Stopping scams at the source: why collaboration is the only answer

Fraud has evolved into one of the fastest-growing online global threats. Long gone are the days when scams were easy to spot within a poorly worded phishing email or an obvious fake call. Today, fraud and scams are professionalised, multi-layered operations. They exploit weaknesses across sectors, from telecoms and social media platforms to banks and payment providers. For consumers, a scam feels like a single moment of deception. In reality, it’s the endpoint of a sophisticated supply chain designed to steal money and data.

Beyond the financial cost, scams also erode trust, and trust is at the heart of every customer experience (CX). Every time a fraudster or scammer slips through the cracks, the impact isn’t only monetary. It damages people’s confidence in the platforms and services they use. For companies like WebPurify and IntouchCX, protecting customers from scams is central to building safer, more reliable digital experiences.

Scott Miller, VP of Global Fraud Prevention at IntouchCX, draws an important distinction between fraud and scams. “Fraud is when someone takes over your account without permission,” he explains. “A scam is different. They are authorized transactions where the victim is tricked into handing over money or information themselves. For example, buying Taylor Swift tickets that never arrive.”

The difference matters because scams often slip through traditional detection systems, yet for users the sense of violation – and the damage to trust – is just as severe.
The speed and sophistication they can evade detection systems is what makes scams so difficult to fight. “Scammers are the original masters of agile marketing,” says Helen Fairfax-Wall, Chief Policy and Communications Officer at Stop Scams UK. “They can shift direction overnight, trying a new approach without the hurdles that legitimate businesses face. They don’t have to write a business case, consult stakeholders, or wait for approval – they just do it. That speed is what makes them so hard to fight.”

In other words, scammers pivot instantly, while industries and regulators move slowly. The only effective defense is collaboration, she argues. Banks, telcos, and tech companies need to start working together to stop scams before they reach consumers.

The scam supply chain: many industries, one victim

Every scam travels a path, but it rarely starts where we think it does. A fake investment post on social media or a text message promising a prize is usually the last step in a much longer chain. At the start may be a stolen identity used to obtain a SIM card, a compromised credit card, or the creation of a malicious domain name. Each of these elements is like a link in a supply chain, and each link tends to fall under the responsibility of a different industry.

This is why Stop Scams UK was set up as a tri-sector coalition, Helen says. By mapping the journey of a scam, its members can see that telecoms providers, tech companies, and banks all touch part of the process. What looks normal to one party may be suspicious in the wider picture. Fraud prevention only works when those slices of data are connected and patterns can be identified.

From a CX perspective, every missed opportunity to stop fraud and scams is also a negative customer touchpoint that erodes loyalty and satisfaction.

“There is always a sequence of events before the consumer is even involved, and every step of that journey touches a different sector,” Helen says. “It might be the telecoms industry providing the number, the tech platform where the ad is placed, and finally the bank where the money lands. Each piece looks legitimate in isolation, but together they form the scam.”

Without sharing information, those events are invisible. With collaboration, they become opportunities to stop scams before they ever reach the consumer.

The scale of this challenge also helps to explain why collaboration is not optional. Left unchecked, each industry will continue to plug only the holes in its own domain while fraudsters exploit the gaps in between. But persuading industries to share intelligence across their traditional boundaries has been an entirely different challenge.

Why collaboration is difficult, and why it’s changing

On paper, collaboration between banks, telecom providers and tech platforms seems obvious. In practice, however, it has been slow to develop. For years, each industry has largely focused on its own patch, sharing insights internally but not across sectors. That meant banks would compare notes with other banks, and telcos would do the same within their own industry, but the bigger picture was lost. Bad actors have exploited those blind spots, slipping through the cracks between sectors.

Helen points to several reasons for this lack of cooperation. “The first barrier is cost,” she explains. “These pilots and initiatives aren’t cheap, and when you don’t know if they’ll succeed, it’s hard for companies to justify them. The second is legal certainty. For a long time, organizations were nervous that by sharing data they’d be in breach of privacy law. And the third is reputation. No business wants to hold up its hands and say, ‘We’re being attacked,’ in case it’s seen as a weakness or gives competitors an edge.”

This began to change only recently. Two years ago, cross-sector data flow was almost non-existent, Helen says, but today, thanks to regulatory guidance and cultural shifts, there is growing momentum. The UK’s Information Commissioner’s Office (ICO), which is the independent regulator for data protection and privacy, issued guidance in late 2024 confirming that organizations could share data across sectors specifically for the purpose of fraud prevention. That reassurance removed one of the biggest obstacles to collaboration, giving companies the confidence to act.

In the United States, where no single regulator oversees data privacy, similar responsibilities are shared between agencies such as the Federal Trade Commission (FTC),  which enforces privacy, data security, and consumer protection laws, and the Consumer Financial Protection Bureau (CFPB), which regulates financial data practices. Both agencies have issued guidance supporting lawful information sharing to prevent fraud and protect consumers, reflecting the same principle the ICO formalized in the UK: that collaboration should be enabled, not hindered, by regulation.

Alongside it came a cultural realization that transparency matters more than protecting reputational silos. “It’s far more important to work with other sectors and organizations than to protect your own bubble and keep things hidden,” Helen says. “That mindset is what’s changing, and it’s making collaboration possible.”

These structural hurdles matter because they leave real people exposed. Few groups illustrate that vulnerability more starkly than teenagers.

Case in point: why teens are especially vulnerable

One of the clearest illustrations of why upstream prevention matters is the experience of teenagers online. Their confidence with technology is often mistaken for resilience.

In reality, it can make them more vulnerable. Because they have grown up in digital spaces, many young people assume they are too savvy to be tricked. And that sense of invincibility means they are less likely to question links, offers or endorsements that appear in their feeds.

“Young people are being attacked daily and from every direction,” Helen says. “They think they’re immune, but they’re not, and fraudsters know it. It’s not one industry’s responsibility to protect them; every sector has a role to play in shutting these scams down.”

The attacks may look like free products, gaming offers, or influencer-led promotions. To a teen, these feel like familiar parts of everyday digital life. But that familiarity is exactly what fraudsters exploit.

Ailís Daly, Head of Trust & Safety for EMEA at WebPurify, in conversation with Helen, shared the story of her 14-year-old niece, who clicked on a link promising free products from the beauty brand, Sol de Janeiro. At first, she thought she hadn’t given away anything important, but in reality, she had shared personal information that fraudsters could later exploit. This seemingly benign example illustrates how even small, everyday interactions can open the door to scams. The same dynamic plays out on a much larger scale when teens engage with influencers online.

Young people also place heavy trust in influencers. That trust can be misplaced, as some influencers may unknowingly promote fraudulent products, while others may not fully understand the risks themselves. To teens, these endorsements feel authentic and safe, but the bad actors exploit that credibility to slip their scams into everyday digital life. This ecosystem therefore leaves teens particularly at risk.

By the time a scam reaches a young person’s screen, it has already travelled through several industries. Protecting them means acting much earlier in the fraud chain.

Building the patchwork quilt

Understanding that agility is only part of the problem, we also need to look at the mechanics of fraud itself: the supply chain that allows scams to reach consumers in the first place. Helen describes collaboration as building a “patchwork quilt” of defenses. In other words, an interwoven network of pilots, data-sharing agreements, and technical connections that make scams far harder to execute.

“Wouldn’t it be wonderful if you could stop one kind of fraud and the criminals just gave up?” Helen says. “The reality is, they don’t. The attacks keep evolving, so our job is to build a patchwork quilt of protections. That way, wherever they try to go next, it is either disproportionately expensive or they’re not going to get beyond two stages and then boom, they’re slammed down and they can’t reach the consumer. We put that into the terminology of stopping scams at source.”

In practice, this means running small trials, testing how data from one sector can be enhanced and acted upon by another, and then using those lessons to reinforce the whole system.

Technology is a major part of the quilt. Banks, telcos, and tech firms are investing heavily in AI fraud detection, but these systems are only as strong as the data they are trained on. That is why consumer reporting is so valuable. In the UK, people can forward suspicious texts to 7726, a free reporting service run by mobile operators. The number spells “SPAM” on a phone keypad, and forwarding messages there helps telecoms providers quickly identify and block scam texts. What may seem like a trivial action by an individual actually provides intelligence that protects thousands of others.

In the United States, consumers can report scam texts and calls through several free channels. Mobile users can also forward suspicious texts to 7726 – the same shortcode is supported by major US carriers including AT&T, Verizon, and T-Mobile – or file reports with the Federal Trade Commission (FTC) at ReportFraud.ftc.gov. These reports feed directly into nationwide databases used by enforcement agencies to detect patterns and take down large-scale scam operations. Like the UK service, they turn individual reports into collective intelligence.

Framing this as part of the customer journey also matters: empowering people to report online scams gives them agency and creates safer, more trustworthy digital experiences, which are central goals for strong CX.

Removing the stigma around being scammed is therefore critical. “Every report adds another patch to the quilt,” Helen says. “People shouldn’t feel embarrassed. Their information is what helps us build stronger protections for everyone else.”

Encouraging reporting empowers consumers to take part in prevention, while giving industries the data they need to strengthen defenses across the board.

But while industry collaboration is advancing, it cannot succeed in isolation. Government policy and regulation must provide the framework that allows these efforts to scale.

The role of policy: enabling, not hindering

Policy and regulation must also keep pace with the changing fraud landscape. In the UK, Helen points out, government responsibilities are divided among departments such as the Home Office, the Department for Work and Pensions (DWP), and Ofcom. Each oversees its own domain, but scams rarely fit neatly into these silos. The result is a fragmented system where no single authority has full oversight. This can be a barrier to fast, coordinated responses, and it is a pattern seen in many countries, not just the UK.

One example of progress is the role of the ICO, and its publication of clearer guidance on organizations sharing data across sectors for the purpose of fraud prevention.

“What the ICO gave us wasn’t new legislation, but clarity. That clarity told organizations, ‘You can share information to fight fraud and you’ll be on the right side of the law.’ That reassurance has unlocked so much collaboration that simply wasn’t happening before.”

The lesson for policymakers everywhere is that regulation should enable, not hinder, cross-sector collaboration. Creating clarity, streamlining oversight, and listening to industry concerns can remove barriers that fraudsters exploit. Only then can the patchwork quilt of defenses be fully stitched together.