Half of adults in England and Wales receive 'phishing' messages, ONS data reveals

New data from the Office for National Statistics (ONS) revealed that half of adults in England and Wales received a 'phishing' message for the year ending March 2022.

According to results from the Telephone-operated Crime Survey of England and Wales (TCSEW), those aged 25 to 44 years are most likely to be targeted.

Sent via email, phishing involves messages from fraudsters posing as legitimate organisations to extract personal information, or money, from the victim.

There was a nine-fold rise in 'advance fee fraud' (victims making upfront payments for goods or services which then do not materialise) and a 57 per cent rise in "consumer and retail fraud" from pre-pandemic levels, the ONS said.

Also, there is a 25 per cent rise in fraud on pre-pandemic levels (to around 4.5 million offences) in the year to March 2022. Almost two thirds (61 per cent) of these were flagged as cyber-related.

"Phishing scams continue to pose a significant threat for both individuals and businesses. I would urge everyone to be vigilant of unexpected messages or calls that ask for your personal or financial information. Remember, your bank, or any official source, will never ask you to supply personal information via email or text message," said Detective Chief Superintendent Oliver Shaw, City of London Police.

In the latest year, 4.8 per cent of all fraud was perceived to be coronavirus-related, rising to 6.3 per cent of all cyber fraud. In one campaign, victims received text messages apparently from the NHS claiming they had been in close contact with someone who had the Omicron variant.

The message provides a link to a website claiming to be hosted by the NHS where they can book a test, prompting them to provide personal information and pay a delivery fee.

The other 'fraud trends' include the promise of energy and council tax rebates or encouraging people to apply for a "cost of living payment", mimicking genuine government support packages.

More than a third (35 per cent) of those responded to the message said that they did so for financial or material gain, and 30 per cent to pay an invoice or bill.

In the two weeks to 5 August 2022, more than 1,500 reports were made to the Suspicious Emails Reporting Service (SERS), run by the National Cyber Security Centre, about scam emails pretending to be legitimate energy rebates from Ofgem, the energy regulator.

"It is shameful that in a time of financial hardship, criminal are targeting members of the public by claiming they are entitled to receiving rebates and refunds. If an email is genuine, the company will never push you into handing over your details," said Detective Chief Inspector Hayley King, City of London Police.

According to officials, 'smishing', fraud using text messages, is also common as email phishing. Almost a third (32 per cent) of respondents reported receiving a message via text or instant messaging,

More than half of those who received phishing messages reported they were from senders posing as delivery companies, a third (32 per cent) received messages from their bank or building society, and a quarter (25 per cent) from government services.

There is also rise in reports about scams where victims are targeted on WhatsApp by criminals pretending to be someone they know – typically their children.

Between 3 February and 21 June 2022, 1,235 reports were linked to this scam, with total losses exceeding £1.5 million.

Messages typically open with “Hello Mum” or “Hello Dad” and will say that they are texting from a new mobile number as their phone was lost or damaged. They will then ask for money to purchase a new one or claim that they need money urgently to pay a bill.

Other scams include posing as companies such as Tesco and Amazon, offering reward cards or vouchers in exchange for personal information.

"Fraudsters are using increasingly sophisticated methods to trick people into parting with their personal and financial information. Checking to make sure the person or organisation is genuine, contacting them via their official website, and using the Check-a-website tool to make sure the site is safe, are all ways to thwart a phishing attempt," said Sandra Peaston, Director of Research and Development at Cifas, a UK fraud prevention service.

Adults aged between 25 and 34 years or 35 and 44 years were more likely to receive a phishing message (58 per cent and 60 per cent respectively) than other age groups.

Those aged 35 to 44 years also had the highest proportion of respondents who replied to the message or clicked a link (4.8 per cent).

Practical advice from Action Fraud

• If you have any doubts about a message, contact the organisation directly.
• If you think an email could be a scam, you can report it by forwarding the email to: report@phishing.gov.uk.
• Most phone providers are part of a scheme that allows customers to report suspicious text messages for free by forwarding it to 7726.
• If you have lost money or provided personal information as a result of a phishing scam, notify your bank immediately and report it to Action Fraud at www.actionfraud.police.uk or by calling 0300 123 2040. In Scotland, call Police Scotland on 101.

"I'd encourage people to remain vigilant of any suspicious emails or texts and report them via these channels to the NCSC. If found to be malicious, we will take appropriate action to remove them," said Sarah Lyons, NCSC Deputy Director of Economy and Society Resilience.