Over 2,000 suspected copycat banking websites masquerading as real banks such as Barclays or HSBC were reported in 2023 as scammers try to part unsuspecting consumers from their money.
The affected banks were Barclays, HSBC, Halifax, Lloyds, Monzo, Nationwide, NatWest, Santander and Starling, according to report by the consumer body and the DNS Research Federation (DNSRF), an Oxford-based non-profit that does data-driven policy research on domain names and internet governance.
The DNSRF found that more than 2,000 URLs containing specified UK bank brands were reported to a phishing blocklist in 2023. The words “Santander” and “Barclays” appeared most often in blocklists.
Rocio Concha, Which? director of policy and advocacy, said: “It’s hugely concerning that thousands of banking copycat websites were reported in a single year — potentially leaving millions of consumers exposed to fraudulent content online.
Consumers who are just trying to bank online should not have to shoulder the responsibility of reporting scam sites and chasing domain registrars to take them down.”
The consumer group also asked more than 1,200 Which? members how much they knew about copycat banking sites.
When asked if they had ever unwittingly entered their details into such websites, 2% thought they had, while a further 3% were unsure.
Only one in four (27%) knew that you could use a domain lookup service such as who.is to see when a site was registered.
Doing this would allow consumers to spot a brand-new website masquerading as a long-established bank.
The vast majority of respondents were able to identify that strange or unofficial-looking web addresses, poor spelling and grammar were hallmarks of a scam site.
The consumer body is calling for new legal duties to force domain registrars to do more to prevent these scams appearing in the first place.
“Domain registrars have a much bigger role to play in the fight against online fraud,” says Concha.
“With an election just around the corner, the next government must make fighting fraud a national priority, and place new legal duties on these companies to prevent scammers from setting up these fraudulent copycat websites.”
The UK government is currently consulting on new powers to seize domains being used for criminal purposes.
Liz Ziegler, fraud prevention director at Lloyds Bank said: “We recognise the threat posed by fraudsters attempting to impersonate our brands.
This problem isn’t unique to us, unfortunately all major companies are targeted by organised crime groups.”
The post Huge increase in fake, copycat bank websites appeared first on Payments Cards & Mobile.