As digital scams grow more sophisticated, APP fraud has surged, leading to significant financial losses for both businesses and consumers. In 2023, the UK saw a 12% year-on-year increase in APP fraud cases, with losses projected to reach $934.7 million by 2027.
In this article, we’ll break down what APP fraud is, how to spot the warning signs, and what steps you can take to protect your organization and customers from falling victim to it.
What Is Authorized Push Payment Fraud?
Authorized Push Payment (APP) fraud, commonly referred to as APP fraud, is a type of financial scam where victims are manipulated into authorizing payments to fraudsters. This form of fraud typically involves social engineering techniques, where scammers impersonate trusted entities or individuals to deceive the victim into making a payment under false pretenses.
Learn how AI, ML, and digital footprinting can defend your transactions from APP fraud with actionable strategies
Learn More
How Does Authorized Push Payment Fraud Work?
This form of fraud exploits the instantaneous and irreversible nature of real-time payment systems, making it particularly challenging to detect and prevent. Criminals manipulate victims into willingly transferring money to the fraudster’s account, often through social engineering techniques. They thoroughly research their targets, establish trust and convince them to send money voluntarily. Common tactics include phishing, email spoofing and fraudulent phone calls pretending to be from legitimate entities such as banks or businesses, often creating a sense of urgency to convince victims to move funds as soon as possible.
Essentially, APP fraud relies on tricking the victim into believing they are acting in their best interest. Ironically, the fraudster may claim to be protecting the victim from a fraud attempt, adding a layer of credibility. The fraudster provides new account details, supposedly for security, but in reality, these belong to the criminal. Once the victim transfers the money and the funds are in a “bank drop” account, the fraudster quickly moves it using techniques like smurfing, where funds are broken into smaller amounts to avoid detection by transaction monitoring systems.
Authorized Push Payment Fraud Examples
APP fraud always involves tricking the victim into transferring money to the fraudster’s account. Here are a few ways it commonly unfolds:
Home Renovation Scam
Fraudsters identify a homeowner undergoing renovations and the contractor managing the work. They send a fake invoice, appearing to be from the building firm but with the fraudster’s bank details. By the time the homeowner realizes the scam, the fraudsters—and the money—are long gone.
New Bank Details Scam
Targeting a business, fraudsters pose as a regular supplier and send an email or letter claiming their bank details have changed. The company updates their records, rerouting payments to the fraudster’s account, often without realizing it for some time.
Property Purchase Fraud
Fraudsters intercept emails between a homebuyer and their solicitor, estate agent, or bank. At a crucial point in the transaction, they switch the bank details on a key document. When the buyer makes a payment, such as for a deposit, it goes to the fraudsters instead of the intended recipient.
How to Prevent and Combat Authorized Push Payment Fraud
Preventing authorized push payment (APP) fraud relies heavily on communication, education and enhanced financial safeguards.
For businesses, clear communication with customers is key. Many now include warnings in emails or during customer interactions, advising against transferring money to new accounts based on unverified messages. This proactive approach reduces the risk of fraudsters exploiting unsuspecting customers.
Financial institutions also play a crucial role. Some banks implement cooling-off periods before payments are processed, while others apply stricter due diligence, such as monitoring accounts that frequently receive high-value payments. Additionally, tools like the UK’s Confirmation of Payee (CoP) service help verify that bank account details match the name of the recipient.
Education is equally important. Banks and fintech companies must continually raise awareness about APP fraud, educating both consumers and employees on recognizing social engineering schemes. Combined with robust APP fraud prevention software using machine learning and transaction monitoring, these measures significantly reduce the risk of this widespread fraud.
Through a multi-layered approach of communication, education, and technology, both businesses and financial institutions can help mitigate the impact of APP fraud.
Technology to Detect and Stop APP Fraud
APP fraud continues to rise — and financial institutions are strengthening their defenses. To stay ahead, many are investing in advanced tools for app fraud detection, helping them catch suspicious activity in real time, cut down on false positives and protect customers from falling victim to scams. Technologies to stop APP include:
AI and Machine Learning: The Brains Behind Detection
AI and machine learning (ML) technologies analyze vast amounts of transaction data to detect anomalies and patterns indicative of fraud. AI-driven systems can identify unusual events that may signal potential scams by profiling regular customer activity. These systems adapt to evolving fraud tactics, ensuring they remain effective against new threats.
Watching Transactions in Real-Time
Real-time transaction monitoring systems continuously assess incoming data, such as transaction values, geographic locations and user behaviors, against predefined rules. If suspicious activity is detected, alerts are triggered before funds are transferred, allowing institutions to intervene promptly. This approach helps reduce the risk of fraudulent transactions being completed.
Fraud Prevention Tools Built for Today’s Threats
Modern fraud prevention platforms offer comprehensive solutions tailored to APP fraud. These systems detect document fraud and integrate identity profiling to uncover fraudulent actors. By enhancing operational efficiency, these tools ensure robust security measures are in place.
Layered Defenses That Build Trust
The integration of multi-layered security measures further strengthens app fraud detection strategies. Technologies that combine historical data analysis with customized business rules can flag suspicious transactions and prevent account takeovers. Additionally, features like account verification services help ensure that payments are directed to the intended recipient, reducing the risk of misdirected funds.
In short, by embracing modern technology and staying alert to new threats, financial institutions can significantly improve their app fraud detection efforts and earn greater trust from their customers.
Frequently Asked Questions
APP fraud happens when fraudsters deceive victims into authorizing payments, making recovery difficult. PSPs combat this with real-time transaction monitoring to spot unusual patterns, AI-driven risk scoring to flag high-risk transfers and behavioral analytics to detect anomalies in user activity. Multi-factor authentication (MFA) adds an extra security layer, while user education and scam warnings help prevent deception. Collaboration with banks and regulators further enhances fraud detection and prevention efforts.
To help prevent APP fraud, two key changes are coming next year: a new industry code to guide safe practices and support reimbursement when businesses take proper precautions, and a Confirmation of Payee system that checks account names match before payments go through.
Businesses can lower the risk of APP fraud by training their teams to spot suspicious requests, using clear payment approval processes, and double-checking account details before sending money. Staying alert and having the right internal checks in place can make a big difference.
Sources:
- Infosecurity Magazine: Authorized Push Payment Fraud Cases Surge 12% Annually
- ACI Worldwide: Scamscope fraud report
