APP fraud – or Authorised Push Payment (APP) fraud - is a type of scam where fraudsters trick individuals or businesses into sending them money under false pretences. Discover all you need to know about APP Fraud, and how you can take preventative measures to safeguard against it. What is APP fraud, what is its impact, and how can organisations take preventative measures to safeguard their business and customers?
With e-commerce an ever-growing sector, cybercriminals have increasingly turned their attention to retail sites and online banks, targeting both brands and end customers to make a profit.
Fraud has become a significant threat – and as more organisations and consumers switch to online banking and shopping, APP fraud has now become a commonly used tactic by fraudsters. In light of this growth, APP fraud should be high on organisations’ list of priorities.
What is APP Fraud?
APP fraud occurs when an individual is tricked into sending money to a fraudster posing as a genuine payee. The fraudsters pretend to be trusted contacts or organisations, using sophisticated tactics to gain the victim’s trust, often resulting in devastating fraud attacks. Common methods include phishing emails, fake invoices and social engineering. Worryingly, as scammers’ techniques become more sophisticated, thousands of individuals and businesses fall victim to APP scams every year.
The Impact of APP Fraud
Like all forms of fraud, APP fraud can have devastating impacts on organisations and individuals. Figures show that €4.3bn in 2022 and €2.0bn in the first half of 2023 was lost through unauthorised payment fraud across the European Economic Areas (EEA). Aside from financial losses, companies can also experience reputational damage and loss of customer trust due to poor cybersecurity management. For individuals, the emotional toll of lost funds can understandably be incredibly challenging.
New protections for Victims of APP Fraud
Countries across the globe are recognising the consequences of fraud, particularly APP fraud, and are beginning to implement new regulations to prevent fraudsters from targeting victims in this way. Once such example was seen in the UK when new protections for victims of APP fraud came into effect in October 2024. Under the new regulations, mandates require Payment Service Providers (PSP) to reimburse victims of APP fraud for losses of up to £85,000 within seven days of reporting the fraud. Needless to say, it’s in banks’ best interest to prevent such cases happening in the first place.
How Organisations Can Prevent APP Fraud
There are several proactive measures that organisations can take to prevent APP fraud from occurring in the first instance. They include:
- Employee Training: Regularly train employees to recognise the signs of APP fraud in business settings, and generally better their cyber hygiene. This awareness can significantly reduce the risk of fraudsters executing their schemes within organisations.
- Customer Education: Educating customers about common fraud tactics is crucial in the fight against APP fraud. Organisations must encourage users to be vigilant by verifying payments – especially those that seem unusual or urgent. Customers should also feel empowered to flag suspicious activities that occur.
- Security Protocols: Establish robust security procedures for authorising payments. By implementing multi-factor authentication and verification steps, they can effectively disrupt fraud attempts.
- Automate detection: Implementing fraud detection, machine learning, and monitoring tools can automate the identification, flagging, and mitigation of suspicious transactions, especially as the scale of fraud attempts increases.
- Introduce biometric authentication: Enhance digital banking security with biometric authentication like fingerprint and facial recognition, preventing unauthorised access.
The Final Word
APP fraud is a serious threat. It’s up to organisations to equip themselves with the right knowledge and tools to protect themselves. Understanding how APP fraud works, educating employees and end customers to be fraud aware and establishing robust security measures can help organisations safeguard themselves from the impacts of an APP fraud attack.
