Fraudsters tricking others out of their money is nothing new. In fact, it’s been happening for thousands of years, with the first recorded instance of insurance fraud occurring in Greece in 300 BC. However, what is new is the level of sophistication fraudsters have been operating with since the rise of the internet and digital banking.
Whilst the introduction of Faster Payments in the UK in 2008 opened up new possibilities for convenient, real-time money transfers, it also facilitated the first wave of authorised push payment (APP) scams. Over time, this vicious method of cybercrime had become prevalent enough to be included in UK Finance’s data collection in 2017. Today, the prevalence of this form of fraud continues to be a significant challenge for consumers and financial institutions alike.
Understanding and staying ahead of this wave of cybercrime is essential for professionals in the financial services sector. So, to stay afloat, read on to learn more about what exactly APP fraud is and why it matters to the financial services.
What is Authorised Push Payment (APP) Fraud?
APP fraud occurs when a victim is manipulated into making a bank transfer to a fraudster, believing they are making a legitimate transaction. Unlike other similar kinds of fraud that involve gaining unauthorised account access or password breaching, APP fraud is unique because the victim actually authorises the payment, albeit without truly realising who is on the receiving end. A fraudster will typically employ one of two main tactics to achieve this outcome.
Social Engineering
The scammer deceives the victim into willingly transferring the money with psychological techniques. This may be by creating a false sense of urgency, such as an emergency, fine to be paid, or a limited time offer. This could also be by building trust over time or creating a false relationship with the victim to encourage them into sending money.
Impersonation
Sometimes, the scammer masquerades as someone the victim trusts, such as a friend or family member of the victim or as an official company or government body. Using spoofed phone numbers or email addresses, the criminal lulls the victim into a false sense of security to convince them into sending money.
Why APP Fraud Matters to the Financial Services
APP fraud poses a serious challenge for the financial services industry, not only because of the financial losses involved, but because of the reputational damage and customer distress it causes, with victims often feeling betrayed by their bank if they don’t receive support or reimbursement following APP fraud.
In recent years, the UK Payment Systems Regulator (PSR) has introduced a set of rules to improve consumer protection and encourage greater consistency in reimbursement, with financial institutions being increasingly expected to offer support or reimbursement following APP fraud and to take proactive steps to identify and prevent APP fraud.
Spotting Suspicious Activity
Financial institutions should actively monitor their customers’ accounts and activity for signs of potential fraud including any unusual payment patterns, unexpected high value transfers, or payments to new or unrecognised recipients.
Raising Customer Awareness
By providing clear, accessible information about how APP scams work and what red flags to watch for, banks and payment providers can empower individuals to protect themselves from being tricked into making fraudulent payments.
Using Confirmation of Payee (CoP)
Confirmation of Payee is an important tool in the fight against APP fraud which checks that the name entered by the customer matches the account details of the payee, helping to prevent money from being sent to scammers who are masquerading as someone else.
Working Together
Tackling APP fraud requires strong collaboration across the financial sector. By sharing data, insights, and best practices, organisations can better understand emerging threats and respond more effectively to protect their customers.
