Authorised push payment fraud
What’s the threat?
Scammers are posing as solicitors and bank officials to steal money from people making bank transfers, typically when paying tax bills, school fees or invoices for work done in the home. Currently, unlike many other payment methods, victims have no legal right to get the money back from their bank.
Figures showing the scale of the problem have been revealed for the first time. UK Finance, the banking trade body, said there were 43,875 reported cases last year, with victims losing a total of £236m ( www.snipca.com/27300). Nearly 90 per cent of those targeted were individuals (the rest involved businesses), who lost an average of £2,784. Banks only returned stolen money in 26 per cent of cases.
To carry out the scam, fraudsters intercept post or hacked emails, then send a payment demand. This tactic is more effective than random phishing attacks because the victims are expecting the demand for money, and therefore less likely to question its authenticity.
When you transfer money, banks don’t cross-check the name of the payee, so entering the correct name doesn’t mean they’ll receive the cash.
How can you stay safe?
It’s not easy. These are sophisticated scams that aren’t exposed by spelling mistakes in the email subject line. The advice given by UK Finance is familiar common sense – never disclose your password and PINS, and don’t automatically assume an email or phone call is authentic. Perhaps the surest way to thwart scammers is to contact your bank to check whether the payment request is genuine. There’s no need to send payment instantly.
Victims will hopefully be getting more protection soon, after the Payment Systems Regulator announced proposals intended to make it easier to recover stolen money from banks.