Authorised Push Payment Fraud is growing at a considerable rate in the UK with it being reported that a total of £236 million was lost last year.
This scam happens where the fraudsters deceive individuals into making payments into bank accounts controlled by fraudsters. The requests for payment appear to the individuals concerned to be genuine, for example, an email which looks to be from an individual’s manager or the CEO of a company. The fraudsters hack into email or other systems to set up their victims.
The police are well aware of the scam and anyone falling victim to it should, as well as immediately reporting the matter to their bank, report the matter to Action Fraud at www.actionfraud.police.co.uk or on 0300 123 2040. Even if you do not fall for the scam it is worth reporting the matter to Action Fraud so that the police can investigate and hopefully others won’t be caught by the scam.
The banks are under a duty to raise any concerns regarding payment requests with the account holders but the duty on banks is narrow and they will rarely be found to have breached it. The individual who, or company which, has been a victim of the fraud loses the money. The current position is that the banks usually have no legal responsibility to refund the money.
The position looks all set to change with the Payment Systems Regulator proposing a scheme to be set up that would see customers refunded in certain circumstances but the precise details of this and when it is likely to come into effect is not yet known. In addition, the scheme will not apply retrospectively.
So what can you do to ensure that you do not become a victim of this crime? The answer is to be vigilant but this is easier said than done as the fraudsters are becoming more and more sophisticated. However, here are some tips:
- Is the email address correct? The fraudsters often substitute just one letter or number such as substituting the letter ‘O’ for a zero.
- Is there anything unusual about the tone of the email? Often the fraudsters will set the tone of the email in a manner which is over friendly. Is this really how this person would communicate with you?
- If the email is from an organisation, is the sign off/company logo correct? Often the sign off/company logo to the email will be slightly different than usual.
- Is the fraudster’s request out of the ordinary? Would the person making the request really ask you to make an immediate transfer of £50,000.00?
- In ALL cases call the person who has asked you to make the transfer to ensure that the request is genuine.
These checks seem obvious but with the pressures of work and everyday life it is too easy to overlook the basics. The motto of the story is THINK and we will BEAT them and WIN.