Danes are losing more than twice as much money per successful fraud case today as they did five years ago, even though digital security has technically improved. Average losses jumped from roughly DKK 3,800 per case in 2018 to about DKK 8,400 in 2023.
Digital fraud in Denmark has shifted from card skimming to aggressive social engineering, and the numbers paint a troubling picture. Total fraud and misuse with digital payment solutions reached about DKK 627 million in 2023, up 57 percent from roughly DKK 400 million in 2018. That breaks down to approximately DKK 105 per resident per year in gross losses. Nearly half of that fraud value relates to card misuse, especially on foreign webshops and fake online stores.
The rising cost per case is the real surprise. Danmarks Nationalbank’s StatBank tables reveal that criminals are getting better at extracting larger sums even as banks add security layers. The most common ploy now is the fake bank call. Scammers who sound official, know your CPR number, and ask you to “move money to a safe account” or hand over MitID codes. For expats unfamiliar with how Danish banks actually communicate, this is devastatingly effective.
Who Is Getting Hit
No Danish authority publishes fraud victim statistics by citizenship or origin. Neither Nationalbanken nor Statistics Denmark breaks down economic crime victims by nationality. That data vacuum matters. Anecdotal evidence from bank fraud lines and police suggests internationals are over represented in social engineering cases. Language barriers and unfamiliarity with NemKonto, MitID and “NemSMS” increase vulnerability. Yet there is no official count.
For a newcomer on a temporary contract, losing one month’s salary to fraud can mean immediate arrears on rent and daycare. Banks sometimes refuse reimbursement, arguing the customer “approved” the transfer. That leaves victims, including foreigners who did not know the bank would never call to ask for codes, bearing the full loss.
New Strategy, New Money
Denmark’s new national cyber and information security strategy for 2026 to 2029 channels about DKK 1 billion into a 24/7 cyber situational centre and related infrastructure. That is roughly DKK 250 million per year, or about DKK 42 per resident annually. The strategy explicitly singles out fraud against private individuals and SMEs as a priority.
A DKK 24 million pool over four years will fund ongoing Cyberhotline measures and citizen facing support. The Cyberhotline for Digital Security, operated under the Danish Agency for Digital Government and the National Centre for Cyber Security, provides phone and online guidance for phishing, fake support calls, and compromised MitID. The new strategy directs the hotline to help people understand where to report once damage is done.
A new SMV CERT will give small and medium sized companies, including many foreign owned firms, direct access to incident response and sector specific guidance. Separately, the government’s 2025/26 legislative programme includes bills to increase transparency in fees and conditions for card based payment transactions and chargebacks. That could alter how banks handle disputed payments and fraud reimbursement.
Data Sharing Versus Privacy
Banks and financial sector organisations support tighter cooperation, arguing that data sharing between banks, police, and e ID providers is essential to detect complex cross border scams in real time. Norwegian legislation enabling broader sharing of customer risk data is held up as a model. Finans Norge explicitly backs such changes because they should help uncover and prevent fraud, identity theft, and other serious crime.
Civil rights groups warn that expanded data sharing risks eroding financial privacy, especially for minorities and foreigners already subject to extra anti money laundering screening. Past Danish scandals, including the revelation that 12 banks had input into changes to a bill on dividend tax fraud, fuel scepticism that new rules will primarily protect institutions rather than customers.
What to Do Right Now
If you suspect fraud, follow a three step sequence. First, block the means of payment immediately via the common blocking number or your bank’s app. Second, contact the bank’s fraud line. Third, file a police report through politi.dk. The Cyberhotline increasingly serves as a “front door” for those unsure where to start, though primary guidance remains in Danish.
Denmark’s card fraud rate is still lower than the EU average measured as losses per card transaction. But the gap has narrowed since 2015. About 79 percent of total card fraud value in the EU involves cross border card not present fraud, a pattern mirrored in Denmark. As chip and PIN and 3 D Secure became standard, criminals shifted to online fraud and social engineering scenarios that are harder to block with technology alone.
Denmark’s heavy reliance on digital only banking, mandatory NemKonto for all residents, and near cashless retail means internationals are quickly immersed in highly digitised financial routines. But many do not receive equivalent cyber hygiene training in English. MitID codes should never be shared by phone, even if the caller knows your CPR number and full name. That data can be harvested from previous leaks or social media. The new billion krone strategy may help, but without granular statistics on who is getting hit, it is difficult to assess whether prevention efforts are reaching the most vulnerable groups.
