Fraudsters netted £503 million and diverted the cash to organised crime in the first six months of the year, according to new data.
Trade body UK Finance revealed £145 million was lost to scammers tricking victims into bank accounts run by crooks in unauthorised push payments (APP) and £358 million was stolen in bogus bank transfers by criminals posing as account holders.
And although the victims of unauthorised bank transfers will pick up a full refund, those tricked by APP scams have no legal protection.
However, banks and financial firms have paid £31 million of the lost £145 million to customers as refunds.
Two out of three APP scams tricked victims into paying in advance for goods or services like holiday car rentals which were never supplied or did not exist.
UK Finance warned that most of thee frauds took place through online auction sites or social media.
Almost 4,000 scams involved crooks posing as the police, bank staff or other officials to trick their victims into parting with an average £11,400 in cash.
Other popular scams include investment scams and romance rip-offs.
The figures show 1,350 investors lost £20.9 million at an average of £15,305 a case, while online dating scams ensnared 571 lonely hearts who were tricked into paying fraudsters £5.3 million, losing an average of £9,282 each.
Katy Worobec, managing director of economic crime at UK Finance, explained the figures showed scams posed a “major threat” to bank customers in the UK.
“The criminals behind it target their victims indiscriminately and the proceeds go on to fund terrorism, people smuggling and drug trafficking, whether or not the individual is refunded. Every part of society must help to stamp out this menace, especially by stopping the data breaches which increasingly are fuelling fraud,” she said.
She also revealed that the finance industry was investing millions of pounds to fight fraud and that providers had blocked attempts to scam a further £700 million from customers already in 2018.
The report explained most scams involved remote contact by phone, email, or social media from crooks posing as genuine people or officials. They trick victims into revealing personal information which is used to gain access to bank or card accounts.