RESPONDING TO PUSH PAYMENT FRAUDS: A PRACTICAL GUIDE

An authorised push payment (APP) fraud occurs where a fraudster deceives a victim into instructing their bank to transfer money from their own bank account to the fraudster’s bank account. In contrast, pull payment frauds occur where the fraudster instructs the bank, perhaps by using a victim’s stolen details, to transfer money from the victim’s account.

A typical scenario is where a fraudster learns about a payment that a company is due to make under a contract to a seller. The fraudster will either hack into the seller’s email account or may create a similar email address to the same with a view to masquerading as the seller. The fraudster may then send the victim an invoice that has the appearance of coming from the seller, but which, in fact, contains the fraudster’s own bank account details.

Alternatively, the fraudster may simply email the victim ostensibly to inform them of a change in bank account details. Communications will typically stress that the payment needs to be made urgently, thus increasing the pressure on the victim to make the payment, perhaps without applying their usual procedures.

In such circumstances, the first step for the victim on discovering the fraud is to notify their bank on an urgent basis. If notified early enough, the bank may be able to stop the payment.

Jul-Sep 2022 issue

Mills & Reeve LLP

Join our free mailing list to read the full article