be explored through intelligence such as IP addresses or device identifiers; and Location Based Alerts utilise geographical mapping tools to highlight areas at high risk of identity fraud.

Numerous other services have also been developed to detect identity fraud risks online. Websites such as allow individuals to check if their email address or phone number has been involved in a data breach; dark-web monitoring tools can crawl forums to monitor criminal discussions on their latest techniques; and customer behaviour monitoring solutions can identify patterns of fraudulent activity.

The internet can also be a useful source of information for professionals investigating fraud. The Cifas Fraud & Cyber Academy hosts courses on Internet and Open Source Investigations at both the foundation and advanced level, which can now be attended virtually.

How can your business shield itself from identity fraud?

Here are some tips to help shield your business from internet-enabled identity fraud:

1. Share and receive data and intelligence on identity fraud through initiatives such as Cifas;
2. Hold regular reviews of your cyber practices to make sure they’re still fit-for-purpose, particularly if your ways of working shifted during the pandemic;
3. Invest in online monitoring tools, for both the surface and dark web, to detect instances of brand mentions or customer details being traded;
4. Exercise good cyber hygiene to mitigate against cyber-based threats such as phishing and spoofing;
5. Learn from industry experts through regular staff training;
6. Develop an effective anti-fraud culture in your business.

The internet is here to stay and it will become further entwined into our everyday lives as more organisations and products adopt digital channels. Unfortunately, this also means criminals will continue to utilise it for their own advantage. The Cifas community exists to help protect each other from the harmful impacts of fraud – is it time you joined us in the fight against fraudsters?

Posted by: Duncan McLellan

Duncan is a Fraud Intelligence Analyst at Cifas.


How can we keep COVID grants out of the hands of fraudsters?

22 December 2021

The Government announced a new Covid –19 support package on 21 December 2021 for businesses. This supplements the packages announced in the recent Autumn Budget and Spending Review in which the Government announced new temporary business rates relief in England for certain business properties, posing a potential fraud threat to the public purse.


Tackling the insider threat at charities

19 October 2021

When we donate our time or money to support a charity, we hope we are going to directly help the cause. Thankfully, most donations will reach their intended destination and help to make a difference. But sadly, the charity sector is just as vulnerable as any other to the insider threat, meaning funds raised to support the charity and its missions could be ending up in the pockets of criminals.

Back to blog home >
Posted by: Duncan McLellan

Duncan is a Fraud Intelligence Analyst at Cifas.