That call from your bank to say your account has been defrauded has the power to make your stomach drop like nothing else.
Fraudsters are getting more and more sophisticated, and one of the newer forms of deception is authorised push payment fraud.
Banks are currently deliberating on how to handle the aftermath of this, and how much compensation customers can claim.
What is push payment fraud?
Essentially, this is when scammers convince a customer to transfer money to them via an instant payment.
Due to the fact it’s an instant payment, the money is already gone before the victim is able to reclaim it (as may happen with older forms of payments).
The requests for the money may come over the phone or by email, and are often sophisticated and socially engineered.
They may find out you’re having work done on your house and send an invoice that matches that of your construction company.
Or, they may call saying they’re your bank’s fraud team, ironically scamming you using the information you give them.
The real kicker for victims of this is that, since you technically gave the information willingly, it’s difficult to get compensation.
Currently only about a fifth of the money lost to push payment fraud is refunded to customers, but talks are underway to change this.
As part of a draft voluntary code of conduct for banks, it would become the standard that customers were refunded as long as they’d taken ‘reasonable steps’ to check they were paying the correct person.
There will be eight reasons banks can decide not to reimburse customers:
- If they refuse to listen to warnings from their bank
- If they ‘recklessly share’ their security credentials
- If they don’t take steps to make sure they person they paid was correct
- If they lie to the bank
- If they are ‘grossly negligent’
- If they fail to heed a confirmation of payee result (which is a future scheme whereby customers will be notified of the name of the payee rather than just the account number and sort code)
It’s likely that these changes may be approved by early next year, although there’s no set date on which banks will sign up when.
In the meantime, never give your details to anyone who calls or emails you.
If it looks like it’s from somewhere or someone you might know, hang up and call the authorised bank number on your card or staements or find their official email online and contact them.
Never believe your own caller ID or email service – often scammers can clone details to use.
It’s scary, but it’s worth being cautious.