Social media companies, telecoms providers and online marketplaces face mounting pressure to tackle scams earlier after UK Finance’s Annual Fraud Report 2026 revealed criminals stole £1.28 billion through payment fraud in 2025.

The banking and finance industry body recorded almost 4.1 million confirmed fraud cases during the year, up 11 per cent, while the value of losses increased four per cent.

Authorised push payment fraud drove the rise. APP losses climbed 19 per cent to £576.4 million, with 248,070 cases recorded as criminals persuaded more victims to approve transfers themselves.

The figures prompted fresh calls from banks, consumer groups and fraud specialists for stronger action across the digital platforms and communications networks criminals use to reach victims.

UK Finance recorded that 66 per cent of APP cases began online, accounting for 32 per cent of losses. A further 17 per cent started through telecommunications channels and represented 28 per cent of losses.

Ruth Ray, managing director of economic crime at UK Finance, described fraud as an industrial-scale threat that continues to fund serious and organised crime.

“The financial sector invests huge amounts in protecting customers, but we cannot be the only line of defence,” Ray commented. “Almost £1.3 billion was stolen again last year and it is clear we are not tackling the underlying problem effectively enough.”

UK Finance wants Ofcom to place stronger fraud prevention obligations on high-risk platforms, particularly around fraudulent advertising. It also wants online marketplaces to verify sellers and keep payments within secure platform environments instead of allowing separate bank transfers.

The industry body has also called for technology and telecommunications companies to contribute financially to prevention work and share more intelligence, expertise and capability.

Investment fraud drives losses

Investment fraud caused the highest APP losses in 2025, rising 40 per cent to £221.5 million, while case numbers increased 26 per cent to 14,893. Purchase scams accounted for 71 per cent of APP cases, with losses up 20 per cent to £118.1 million. Romance fraud losses rose 23 per cent to £39.2 million, alongside a 22 per cent increase in cases.

UK Finance groups purchase, investment, romance and advance-fee scams under “malicious payee” fraud, where victims transfer money to the intended recipient after being deceived about the goods, services or opportunity on offer. Combined losses across these categories reached £437 million, up 35 per cent year on year.

Fraud involving the redirection of legitimate payments moved in the opposite direction. Losses from invoice and mandate scams, chief executive impersonation and fraud involving criminals posing as banks, police or other organisations all fell. Bank and police impersonation losses dropped 12 per cent, while case numbers declined 11 per cent.

Investment scams can begin with smaller transfers that appear consistent with normal customer behaviour before criminals encourage victims to send larger amounts. Romance scams can also develop over long periods, allowing fraudsters to establish trust before requesting money.

AI voice scams raise new concerns

Clive Summerfield, chief executive of fused-biometrics company FARx, warned that increasingly convincing AI-generated voices could give criminals another way to impersonate trusted people and organisations.

“It is incumbent on voice platform providers and social media to embed synthetic voice detection as a fundamental feature of their services,” Summerfield argued.

He compared synthetic voice detection with established protections such as spam filters, antivirus software and firewalls, and called for platforms to build it directly into their services. His comments reflect wider concern about scams that combine social engineering, stolen information, impersonation and AI-generated content.

UK Finance also highlighted the continued use of social engineering to compromise one-time passcodes in 2025. Criminals used those codes to register digital wallets or approve fraudulent transactions.

Unauthorised losses fall

Unauthorised fraud losses fell five per cent to £703.4 million in 2025, despite an 11 per cent increase in cases to 3.81 million. Banks and payment providers prevented a further £1.68 billion from being stolen, equivalent to 70p in every £1 of attempted unauthorised fraud.

Remote purchase card fraud remained the largest unauthorised category, with losses increasing three per cent to £423.5 million and cases rising 13 per cent to almost 3.2 million. UK Finance linked much of that activity to social engineering techniques that persuade customers to disclose one-time passcodes, which criminals then use to register digital wallets or approve fraudulent online transactions. The average loss per remote purchase case fell from £300 in 2016 to £132 in 2025, pointing to a higher volume of lower-value attacks.

Elsewhere, contactless fraud losses increased eight per cent to £46.8 million, while lost and stolen card losses fell two per cent to £109.8 million. Remote banking fraud losses dropped 27 per cent to £104.4 million, although case numbers rose 11 per cent and mobile banking cases increased 21 per cent.

Jonathan Frost, Director of Global Advisory for EMEA at BioCatch, warned that falling losses in some unauthorised categories should not distract from the increase in APP fraud.

“Reimbursement is not the same as prevention,” Frost commented. “APP losses are continuing to rise, and the uncomfortable reality is that criminals are extracting more money from victims through increasingly sophisticated social engineering scams.”

He urged the independent review of the Payment Systems Regulator’s mandatory reimbursement regime to focus on whether less money is reaching criminal networks.

“If the answer is no, then the regime is simply redistributing the cost of fraud rather than reducing fraud itself,” Frost added.