Home / News & Insights / Blog / Pushing back | Tips to avoid authorised push payment fraud

Pushing back | Tips to avoid authorised push payment fraud

03 Jul 2019

Bank transfer fraud, also known as authorised push payment fraud, is on the rise. Consumer group “Which?” recently reported that £354 million was stolen from bank customers in transfer scams in 2018 – mostly from personal accounts – which equates to nearly £700 per minute.
 
Bank transfer fraud often involves fraudsters posing as bank staff, lawyers, legitimate businesses and even the police, to convince individuals and businesses to reroute legitimate payments to illegitimate accounts. This is all the more serious now given the ease with which payments can be made; fraudsters can obtain and dissipate monies within a matter of hours, if not minutes.
 
Common examples of this type of fraud in action can include fraudsters:
 
  • hacking into email accounts and doctoring genuine invoices or intercepting genuine email chains to obtain information and ultimately instruct individuals/businesses to send monies to a different bank account;
  • sending emails which appear to be from a colleague, usually a manager or person in position of authority, requesting that certain payments be made urgently; or 
  • impersonating an employee of your bank, informing you that your account is compromised and asking you to transfer your money to a new account to keep it “safe”. 

How can you avoid becoming a victim of bank transfer fraud, whether personally or professionally?
 
  • Be suspicious – thoroughly check all payments you make to ensure they are going to a legitimate account. Whenever you receive payment details, particularly by email, always take steps to independently verify them with the individual/business involved. You can do this by conducting your own checks online and calling your contact on a telephone number you know to be genuine – do not assume that a telephone number on an email is legitimate if it cannot be verified elsewhere.
  • Know your finances – ensure you know how money leaves your account/business, including the methods of payment you use, who has authority to make those payments and who conducts appropriate checks to ensure those payments are legitimate. You should also always check your bank statements (both online and paper); this might flag up a potential issue which you would otherwise not have known about. 
  • Training – if you are a business, train your employees to identify and prevent fraud by educating them about common warning signs and encouraging an environment where your employees feel comfortable to report suspicious behaviour.
  • Information security – make sure your property and electronic systems are secure, particularly email accounts. This can include the use of robust password protection, to simpler actions such as locking your computer/laptop when it is left unattended.
  • Report fraud – If you have any concerns or think you may have been the victim of fraud, report this to Action Fraud and/or the police.
 
Bank transfer fraud can affect organisations of all sizes, so even if you do everything you can to prevent becoming a victim of bank transfer fraud, the organisations which you deal with may not. We recently acted for an individual who was due an insurance pay out following a successful insurance claim. A fraudster got wind of this, hacked into that individual’s email account, intercepted a genuine email chain and emailed the insurance company asking for the monies to be sent to a different account to the one previously advised. The insurance company failed to carry out sufficient checks to ensure that this communication was genuine and mistakenly paid the insurance settlement to the fraudster. We helped this individual to recover the money they were entitled to.
 
If you have been a victim of fraud and are looking for advice regarding any of the issues outlined above, please do contact us.

Further reading

Get in touch