APP Fraud

What is APP Fraud and how can I avoid it?

Authorised Push Payment is a type of financial fraud. Like all frauds, the aim is to steal the victim’s money. In order to do so, the fraudster uses manipulation and deception. In the case of APP fraud, the fraudster tricks the victim to send money to the fraudster’s account voluntarily. The victim is often under false pretences, believing they are sending money for legitimate reasons, such as buying goods or services or helping family or friends. Sometimes the fraudster pretends to be someone, or from an organisation, you know like your bank.

How to avoid it?

1 Don’t rush.

Fraudsters want to create an urgency, so you don’t have time to think. They often do a lot of talking and social engineering, trying to build up your confidence in their request. Take your time.

2 Think what is the purpose of the payment?

Consider what the payment is for. Often fraudsters create fear by saying the money must move because it is not safe where it is held now, or over promising “too-good-to-be-true” interest on investments. Towards employees of small businesses, fraudsters often put themselves forward as a new employee at your normal beneficiary, paying for goods and services, but give new account details. Consider whether the request is legitimate and verify the purpose of the payment (and or change in account details) by contacting your banking provider or your verified contact at the known beneficiary.

3 Ask yourself how well do you know the recipient?

Fraudsters try to impersonate staff from your banking provider or from your normal suppliers. They often change payment instructions or account details to divert funds.

4 Consider how you received the request?

Fraudsters can contact you by mobile phone, landline, text or email. Ask yourself whether the communication took place from a known/unknown source. Consider whether the request was unexpected.

5 Verify the recipient’s identity and payment details.

If the fraudster pretends to be from an organisation, contact the organisation yourself by using verified communication channels. An example is to not continue the communication, but to go online to the trusted website affiliated with the intended recipient and using contact methods are per their website or those known to you.