Decoding Authorized Push Payment Fraud: what it is and how to avoid it

Are you seeking ways to protect your company’s finances from sophisticated scams? Authorized Push Payment (APP) fraud is a rising threat, tricking businesses into unknowingly transferring funds to fraudsters. In 2023, APP fraud losses in Europe were estimated to reach €2.2 billion, a further increase of 25% compared to 2022. Understanding this type of fraud and learning to avoid it is crucial for protecting your company’s financial well-being. In this blog post, we’ll decode the complexities of APP fraud, providing you with the knowledge and practical tips needed to keep your business finances secure and ensure your operations remain uninterrupted.

What Is Authorised Push Payment Fraud?

Authorized Push Payment (APP) fraud is a type of financial scam where someone is deceived into sending payments to fraudsters, believing them to be legitimate entities. This occurs when a fraudulent request for payment is made, often exploiting gaps in communication or trust within financial transactions. Fraudsters may impersonate suppliers, clients, or executives through various means, such as phishing emails or compromised communication channels. Once the payment is authorized, it is difficult to reverse, leading to financial losses for the targeted company.

Typical types of APP Scams

Authorized Push Payment frauds come in various forms, each designed to exploit different vulnerabilities within companies’ processes:

  • Invoice Fraud: Fraudsters send fake invoices or alter legitimate ones, convincing businesses to make payments for goods or services that were never provided.

  • CEO Fraud: Scammers impersonate company executives, typically via email, and request urgent payments for supposed business transactions or investments.

  • Supplier Fraud: Fraudsters pose as legitimate suppliers and provide false payment details, leading companies to transfer funds to fraudulent accounts.

  • Employee Impersonation: Criminals target employees responsible for payments, using stolen credentials or spoofed email addresses to deceive companies into making unauthorized transfers.

Understanding these common tactics is essential for companies to recognize and prevent APP fraud, safeguarding their financial resources and reputation.

How to Avoid Authorized Push Payment Fraud?

Protecting your company from Authorised Push Payment (APP) scams requires proactive measures and vigilant practices. Here are essential tips to safeguard your business:

Always verify payment requests through multiple communication channels (e.g., phone calls, and official emails) before authorizing any transactions, especially those involving large sums or urgent requests.

Verify the authenticity of new or changed payment details directly with known contacts or suppliers before processing payments. Be cautious of any unexpected changes in payment instructions.

Require dual authorization for significant transactions, involving at least two authorized persons to approve payments independently. This adds an extra layer of security against fraudulent payments.

Conduct regular training sessions to educate employees, particularly those involved in financial transactions, about the latest APP fraud tactics and prevention strategies. Ensure they can recognize suspicious requests and know how to respond appropriately.

How to Recognize APP Fraud?

Understanding the signs and indicators of APP fraud is crucial for early detection and prevention. Here are common red flags to watch out for:

  • Unexpected Urgency: Requests for immediate or urgent payments without prior notice or proper verification procedures.

  • Unusual Payment Requests: Requests to transfer funds to unfamiliar or new accounts, especially if the details differ from usual payment methods or procedures.

  • Unsolicited Requests: Receipt of unexpected payment requests or invoices from unknown or unverified sources, particularly through email or other electronic communication channels.

  • Changes in Payment Instructions: Sudden changes or updates to payment details without prior notification or confirmation from known and trusted contacts.

  • Poor Grammar and Spelling: Emails or communications containing errors in grammar, spelling mistakes, or unusual language use, may indicate fraudulent origin.

Recognizing these warning signs empowers businesses to take proactive steps in verifying transactions and preventing potential financial losses due to APP fraud. By implementing robust security protocols and fostering a culture of awareness, businesses can effectively mitigate the risks associated with fraudulent activities targeting their finances.

What to Do If Your Company is Victim of APP Fraud

If your company falls victim to Authorised Push Payment (APP) fraud, it’s crucial to act swiftly to minimize potential financial losses and mitigate further risks. Here are the immediate steps to take:

  • Contact Your Bank Immediately: Notify your bank or financial institution as soon as you suspect or confirm fraudulent activity. Request them to freeze or recall any unauthorized transactions to prevent additional losses.

  • Report the Fraud to Relevant Authorities: File a report with law enforcement agencies, such as the police or relevant fraud reporting agencies. Provide them with all necessary details and documentation related to the fraudulent transaction.

Note : The Payment System Regulator announced that at the end of 2024, a new mandatory reimbursement framework will begin in the UK. All UK Payment Service Providers (PSPs) will have to reimburse their customers victim of APP scams, following official rules (more information).

By taking immediate action and following these steps, your company can improve its chances of recovering funds lost to APP fraud and strengthen its defenses against future fraudulent activities. Prompt reporting and collaboration with your bank, financial institutions and authorities are crucial in protecting your company’s financial integrity and reputation.

Stronger together

I choose my network and I share!