What is push fraud and how can you avoid it?

‘Cruel scam’ used to steal £145m from UK bank customers in first half of 2018

Chaos Computer Club Berlin
(Image credit: Sean Gallup/Getty Images)

Fraudsters stole more than half a billion pounds from UK bank customers in the first six months of 2018, newly published figures show.

New trends in investment scams

And of the total £503m taken, almost a third was lost through so-called Authorised Push Payment (APP) scams - where people are tricked into authorising a payment to another account.

This type of crime is “Britain’s fastest growing”, and the latest figures, from industry group UK Finance, suggest that “2018 will see a sharp increase in the amount stolen from 2017, when victims lost £236m over the whole year”, The Daily Telegraph reports.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.


Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

The Guardian describes APP fraud as a “cruel scam so slick even the vigilant can be duped”.

So how can you protect yourself?

What is an APP scam?

“The scammers usually start with a phone call purporting to be from the police or a bank, or with an email from a cloned address masquerading as a payment request from a genuine conveyancing solicitor or trader employed by the victim,” The Guardian says.

Payments made using real-time payment schemes are irrevocable, so cannot be reversed once victims realise they have been conned. And because payments have technically been authorised by the customer, there’s no redress, the newspaper adds.

“The approach taken by the fraudsters is not new,” says California-based data analytics firm FICO. “They use social engineering techniques and may hack into email and other systems in order to set up their victims.

“These methods of attack are used to perpetrate a wide range of attacks. The defining factor in authorised push payment fraud is the use of real-time payment schemes to transfer the money to the fraudsters.”

According to the experts, the increasing numbers of consumers and businesses adopting simple new methods to send money in real time has given scammers a “wider potential pool of victims”.

How do I avoid an APP scam?

FICO says that “these criminals are devious and clever, and victims cannot simply be written off as gullible fools”.

That warning is echoed by Which? director of policy and campaigns Alex Neill. “We all now regularly use bank transfers to pay for things, but what most of us don’t realise is that if you’re conned into paying out money to a fraudster, you stand to lose all of your money, unlike when you use your credit or debit card,” he says.

“With scams on the rise, consumers can only protect themselves so far, and we believe that banks must do more to tackle bank-transfer fraud and safeguard their customers from scams.”

Although protection is limited, UK Finance has a series of tips for bank customers: internet users should never disclose security details, such as their PIN or banking password, and should never assume an email, text or phone call is authentic.

Never rush a payment, as “a genuine organisation won't mind waiting”, says the trade association, which adds that “listening to your instincts” and “not panicking” are essential if something does go wrong.

Continue reading for free

We hope you're enjoying The Week's refreshingly open-minded journalism.

Subscribed to The Week? Register your account with the same email as your subscription.