So what are banks doing to tackle the British fraud epidemic?

Threat: since fraudsters are becoming increasingly adept at circumventing their security measures, the banking system is forced to invest millions in new technology

Located in the heart of London's financial district, Matt sits at his desk and sees line on line numbers and letters light up on the two computer screens in front of him.

For the uneducated eyes it looks like the kind of coded code that you might encounter in the movie The Matrix. But in fact, the blinking screens contain a lot of information about hundreds of thousands of online banking customers.

Welcome to the front line in the fight against the British fraud epidemic that costs victims around £ 1 billion a year.

Threat: since fraudsters are becoming increasingly adept at circumventing their security measures, the banking system is forced to invest millions in new technology

Threat: since fraudsters are becoming increasingly adept at circumventing their security measures, the banking system is forced to invest millions in new technology

Matt is part of a 2500-strong fraud team at Lloyds Banking Group. As a fraud investigator, it is his job to control every customer movement and see the criminals who operate between the bank's 22 million current accounts.

The amount of data that he keeps a daily eye on is amazing. He is looking for something extraordinary, whether it's a customer who logs in from an unusual location or just type slower than usual.

But with around 7,000 customers from the group's three banks – Lloyds, Halifax and Bank of Scotland – who log into their online and mobile accounts every minute, it's as if they're trying to find a pin in a haystack, Matt admits.

Here, Money Mail reveals for the first time exactly what the banks are doing behind the scenes to deal with fraud – and how you can get involved in the fight.

They keep an eye on every movement

While fraudsters are increasingly able to circumvent their security measures, the banking system is forced to invest millions in new technology that helps to stop criminals.

To help protect customers, Lloyds has built an advanced fraud monitoring system that registers your move when using your online account.

The system can detect how you behave physically – how quickly you type your password or move the cursor over the computer screen. It records how often you log in to your account and at what time of the day.

And it can track which mobile phone or computer you use to access your account and where in the country where you are when you do so.

To help protect customers, Lloyds has built an advanced fraud monitoring system that registers your move when using your online account

To help protect customers, Lloyds has built an advanced fraud monitoring system that registers your move when using your online account

To help protect customers, Lloyds has built an advanced fraud monitoring system that registers your move when using your online account

The bank also knows your income, where you shop and how much you normally spend at a time. All this information is used to compile a secret profile of each customer that describes their typical behavior.

It sounds scary like Big Brother, but by drawing a picture of the normal behavior of each customer, it's much easier for banks to recognize that needle in a haystack fraudmer who may have access without your knowledge has your account.

Boffins in T-shirts and jeans

At the digital headquarters of the bank in central London – a short walk from where Matt looks at his screens – online fraud expert Nihal explains how it all works.

The digital office seems more suitable for people such as Google or Facebook than one of the oldest banks in Great Britain.

It is full of brightly colored, coffee-colored sofa's, bright green wallpaper and groups of young men dressed in T-shirts and jeans floundering excitedly in groups on computer screens.

If a fraudster can tempt you to reveal your credentials – by sending an email that pretends you are from your bank or installing software on your computer that keeps track of your keystrokes, for example – they have easy access to your account, Nihal me.

But as soon as they log in, the computer system of the bank – called the Risk Engine – waits to catch them. It looks for suspicious activities that are outside the character of that customer.

So if someone logs in to your account from a computer in Manchester, for example, when you live in London, or type in the password much slower than normal, the system will place a warning on the account.

If nothing suspicious happens afterwards, the warning can be downgraded. After all, it is possible that you are trying to check your balance from a friend's house and have trouble remembering your password. In this case you would probably not even know that something had happened.

But if a more risky operation is carried out – such as setting up a new beneficiary or transferring money from your savings account – the warning will be upgraded.

In this case your account can be blocked until the bank conducts further investigation. This may have to do with text messages and from the customer to find out if they wanted to make a transaction.

"The trick for us is to find the balance between supporting customers to make real transactions without the annoyance that their account is frozen and stopping the bad guys", says Nihal.

The need for this balance means that the system does not always automatically block a payment, just because it is slightly different.

For example, it is programmed to expect a peak in unusual purchases in the run-up to Christmas and on Black Friday. And even major product launches like a new iPhone will be taken into account.

Last year British banks and card companies stopped more than £ 1.4 billion in fraud attempts. But cyber criminals still get away with £ 1 in every £ 3 they target

Last year British banks and card companies stopped more than £ 1.4 billion in fraud attempts. But cyber criminals still get away with £ 1 in every £ 3 they target

Last year British banks and card companies stopped more than £ 1.4 billion in fraud attempts. But cyber criminals still get away with £ 1 in every £ 3 they target

Look up the money coins

Back at Lloyd's headquarters of fraud, Matt also relies on technology to eliminate accounts that he suspects of being fraudulently used.

He uses a specially built anti-fraud system that collects information about every customer who logs in, such as name, age and address, transaction history and whether they are linked to other customers.

It also registers which internet provider they use and the IP address of their computer – which can determine where a computer is located within a 25-mile radius.

The system then uses all this information to discover combinations of activities most closely associated with fraudsters. The exact details of how the anti-fraud system works are top secret – but Matt likes to see it in action.

He points to a login ID number on the screen that is suddenly highlighted in red. When criminals get the account information from real customers, they often try to use their own smartphones to log in.

This login is marked because it comes from a phone that has previously been used for fraud, & # 39; he says.

& # 39; When someone uses a suspicious phone to log into one of our accounts, we receive a notification and the account is frozen while one of our investigators looks at it, "he adds.

He clicks on the ID number that opens a record that shows that the same phone has been logged on to accounts owned by three different customers in the last three months. This is a classic sign of a fraudster and Matt freezes the account immediately.

All details of this account – including information about how, when and where the fraudster opened it – are entered into the system, which uses artificial intelligence to learn similar activities in the future & # 39; & # 39; and to recognize. Matt explains that some banks have started sharing this information to help them stop fraud before it happens.

He gives details about an account that has just been blocked for receiving money paid by an ignorant victim of scam.

The owner of the blocked account is a French citizen who lives in Great Britain and has lived with Lloyds for five years without any problems.

He seemed to be a real customer who paid a weekly wage on the account and had no history of fraud. But in June, NatWest issued a warning to banks about a man with similar details who had been caught dealing with money for scammers.

This generated a warning flag in the Lloyds system, which triggered a higher level of monitoring for suspicious activity in his account.

So when he suddenly received a £ 90,000 payment from a US bank account two months later, the fraud team was immediately alerted and could freeze the account before he had the chance to relocate the money.

Matt and the team believe that the Frenchman acted as a money mule – someone who agrees to have their account used by criminals in exchange for a fee. Fraudsters use mules to quickly move money through the banking system, making it difficult to trace.

At the beginning of this year, Lloyds launched a new team of 20 people to track down and stop money mules. Since then, it has unmasked 13,000 mule accounts and put in £ 3.3 million to fall into the hands of fraudsters.

Matt's boss, head of fraud investigation Simon Jobson, tells me that in recent months it has become a growing problem, with criminals targeting students and young people on Facebook with promises of quick and easy money. Many do not realize that it is illegal or that it can exclude them from opening a bank account in the UK.

"Mules are now one of the most important issues we are dealing with," he says. Many of the people involved were perfectly good customers who had never been in trouble, but they meet someone at a party or see a message on Facebook or Instagram in which they promise that they can easily cash in. & # 39;

If someone signs in to your account from Manchester when you live in London, the Lloyds system will alert you to the account

If someone signs in to your account from Manchester when you live in London, the Lloyds system will alert you to the account

If someone signs in to your account from Manchester when you live in London, the Lloyds system will alert you to the account

Always think before you click

Last year British banks and card companies stopped more than £ 1.4 billion in fraud attempts. But cyber criminals still get away with £ 1 in every £ 3 they target.

Although advanced technology is able to recognize a suspicious payment or a fraudster logs into your account, it is much more difficult to see if you were misled to send money at the request of a scammer.

This type of scam is known as & # 39; social engineering & # 39 ;. A common schedule sees it for fraudsters who act as police or bank staff who call customers to tell them that their account has been compromised and that they have to transfer their money to a safe & secure # & # 39; account.

This scam can be incredibly convincing, so Lloyds has introduced a fraud checkpoint system that asks customers two security questions before they can make certain payments, such as sending money to a new account. The goal is to force people to think about what they do.

First customers are asked if they are told that they have to execute the transaction by the police or bank staff, with a warning that they would never do this.

The following question varies, but an example is: & # 39; Have you received a phone call or e-mail stating that you must make this payment? & # 39;

Customers are reminded that no bank would contact customers in this way to suggest that they would move money.

If there is ever a real problem with your account, your bank would probably text and or call and ask you to contact us.

Never call the given number if it is a scam. Instead, call back using the phone number on the back of your bank card or go directly to an office and speak to an employee.

The most devastating blow when you are the victim of this kind of scam, is that it is unlikely that you get your money back.

Under existing bank rules, if a fraudster steals a person's card details and withdraws money from his account without his consent, his bank must repay the customer – unless they have been negligent with their personal information, for example by telling their password or pin code to someone else.

However, there is currently no such protection for people who have been duped into handing over their money – known as authorized fraud. In this case you will usually only get your money back if you can prove that the bank has made a mistake.

Paul Davis, director of retail fraud at Lloyds Banking Group, says: "Fraudsters can be incredibly convincing and can even panic the most skilled people when they hear that their money is being threatened and that it needs to be moved.

& # 39; The important thing is to stop and ask yourself who is contacting you and what they are asking you to do? & # 39;

Report fraud cases – even if you are not outside your pocket – to Action Fraud online at actionfraud.police.uk or call 0300 123 2040.

  • Some names have been changed to protect identities.

money.mail@dailymail.co.uk

.