Skip to main content

Push Payment Fraud

But how can you protect against email hacking and authorised push payment fraud?

Authorised push payment fraud is where fraudsters manipulate an individual into sending a payment, under false pretences, to a bank account controlled by them. These fraudsters may hack into email accounts to convincingly deceive their victims into sending payments.

As the payment is authorised in real-time – it is irrevocable by the individual or their bank – meaning that there is no financial recovery for those affected.

Individuals making a payment to bank details received via email must remain vigilant in order to protect themselves against this type of fraud.

Three top-tips for push payment fraud protection

  • If you receive bank details by email – for a first-time purchase to new or amended details – verify these with the sender using another means of communication (such as a verified number for a call).
  • Send a low-value test payment – perhaps of £0.01 – to ensure the bank details you have are correct.
  • Check for anomalies on the email address that sent the details – in any event, check for different characters being used in a changed address.

Although this type of fraud is by no means new – it is certainly on the rise. Recently, the Payment Systems Regulator (PSR) drafted a new code in order to assure greater support and protection for those who fall victim to push payment fraud. Until this code is implemented by banks, however, individuals must treat vigilance as their primary protection.