Authorised push payment scams cost the UK over £236 million in 2017
September 27, 2018
Authorised push payment scams carried out by cyber criminals helped them steal £236 million from UK consumers in 2017 and another £145 million in the first six months of 2018, industry group UK Finance has revealed.
The UK stopped £1.4 billion worth unauthorised fraud last year
Research carried out by UK Finance revealed that the UK saw as many as 43,875 cases of authorised push payment scams last year that impacted a total of 42,837 UK consumers. Such scams involve scammers tricking consumers into authorising payments to them and since consumers authorise such fund transfers themselves, they often struggle to recover the amount from their banks.
Aside from authorised push payment scams, UK Finance also released figures that described the rise or fall in other types of financial scams such as remote purchase (card-not-present) fraud, counterfeit card fraud, lost and stolen card fraud, card ID theft, retainer face-to-face card fraud, phone banking fraud and online banking fraud.
Considering the threat posed to citizens as well as to the nation's economic health by financial fraud and scams, the financial services sector in the UK has invested millions of pounds over the years to detect and prevent such scams and succeeded in stopping over £1.4 billion worth unauthorised fraud last year.
"To help protect customers, we have developed initiatives such as the Banking Protocol – a ground-breaking rapid response scheme through which branch staff can alert police and Trading Standards to suspected frauds taking place. In 2017, while the Protocol was being rolled out to police forces across the country, it prevented £13.3 million of fraud and led to 129 arrests," said Katy Worobec, Managing Director for Economic Crime at UK Finance.
Rise of authorised push payment scams
Despite such success, losses due to unauthorised fraud still totalled almost £732 million last year and combined with £236 million lost to authorised push payment scams, total losses incurred by UK citizens and businesses almost touched £1 billion last year.
According to figures released by the industry body, while payment card fraud accounted for 58 percent of all financial fraud losses last year, authorised push payment fraud accounted for 24 percent, and remote banking fraud accounted for 16 percent of all financial fraud losses.
Financial scams and fraud that incolved UK-issued cards resulted in losses of £566 million in 2017 which was similar to the amount lost in 2015 but significantly lesser than £618 million lost by citizens and businesses in 2016. Out of the £566 million lost in 2017, £407 million was lost to fraudulent operations within the country and £158 million was lost to fraudsters operating abroad.
According to Worobec, since financial fraud affects the whole of society, people from the public and the private sector must work together to stamp out fraud and to help people to confidently challenge the activities of cyber criminals.
"It is important to empower the customer by putting control over their account in their hands. This means they should be aware of any activity on their account and that they are in control of the authorisation and rejection of requests. While this level of agency and autonomy is important, banks still have a responsibility to enable their customers by providing them with the ability to monitor their finances in this way, and they should do everything they can to ensure that the system they have in place is secure," said Frans Labuschagne, Country Manager for UK & Ireland at Entersekt.
"To protect themselves against fraud, customers should watch out for unsolicited SMSes or emails that requires them to click a link and/ or provide sensitive information, or to directly reply with sensitive information such as usernames, passwords, or password reset codes. They should also ensure that their mobile device software is up to date to ensure the latest security updates are applied, which address OS exploits and vulnerabilities that malicious apps rely on to extract information," he added.
Jay Jay is a freelance technology writer for teiss. He has previously written news articles, device reviews and features for Mobile Choice UK website and magazine, as well as writing extensively for SC Magazine UK, Tech Radar, Indian Express, and Android Headlines.
Marcus Fowler, Director of Strategic Threat, Darktrace, discusses how hackers are recycling nation state tools to evolve their attack methods and what businesses should be doing to prevent falling victim to …