Fraudsters exploit sophisticated social engineering techniques to convince their victims to voluntarily make payments or transfers to accounts controlled by criminals.

Alarming statistics

Data shows a worrying increase in APP fraud losses. In 2022, losses in the UK reached ยฃ583.2 million, affecting thousands of victims. In the USA, the Federal Trade Commission (FTC ) has reported a significant increase in bank transfer fraud cases, with losses exceeding $1 billion in 2022 . These figures underline the scale of the problem and the need for preventive measures.

APP fraud mechanisms

Fraudsters use a variety of methods to deceive their victims. Here's an overview of some of the techniques commonly used:

Social engineering: scammers use phone calls, e-mails, SMS messages and messages on social networks to contact their victims. They pose as legitimate entities such as banks, suppliers, real estate agents, or even friends and family members.

Creating urgency: fraudsters create a sense of urgency or panic to induce the victim to act quickly, without verifying the legitimacy of the request. For example, they may claim that the victim needs to pay an overdue bill or secure a threatened bank account.

Payment authorization: convinced of the legitimacy of the request, the victim authorizes a payment or bank transfer. As the payment is initiated and authorized by the victim himself, it becomes more difficult for banks to recognize and stop the fraudulent transaction in real time.

Complexity of traceability: funds are transferred to accounts controlled by the fraudsters, often in jurisdictions where it is difficult to recover the funds. Criminals can then quickly withdraw the money or transfer it again, further complicating traceability.

Common types of APP fraud

Invoice fraud: fraudsters pose as a legitimate supplier or creditor and send a modified invoice to the victim with fraudulent bank details. For example, a company might receive an invoice from what appears to be a regular supplier, but with bank details altered to direct the funds to an account controlled by the scammers.

Romance fraud: fraudsters develop an online relationship with the victim, gain their trust, then ask for money for a fictitious emergency. For example, a victim may believe they are helping an online partner who claims to urgently need money for a medical operation.

Purchase fraud: scammers pretend to sell goods or services, and ask for payment in advance, but never deliver the product or service. For example, a buyer may be persuaded to buy a used car online, send payment, and never receive the car.

Investment fraud: fraudsters persuade the victim to invest in a fraudulent opportunity, often promising high and rapid returns. For example, a victim could be tricked into investing in a phantom company with the promise of large profits, only to lose all their money.

Recent examples

United Kingdom: a company falls victim to invoice fraud

In 2023, a British company fell victim to invoice fraud, losing over ยฃ200,000 after receiving a falsified invoice from a supposed supplier . The fraudsters had hacked into the supplier's email systems and altered the invoice details to redirect payments to their own account.

France: real estate fraud

In France, a number of individuals have been duped by fraudsters posing as estate agents into transferring deposits for non-existent properties. The victims thought they were buying houses or apartments, but discovered too late that the properties didn't exist and the money had disappeared.

Preventive measures

Verification: always check the authenticity of any payment request by directly contacting the entity concerned via official, known communication channels. For example, if a company receives a suspicious invoice, it should contact the supplier using a known and verified telephone number and/or email address.

Awareness: be aware of the different fraud techniques and make friends, family and colleagues aware of them. Companies can organize training courses for their employees to inform them of the risks and methods of APP fraud.

Double-checking: for large transactions, adopt a policy of double-checking bank details and payment authorizations. For example, before making a large transfer, an employee may need to obtain verbal or written confirmation from a line manager.

Use of secure services: use secure online banking services and set up security alerts for suspicious transactions. Companies can also invest in security software to protect their IT systems against phishing attacks.

Push payment fraud is a serious threat that requires heightened vigilance and rigorous preventive measures. By understanding the mechanisms of this fraud and taking appropriate precautions, individuals and businesses can reduce the risk of becoming victims. Staying informed and raising awareness are essential to strengthening financial security for all. Statistics and recent examples clearly show that no one is immune, but taking preventive measures can make a big difference.

app Banque de France crisis company fraud payment push