Thousands of Britons are targeted by online fraudsters every single day — and the average victim loses as much as £325 to the scammers. But does your current postcode increase your likeliness of being scammed?
One unintended consequence of the nationwide lockdowns used throughout the Covid-19 pandemic was the explosion in online crime as criminals were forced to find ways to target people who spent the vast majority of their time at home.
And the rise in online scams shows no sign of stopping. Research from BDO, the fifth-largest accounting network on the planet, shows that fraud cost the UK an eye-watering £2.3 billion last year — more than double the figure from 2022 and the second-highest annual total recorded by BDO in two decades.
Security experts McAfee have published new research that shows exactly where in the UK these online crimes are taking place. And those living in the capital should be on high alert.
According to a study conducted by anti-virus firm McAfee in partnership with Censuswide, 18% of people living in London have fallen for an online scam in the last year, making the city a prime target for scammers.
McAfee research has revealed the hotspots across the UK where you're most likely to be hit with an online scam
MCAFEE RESEARCH | GBN
Bristol, which is roughly the sixth most populous city in the UK, came in second place for scams with 16% and Southampton clinched the final podium position with 14% of people falling for scams. Southhampton isn't even in the top 20 when it comes to population levels for UK cities, so this isn't simply a numbers game.
McAfee also looked into the safest cities in the UK, with the fewest number of people who have been tricked into online scams within the last year. Norwich had the fewest victims of online crime, with a minuscule 2% of its population falling prey to online hackers, followed by Belfast (3%) and Glasgow (4%).
Online scams take many forms, but one of the fastest-growing trends involves fake QR codes, security researchers at McAfee have warned.
According to the survey conducted by McAfee, over a fifth (21%) of all online scams in the UK could have originated from a QR code, with the average amount lost totalling £325.
Known as Quishing, this QR code-based scam has surged in recent months.
McAfee researchers found 100,000 examples targeting people in the UK via email alone. The sheer volume suggests a sophisticated Artificial Intelligence (AI) could be behind the renewed push, they tell us.
Ranking | City | How many have fallen for scams |
1 | London | 18% |
2 | Bristol | 16% |
3 | Southampton | 14% |
4 | Nottingham | 14% |
5 | Manchester | 14% |
6 | Leeds | 13% |
7 | Liverpool | 12% |
8 | Sheffield | 11% |
9 | Cardiff | 10% |
10 | Birmingham | 10% |
11 | Brighton | 9% |
12 | Edinburgh | 5% |
13 | Glasgow | 4% |
14 | Plymouth | 4% |
15 | Belfast | 3% |
16 | Norwich | 2% |
QR codes have existed since the mid-90s, but exploded in popularity during the Covid-19 pandemic when restaurants, shops, and pubs wanted to prevent customers from sharing printed menus and other physical items. Developed by Japanese firm Denso Wave — a division of Denso, which is a subsidiary of automobile giant Toyota — to track parts during the car assembly process.
The pattern that makes up a QR code can house a surprising amount of information — up to 4,000 characters of text, as it turns out. This can be used to direct users to URLs, phone numbers, PDF documents, or kickstart a download from the Apple App Store or Google Play Store.
QR codes are sometimes used to authenticate online accounts and verify login details. When launching a new session on WhatsApp Web, iPhone and Android users will need to scan a QR code on their laptop or desktop PC to verify they're the account owner.
Scammers are even placing fake QR codes over genuine ones in public places GETTYThey are also found in airports, car parks, train stations, on posters and billboards. Stickers with fraudulent QR codes have been placed over legitimate ones by scammers to steal money from unsuspecting victims. One victim in Thornaby, north-east England lost £13,000 to scammers who used this exact method last year. Rail firm TransPennine Express removed all QR codes from its car parks following reports of the scams
Cybercriminals exploit the ease of use of QR codes, using doctored links that pose as legitimate websites in the hopes you’ll follow them to a malicious site designed to trick you into making a payment, handing over your personal or financial information or installing malware on your device.
With the help of AI, these phishing sites are becoming even more compelling and believable.
Speaking about the results of the research, Head of EMEA at McAfee, Vonny Gamot told us: "While our research shows that Londoners are more likely to fall for scams, it doesn’t mean that people from other places and regions are immune. Plus, with a recent rise in malicious QR code scams, which are inherently difficult to spot, and the fact that over a fifth of all scams could have originated this way, it’s critical that we all take a moment to review our online safety.
“Being aware of the latest scams, such as Quishing, is an important step in protecting your privacy and identity online, but it’s also wise to be cautious of any requests for information or money. Take a close look at URL previews that appear after scanning a QR code and if something seems off, don’t follow it. Always go direct to the source and always use a known and trusted payment method.”
Recent research by NordVPN showed that Gen Z and Millennials are the most avid users of QR codes among all age groups. A third (31.5%) of individuals aged 18 to 34 use QR codes to access public Wi-Fi. Meanwhile, 28% of those aged between 18 and 24 express a preference for QR codes over physical menus in restaurants and pubs.
