Bank transfer scams rise by 40% - tips for how to stay safe

27 September 2019

Victims of push payment fraud lost £207.5 million in the first six months of the year


Bank transfer scams have risen 40% in the past year, with millions of pounds being stolen each day, new figures reveal.

Scammers stole £616 million from UK bank customers in the first half of 2019, according to UK Finance.

Of this, a total of £207.5 million was lost due to authorised push payment (APP) scams, where people are duped into authorising a payment into another account.

This was 40% up on the £148.2 million from a year ago, although UK Finance says the figures are not directly comparable as more banks now share their data on scams.

There were 57,549 cases of APP fraud, a rise of 69% on the previous year.

Financial providers were able to return a total of £39.3 million of the losses to victims, split between personal (£25.6 million) and business (£13.6 million) accounts.

The figures show that investment scams accounted for the largest proportion of losses among personal customers, with £41 million lost to this type of fraud, or over £12,200 per case.

Purchase scams remain the most prevalent form of APP fraud, accounting for 65% of all cases targeting personal customers.

In these scams the victim pays in advance for a product or service, such as a car, electronics or a holiday rental, which is never received or does not exist. This type of fraud often takes place online through auction websites or social media.

Data breaches

UK Finance blames the rise in fraud on data breaches and digital skimming attacks, which are being used to steal card data when consumers are shopping online.

Criminals are also using social engineering techniques to trick customers into divulging their personal information or transferring money.

Katy Worobec, managing director of economic crime at UK Finance, says: “Not only does fraud have a devastating impact on victims, the money stolen goes on to line the pockets of organised criminal gangs involved in drugs, arms and human trafficking.

“The finance industry is constantly investing in advanced security systems to protect customers from this threat, while helping law enforcement to apprehend and disrupt the criminals responsible.”

“Criminals are continuing to exploit vulnerabilities outside the financial sector to obtain customers’ data that is then used to commit fraud.

“We all have a responsibility to work together, including online retailers and social media companies, to beat the fraudsters and keep customers’ data secure.”

New code

In most cases, victims of unauthorised fraud receive a full refund, however, those who have lost money due to an authorised push scam do not receive the same protection.

A new industry voluntary code offering consumers protection against authorised push payment fraud was introduced on 28 May.

Customers of banks that have signed up to the code will be reimbursed for their losses provided they have taken reasonable care.

So far, only eight banks have signed up to the code, including Barclays, HSBC, Lloyds Banking Group, Metro Bank, Nationwide, Royal Bank of Scotland, NatWest and Santander.

Chris Hemsley, managing director of the Payments Systems Regulator, says: "We know push payment scams can have a devastating impact on the people who fall victim.

That’s why the new industry code, which came into force at the end of May this year, is so important in giving people protections they’ve never had before.

"Today’s report demonstrates why the industry needs to continue driving forward other initiatives to stop frauds from happening in the first place.”

To stay safe, customers are urged to follow the advice of the Take Five to Stop Fraud campaign:

  • A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account. Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by.

  • Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text.

  • Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.


Phone number may not be genuine

Please also be aware that a call from a seemingly genuine phone number may be a scam. The number I was called from recently was one my phone recognised as being from my bank so I thought it was genuine. However, I quickly realised that the call was in fact a scam when they started asking for personal information and I ended the call. I then called my bank on a number I trusted and they confirmed the call was a scam. Somehow they were routing the call via skype so that it looked like it was genuine.

Add new comment