It is International Fraud Awareness Week, a promotional exercise created by the Association of Certified Fraud Examiners (ACFE). Normally this would be enough to prompt me to write something encouraging about the ACFE’s efforts, but this year I had some reservations. What exactly are promoters of fraud awareness week trying to promote awareness of? There are so many kinds of fraud that ACFE cannot be prescriptive about the messages that many varied organizations choose to share at this time. And the kinds of organization that engage with fraud awareness week are very varied indeed. Nobody is arguing that Barnsley Council is less justified in drawing attention to fraud than French technology conglomerate Thales, or that the Serious Fraud Office in New Zealand has less reason to highlight the week than a big accounting firm in Germany. However, there is not much they can say about fraud which is common to all of them, apart from the fact that fraud is dishonest and wrong, and that it would be good to reduce it. As each year goes by, I increasingly question whether enthusiasm for International Fraud Awareness Week is correlated to the lack of coherent national strategies for reducing fraud. Talking about public awareness seems to have become a substitute for talking about ways to stop crime, or how to catch criminals and put them in prison.
Just look at the stories above. Real action has been taken to reduce fraud in Thailand, India and South Africa. Meanwhile, the biggest anti-fraud news in the UK this week has been that Virgin Media O2 (VMO2) created an AI grandmother called ‘Daisy’ which wastes the time of scam callers. It is an effective story, perfectly executed so it would be repeated by the press all over the UK and in many foreign countries too. But Daisy is not a genuine attempt to reduce crime. Daisy is a marketing gimmick. Daisy was made by advertising agency VCCP, not by some team of fraud managers or coders employed by a telco. This should be obvious from the fact that VCCP went to a lot of trouble to create animated images of Daisy holding her cat or sitting in her chair at home; nobody who calls Daisy’s number will ever see her animation, not that she looks like a real person anyway. She even has flaws typical of using pseudo-clever AI to create images that seem convincing until you examine them closely; even the dottiest grandmother is unlikely to place her wedding ring over the rubber gloves she uses for washing up.
Daisy is not even an original idea; others have previously shown that you do not need ‘artificial intelligence’ to fool fraudsters by playing them the recording of somebody pretending to be confused, distracted and hard of hearing. For example, ‘Lenny’ is a bot that has been wasting the time of callers since 2009. VMO2 have tried to make this marketing campaign seem more like a genuine attempt to tackle crime by asserting they have seeded Daisy’s number so that scammers will be likely to call it. Perhaps they have; they did not share details about how many numbers have been dedicated to Daisy. The real impact that Daisy will have on scammers depends more on the number of lines dedicated to this tool, and how often the numbers are changed, than the number of views for a TikTok video depicting Daisy chatting with a z-list celebrity from a reality television program. However, if VMO2 really wanted to stop crime, they would not have publicized Daisy’s existence. Drawing attention to Daisy only guarantees that scammers will more rapidly identify and then avoid any numbers allocated to her.
Wasting the time of scammers is not a genuine strategy for fraud reduction. We should be talking about when telcos will implement genuine honeypots that are designed to gather intelligence about criminals so it can then be shared with authorities responsible for catching them, as well as improving the quality of controls that identify and block bad traffic. Just last week I asked technical experts from Ofcom, the UK’s comms regulator, about whether there were any plans to start using phone honeypots to identify and measure scam activity on a national scale. They gave an answer which was non-committal for obvious reasons: there is no serious intention to use technology like this. So it strikes me as absurd that an ‘awareness’ campaign is giving people the impression that one of the UK’s biggest telcos is protecting them using phone lines and technology that could just as easily have been devoted to establishing a real and permanent honeypot.
Perhaps the reason why no British telco wants to implement a genuine phone honeypot is the belief that nobody in law enforcement will act upon any intelligence gathered by a honeypot. Some people keep saying the UK has a serious strategy for policing fraud. The UK now has some words written on paper; whether this is considered a strategy depends on what you think is the minimum required for a coherent strategy, and whether there is a sincere intention to execute the strategy as stated. VMO2 clearly has doubts about the UK’s anti-fraud strategy. This was evident from a much more significant press release issued by VMO2 just a few weeks ago, and which saw the operator abandoning the ‘see no evil, hear no evil, speak no evil’ policy which Britain’s biggest telcos had studiously followed for decades.
Police forces are not given enough power or resources to counter professional gangs of fraudsters committing crime without consequence, Virgin Media O2 has today warned as it calls on the new Government to make tackling fraud a priority.
…only 1 in 20 (6%) cases reported to Action Fraud ever reached police forces for investigation in the 2023/2024 financial year and for those that did, few resulted in charges.
When forces were asked how many officers they have dedicated to investigating fraud, three police forces revealed they didn’t have any — despite each employing thousands of staff — highlighting how chronic under-resourcing has impacted the police’s ability to act.
Virgin Media O2 has hired former police officers to investigate prolific fraudsters and submitted 34 police-compliant evidence packs focused on cases where they believe there is realistic prospect of a conviction over the past two years. It has only been made aware of two successful prosecutions.
Virgin Media O2 is now calling on the new government to take accountability for stopping fraud at its source by appointing a dedicated fraud minister and creating a single centralised, specialised and properly resourced national policing body responsible for investigating all instances of fraud. This will bring together fraud specialists, enabling them to act across borders, share data and draw on local expertise as needed to fight fraudsters.
It matters that one of Britain’s biggest telcos said we need at least 400 more police officers fighting fraud than the government has currently budgeted for. However, you would struggle to find any mention of this figure by the news media. Meanwhile, the public is supposedly more aware of fraud than before because an advertising agency created an animation of an old woman. Are these the right priorities for a country that believes it has a serious anti-fraud strategy?
VMO2’s activities have made me more aware of differences between countries that are actually fighting fraud and countries where talk is treated as a substitute for action. The public should be aware of the work done by law enforcement to tackle crime. If police and prosecutors lack the necessary resources then the public should be aware of the government’s explanation for why those resources have been withheld. The UK is not the only country whose biggest problem is that ‘fraud awareness’ is being used to distract the public’s attention from how little is being done to protect them.



