UK businesses, charities, and high-value account holders are being urged to stay alert following a surge in impersonation scams where criminals pose as bank fraud teams to steal money.
The warning comes from the Cyber Defence Alliance (CDA), fraud prevention service Cifas, and banking trade body UK Finance ahead of International Fraud Awareness Week (16–22 November).
According to CDA intelligence, scammers have been using remote access software to take control of victims’ computers and drain bank accounts. In several cases, individuals have lost over £1m. The scam typically begins with a phone call, sometimes preceded by a text message, from someone pretending to be from a bank’s anti-fraud department.
Victims are told their account has been compromised and are directed to a convincing but fake bank website. There, they are prompted to click a “chat” button that installs hidden software, giving fraudsters full access to their device and online banking. Once inside, criminals can move funds, add new payees, and intercept one-time passwords. Some victims have even been tricked into enabling call forwarding, which blocks legitimate contact from their bank.
CDA operations director Garry Lilburn said, “If you receive a message or call that feels unusual, take a moment to consider whether it matches how your bank normally communicates. If anything seems off, end the call and report it using your bank’s official contact methods.”
Cifas CEO Mike Haley said, “Fraudsters are creating a false sense of urgency to exploit people’s trust and steal large sums of money. Banks will never ask you to download software or transfer funds to protect your account. If you receive an unexpected request, take a step back and question it before responding.”
UK Finance principal of remote banking channels Dianne Doodnath said, “Impersonation scams often begin with a message or call claiming to be from a trusted organisation. Criminals may try to rush you by saying your money is at risk. To protect yourself, follow the Take Five to Stop Fraud advice: pause, check the source and only respond using verified contact details.”
Adding to the warnings, SmartSearch chief technology and product officer Stuart Morris highlighted the scale and sophistication of today’s scams. “This latest wave of impersonation scams shows just how inventive—and brazen—criminals have become in exploiting public trust,” he said. “From fake bank calls and cloned investment websites to bogus ‘parcel’ texts and deepfake voices, fraudsters are deploying increasingly sophisticated tricks to part people from their money. The stakes are high: over £100bn in illicit wealth washes through the UK economy each year, undermining confidence and fuelling organised crime.
“Our latest research finds nearly half of regulated firms have seen a rise in criminal activity within their own operations—a warning that fraud is no longer a fringe threat but a mainstream business risk. Consumers must stay sceptical of unexpected messages or calls and never share access or security details, however convincing the pitch. Yet technology can tilt the balance. If banks and financial firms universally adopt advanced digital verification and identity tools, imposters will find it far harder to slip through the cracks. In the end, it’s a three-part defence: education, vigilance, and smarter systems. Only by combining sharper human instincts with modern detection tools can we hope to keep pace with the scammers’ ingenuity.”
The organisations are urging consumers to remain sceptical of unsolicited messages or calls and to report suspicious activity to their bank or the police. Using verified numbers from bank cards, avoiding sharing passwords, and using the “159” service to connect directly to bank fraud teams are among the recommended precautions.
Keep up with all the latest FinTech news here
Copyright © 2025 FinTech Global
