Full Report
Victims losing £280K a day to fake profiles and sob stories
Analysis Summary
# Incident Report: Surge in Romance Fraud (UK 2025)
## Executive Summary
In 2025, romance fraudsters defrauded UK citizens of £102 million through emotional manipulation and social engineering. Using fake profiles on social media and dating platforms, attackers established trust-based relationships to exploit victims financially, resulting in an average loss of £9,500 per victim. Despite significant financial and emotional impact, the crime remains underreported due to victim shame.
## Incident Details
- **Discovery Date:** Year-end 2025 (Statistical reporting released May 5, 2026)
- **Incident Date:** January 1, 2025 – December 31, 2025
- **Affected Organization:** General Public (UK citizens reporting to City of London Police)
- **Sector:** Individuals / Consumers
- **Geography:** United Kingdom
## Timeline of Events
### Initial Access
- **Date/Time:** Ongoing throughout 2025
- **Vector:** Social Engineering via social media and dating apps.
- **Details:** Fraudsters established contact using unsolicited messages and fake profiles designed to attract specific demographics (primarily those aged 55-74).
### Lateral Movement
- **N/A:** Not a network-based attack; however, attackers moved from public platforms (social media) to private communication channels (messaging apps) to isolate victims.
### Data Exfiltration/Impact
- **Impact:** Fraudulent transfer of funds. Victims were coerced into sending money via bank transfers or digital payments for fabricated emergencies.
### Detection & Response
- **Detection:** Reports filed by victims to "Report Fraud" (City of London Police).
- **Response Actions:** Police intelligence gathering, public awareness campaigns, and disruption of offender accounts.
## Attack Methodology
- **Initial Access:** Social Engineering; creation of fraudulent "sock puppet" profiles.
- **Persistence:** Building long-term emotional rapport; "Love Bombing."
- **Privilege Escalation:** Gaining "trusted" status in the victim's personal life.
- **Defense Evasion:** Use of excuses to avoid video calls or face-to-face meetings; manipulation of victim's emotions to prevent them from seeking outside advice.
- **Credential Access:** N/A (Direct solicitation of funds).
- **Discovery:** Identifying vulnerable targets (specifically the 55-74 age bracket).
- **Lateral Movement:** Convincing victims to switch to encrypted or private messaging platforms.
- **Collection:** Gathering personal details from victims to tailor "sob stories."
- **Exfiltration:** Direct transfer of funds from victim to attacker.
- **Impact:** Financial loss (£102M total) and severe emotional distress.
## Impact Assessment
- **Financial:** £102 million total UK loss; £280,000 lost per day; average £9,500 per victim.
- **Data Breach:** Compromise of victim PII (Personally Identifiable Information) through shared intimacy.
- **Operational:** N/A for organizations; individual lifestyle disruption for victims.
- **Reputational:** High level of shame for victims, leading to significant underreporting.
## Indicators of Compromise
- **Network indicators:** N/A.
- **File indicators:** N/A.
- **Behavioral indicators:**
- Unsolicited affection from strangers.
- Profiles that seem "too good to be true."
- Refusal to engage in video calls or in-person meetings.
- Requests for money for "emergencies," "travel," or "investments" early in a relationship.
## Response Actions
- **Containment:** Reporting fraudulent profiles to social media platforms.
- **Eradication:** Law enforcement disruption of organized crime syndicates.
- **Recovery:** Reporting incidents to banks to attempt fund recovery (where possible) and psychological support for victims.
## Lessons Learned
- **Targeting Trends:** Older demographics (55-74) are primary targets for high-value losses.
- **Reporting Gap:** Significant delta between actual crimes and reported crimes due to the emotional nature of the fraud.
- **Platform Abuse:** Criminals leverage the trust inherent in social networks to bypass traditional "cold call" suspicions.
## Recommendations
- **Verification:** Always insist on video calls to verify identity before establishing a deep digital relationship.
- **Financial Hygiene:** Never send money to someone you have not met in person, regardless of the "emergency."
- **Second Opinion:** Discuss new online relationships with a trusted friend or family member to gain an objective perspective.
- **Reporting:** Victims should report incidents to reportfraud[.]police[.]uk to assist in intelligence gathering.