Two new incidents of online fraud, reported within hours of each other, are only the latest reminders that the landscape of crime has shifted dramatically. The sums are growing, the victims span every age and background, and the skills of scammers are becoming alarmingly sophisticated. Yet the systems meant to protect us seem unable, and often unwilling, to keep up.
The first case emerged in Limassol: a company lost nearly 10,000 US dollars after following payment instructions sent from a fake email that mimicked a trusted supplier. The deception was clean, convincing and uncovered only when the real supplier denied having changed any bank details.
The second was in Paphos: a 71-year-old woman believed she had invested in a state-backed platform, only to realise later that strangers had guided her into transferring 6,500 euros straight into their pockets.
Two different victims. Two different methods. One common truth: digital scams are multiplying, evolving and becoming harder to detect.
And here is the uncomfortable part. In most of these cases, police investigations rarely lead anywhere. Not because officers lack interest, but because online fraud can slip across borders, platforms and identities with breathtaking ease.
The criminals are several steps ahead, armed not only with technique but now with artificial intelligence, which allows them to create messages, voices and interactions so realistic that even trained eyes can be fooled. To make matters worse, they often channel stolen funds into cryptocurrency, making the money virtually untraceable and investigations even more difficult.
Consumers must learn, yes. But institutions must lead.
While consumers indeed need better awareness and digital literacy, we cannot keep pretending that the entire burden falls on us. Institutions, banks, platforms and businesses often hide behind the convenient defence of “user negligence”, instead of acknowledging that their systems are fragile, outdated or simply not designed with user protection in mind.
The truth is harsher: many victims believed they were protected because the institutions themselves made them feel safe. They weren’t.
What is missing is a proactive culture of protection. Real investment in security. Real education. Real responsibility.
And yes, it can be done. Recently I opened an account with Vestiaire Collective to purchase a pre-loved item. Within hours, they closed my account. Not out of inconvenience, but out of vigilance. They wrote to inform me that the account appeared to have been taken over, explaining that they routinely screen new registrations to keep the platform safe for all users. They even directed me to a website where I could check which of my other accounts might have been compromised, demonstrating a level of responsibility and transparency that is rare in the online marketplace.
Their next recommended steps were exactly what protection should look like:
- Reset your email password.
- Check if any rules were added to block their messages.
- Reset your Vestiaire password.
- Avoid using the same password across multiple sites.
Clear. Practical. Proactive. And above all, responsible.
This is how institutions earn loyalty. Not only through great products or services, but through a visible commitment to keeping customers safe.
Consumers must learn, yes. But institutions must lead. Because as scammers grow sharper and AI becomes their accomplice, the gap between offence and defence is widening fast.
And unless businesses take their role seriously, we will continue to watch cases multiply, victims expand across every demographic and losses rise with every click.
Scammers are levelling up. The question is: when will the people meant to protect us do their part?