Fraudscape 2026: Fraud cases hit record highs as criminals adapt and scale

Fraudscape 2026: Fraud cases hit record highs as criminals adapt and scale

• More than 1,200 cases recorded every day to the National Fraud Database

• Identity fraud and account takeover drive the majority of harm

• AI and international crime networks accelerate fraud

Cifas, the UK’s leading fraud prevention service, has revealed that more than 444,000 cases were recorded to the National Fraud Database (NFD) in 2025 – the highest number ever recorded in a single year, and a 6% increase on 2024.

The scale of fraud continues to accelerate, with Cifas members recording more than 1,200 cases every day and preventing £2.4 billion in fraud losses. Almost three quarters (72%) of all cases reported in 2025 were linked to identity fraud and facility takeover, underlining how criminals are increasingly using stolen or compromised personal details as a gateway to wider financial harm.

The continued rise reflects how rapidly fraudulent activity is evolving. Criminals are adapting their tactics to exploit technological, economic and behavioural changes, with AI and generative technologies enabling convincing impersonations, fake documents and synthetic identities to be created at speed and scale.

At the same time, fraud is becoming increasingly complex and international, with organised crime groups operating across borders and targeting multiple sectors simultaneously.

Mike Haley, CEO of Cifas, said: “Our data and intelligence show how fraud is being industrialised, with AI accelerating crime that is increasingly digital, organised and international. Fraud must be treated as a national enforcement priority. Closing the gap requires decisive action, robust disruption of criminal networks, and greater sharing of cross‑sector data and intelligence to stop fraud at the source.”

Facility (account) takeover continues upward trajectory

More than 78,000 facility (account) takeover cases were reported in 2025, accounting for 18% of all NFD filings and representing a 6% increase on 2024.

Cases linked to mobile phone products continue to dominate, followed by online retail and personal credit cards, together accounting for around 90% of all takeovers. There has also been a notable rise in unauthorised SIM swaps (up 38%), driven by the availability of stolen personal data and increasingly automated attack methods.

Criminals have continued to exploit AI to enhance malicious communications and automate credential attacks, adopting stealthier tactics – such as disabling alerts and gradually altering account details – to avoid detection.

Identity fraud remains the most prevalent threat

Over 242,000 identity fraud cases were filed, accounting for 54% of all fraud-risk cases recorded to the NFD in 2025.

While this represents a 3% decrease on 2024, identity fraud remains the single most common fraud type reported by Cifas members. The decline in cases filed reflects a shift in tactics, rather than a reduction in harm, as criminals increasingly move towards account takeover, particularly targeting the telecoms sector for mobile phone products. The largest identity fraud rises were seen in bank accounts (over 63,000 cases representing a 10% uplift) and insurance (rising 26% with more than 16,000 cases).

Misuse of facility surges

There were more than 106,000 misuse of facility cases recorded to the NFD in 2025 – a 43% increase compared to 2024, marking one of the sharpest rises across all fraud types.

In addition, over 22,000 cases were recorded by Cifas members following the introduction of a new money mule filing category. These cases impact not only personal and business bank accounts, but an expanding range of other financial facilities such as personal credit cards, pre-paid cards and money transfer accounts.

Money muling remains a persistent and evolving threat particularly across social media with criminal recruitment tactics and lures including job scams, ‘business opportunities’ and even overpaying sellers for items via online marketplaces.

Stephen Dalton, Director of Intelligence, at Cifas, commented: “Rising cases reflect both the scale of offending and improved reporting by organisations. Criminals are shifting to more subtle methods such as credential stuffing, SIM swaps, and gradual profile changes, to evade detection.

“We anticipate more use of AI to personalise attacks and build credible, long-term profiles – reinforcing the need for cross-sector collaboration to spot patterns earlier.”

Nick Sharp, Deputy Director of Fraud at the National Crime Agency (NCA), added: “Fraud now makes up 45% of all crime in England and Wales and we are all too aware of the devastating harm it causes to victims. This is why it is recognised as a National Security and Serious Organised Crime risk in the UK.

“The NCA is continuing to strengthen its leadership and response to the threat of fraud, with convictions by UK law enforcement up 27% since 2022 and increasing examples of international engagement helping increase our ability to tackle the problem when it comes from overseas.

“Fraudscape continues to be an invaluable source of information and intelligence that helps us maximise our understanding of the threat and where we can best direct our operational efforts.”

Download the Fraudscape 2026 report.

ENDS

Notes to Editors

For more information, please contact Hayley Paterson, Cifas Press and PR Manager, on 07494 751992 or press@cifas.org.uk.

About Cifas

Cifas is the UK’s leading not-for-profit fraud prevention service with nearly 800 members from across key economic sectors including banking, retail, insurance, and telecoms. Cifas protects businesses and individuals from fraud through the sharing of data and intelligence sharing between the private, public and third sectors. In addition to providing products and services – which helped businesses prevent more than £2.4 billion in fraud losses in 2024 – Cifas delivers specialist training through its Cifas Fraud and Cyber Academy and Digital Learning programme.

Website | LinkedIn | X

Contact us at press@cifas.org.uk