Au­tho­rised push pay­ment fraud

Computer Active (UK) - - Pro­tect Your Tech -

What’s the threat?

Scam­mers are pos­ing as solic­i­tors and bank of­fi­cials to steal money from peo­ple mak­ing bank trans­fers, typ­i­cally when pay­ing tax bills, school fees or in­voices for work done in the home. Cur­rently, un­like many other pay­ment meth­ods, vic­tims have no le­gal right to get the money back from their bank.

Fig­ures show­ing the scale of the prob­lem have been re­vealed for the first time. UK Fi­nance, the bank­ing trade body, said there were 43,875 re­ported cases last year, with vic­tims los­ing a to­tal of £236m ( www.snipca.com/27300). Nearly 90 per cent of those tar­geted were in­di­vid­u­als (the rest in­volved busi­nesses), who lost an aver­age of £2,784. Banks only re­turned stolen money in 26 per cent of cases.

To carry out the scam, fraud­sters in­ter­cept post or hacked emails, then send a pay­ment de­mand. This tac­tic is more ef­fec­tive than ran­dom phish­ing at­tacks be­cause the vic­tims are ex­pect­ing the de­mand for money, and there­fore less likely to ques­tion its au­then­tic­ity.

When you trans­fer money, banks don’t cross-check the name of the payee, so en­ter­ing the cor­rect name doesn’t mean they’ll re­ceive the cash.

How can you stay safe?

It’s not easy. These are so­phis­ti­cated scams that aren’t ex­posed by spell­ing mis­takes in the email sub­ject line. The ad­vice given by UK Fi­nance is fa­mil­iar com­mon sense – never dis­close your pass­word and PINS, and don’t au­to­mat­i­cally as­sume an email or phone call is au­then­tic. Per­haps the surest way to thwart scam­mers is to con­tact your bank to check whether the pay­ment re­quest is gen­uine. There’s no need to send pay­ment in­stantly.

Vic­tims will hope­fully be get­ting more pro­tec­tion soon, af­ter the Pay­ment Sys­tems Reg­u­la­tor an­nounced pro­pos­als in­tended to make it eas­ier to re­cover stolen money from banks.

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.