Action Fraud? Inaction Fraud

Graham Cluley
Graham Cluley
@[email protected]

Action Fraud

In the UK, if you are the victim of a computer crime you are advised to contact Action Fraud.

Action Fraud farms out the calls it receives – from those, for instance, who have been scammed or had their computers infected by ransomware – to an external call centre. It’s then Action Fraud’s job to decide which crimes are worth reporting to the National Fraud Intelligence Bureau for investigation.

In recent months serious questions have been raised about whether British victims of cybercrime are getting the support they deserve from Action Fraud.

Sign up to our free newsletter.
Security news, advice, and tips.

According to an undercover probe earlier this year, staff on the Action Fraud helpline have mocked victims by referring to them as “morons” and “psychos”, and tricked victims into thinking their cases will be investigated when most are never looked at again.

Inside the call centre mocking fraud victims | Times Investigation

Watching the undercover filming you cannot help but get the feeling that the authorities have pretty much given up trying to fight the majority of online crime, and that the Action Fraud helpline is largely for show.

That opinion is growing more popular, as proven by the creation of a parody Twitter account for Action Fraud (called, appropriately, @InactionFraudUK.)

Earlier this month, a senior police officer who asked to remain anonymous told the consumer group Which? that of the approximately 650 cybercrime reports filed to Action Fraud each month from his force’s area, only ten cases were passed on for investigation.

And yet, still victims of cybercrime are being told to contact Action Fraud.

Just in the last few days, for instance, Commander Karen Baxter, the national co-ordinator for economic crime at the City of London police which runs Action Fraud, went on BBC TV’s “Rip Off Britain” show to encourage those who have suffered at the hands of online criminals to contact the service.

But, as The Register reported today, official statistics reveal only 20,329 cybercrime offences were referred by Action Fraud to the National Fraud Intelligence Bureau in the 12 months to June this year – a figure massively overshadowed by the Office of National Statistics’ official Crime Survey for England and Wales which estimates the number of computer misuse offences at 977,000.

If the survey’s figures are correct, only 2% of computer misuse crimes are passed on to the actual police who could investigate them.

Is it any wonder people don’t bother reporting cybercrime to Action Fraud if they believe they won’t be treated with respect and taken seriously, and if the chances that the crime they have suffered will be investigated are so minuscule?

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

One comment on “Action Fraud? Inaction Fraud”

  1. Vog Bedrog

    Genuine financial crime is a serious issue. Fielding 'fraud' reports however does involve a lot of repetitive handling of transactions that clients don't remember, don't recognise, weren't expecting (eg. signed up for an online offer that was really a stealth subscription), or would prefer to lie about rather than accept responsibility. Or cases where they've wandered into a scam that (to someone who routinely handles such reports) 'should' have been obvious. And this while they're often panicked, angry, or illogical; basically at their worst due to understandable circumstances.

    This is not to excuse the attitudes on display here; professionalism needs to be maintained. It's not easy, and staff without extensive experience in client conflict resolution are not the ideal choice to do this. I think that is the fundamental problem here.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.