AI fuels surge in identity fraud, as people sell their personal information - Fraudscape six-month report

• Over 217,000 cases recorded in the first half of 2025 – with AI a consistent driver
• Sharp rises in identity fraud across insurance, mobile, and public services
• Telco sector sees steepest rise in account takeover 

Criminals are using advanced AI to create fake identities, forge documents, and bypass verification systems with alarming accuracy, reveals new data and intelligence from the UK’s leading fraud prevention service, Cifas. 

The latest Fraudscape report, launched today (5 August), shows more than 217,000 fraud risk cases were recorded to the National Fraud Database (NFD) by Cifas members from January-June 2025 - a record number of filings for the six-month period.  

Economic pressures, normalised first-party fraud, risky consumer behaviour and AI-enabled threats all continue to fuel sophisticated and scalable fraud. 

The report also highlights another worrying trend. Individuals are selling their own identities, often via a range of lures and typically on the promise of attractive financial opportunities. However, by giving perpetrators access to legitimate credentials, Cifas warns that people risk losing their identity and becoming liable for loans or credit taken out in their name by criminals. 

Overall, more than 118,000 cases of identity fraud were recorded between January and June 2025 – an ongoing threat that is being exacerbated by AI-enabled synthetic identities and fabricated profiles that can bypass security checks. The risk of identity fraud has also spread into sectors once seen as lower risk – key findings include: 

• Insurance fraud up 25%, driven by false applications and identity theft in motor insurance.
• Mobile account takeovers are replacing impersonation as the go-to fraud tactic.
• Public sector fraud rose 88%, especially in driving licence applications with criminals using a victim’s previous address.
• Gambling-related identity fraud saw a 109% uplift, with criminals exploiting onboarding vulnerabilities such as misusing identities of deceased individuals. 

Telcos targeted by takeovers 

Facility (account) takeover climbed 1% to more than 38,000 cases and now represents 18% of all reported fraud to the NFD. The telecommunications sector saw the steepest rise over the first half of 2025, accounting for 69% of takeovers, up from 40% in 2024. 

Jump in misuse of facility 

Misuse of facility cases rose 35%, with more than 51,000 cases and making up almost a quarter (24%) of all fraud recorded to the NFD. Bank accounts remain the main target, driving nearly three-quarters (73%) of cases – a 20% increase compared to January-June last year. 

Insider Threat grows 

Cifas’ Insider Threat Database (fraud committed by employees against their employers) saw a 32% uplift in cases. Organisations reported more employees were concealing their background information to secure roles or engage in dishonest activity to boost income. 

Persistent risks to business include polygamous working – where individuals hold multiple jobs or roles simultaneously often across different employers or sectors without their knowledge or consent – as well as using fraudulent reference houses to cover employment gaps, and the recruitment of insiders to access sensitive company data. 

Mike Haley, CEO of Cifas, said: “Fraud is a national emergency – and AI has supercharged the threat, making it more sophisticated and harder to detect. No sector, business, or individual is immune. 

“Tackling this fast-changing danger requires urgent, coordinated action through cross-sector collaboration and the sharing of data and intelligence. Only by working together can we stay ahead of the criminals and keep organisations and people safe from harm.”

Download the Fraudscape six-month update here.

ENDS 

Notes to Editors 

For more information, please contact Hayley Paterson, Cifas Press and PR Manager at press@cifas.org.uk. 

About Cifas 

Cifas is the UK’s leading not-for-profit fraud prevention service with over 775 members from across key economic sectors including banking, retail, insurance, and telecoms. Cifas protects businesses and individuals from fraud through the sharing of data and intelligence sharing between the private, public and third sectors. 

In addition to providing products and services – which helped businesses prevent more than £2.1 billion in fraud losses in 2024 – Cifas delivers specialist training through its Cifas Fraud and Cyber Academy and Digital Learning programme. 

For more information visit our website, or connect with us on LinkedIn and X. 

About Fraudscape 

Fraudscape is Cifas’ flagship report which combines data from its National Fraud Database (NFD) and Insider Threat Database (ITD), alongside intelligence provided by Cifas members, partners, and law enforcement. 

Fraud Types Explained 

Account Takeover: when a criminal uses stolen personal details, often gained through fake emails or texts, to break into and control someone’s existing account. 

Misuse of Facility: where an account or product is misused by the genuine account holder. 

Insider Threat: an intentional risk that occurs within an organisation. 

Contact us at press@cifas.org.uk