Money transfer fraud cost victims £236 million last year – with each losing out almost £3,000, new figures show.
So-called authorised push payment scams operate where victims believe they are transferring money to a legitimate professional, such as solicitor or builder.
In actual fact, fraudsters may have intercepted mail or hacked emails, then pose as the business to ask for payment before disappearing with the money.
UK Finance has reported for the first time on the scale of the problem, revealing there were 43,875 reported cases last year.
Nearly nine in 10 (88%) of these were ordinary individual consumers, who lost an average of £2,784. The remainder were businesses, which lost on average of £24,355 per incident.
Financial providers were able to return just £60.8 million (26%) of the authorised push payment scam losses in 2017.
In an authorised push payment scam, the account holder themselves authorises the payment to be made to another account – not realising they have been conned.
If a customer authorises the payment themselves, current legislation means that they have no legal protection to cover them for losses – which is different for an unauthorised transaction.
Katy Worobec, managing director of economic crime at UK Finance, said: “Fraud is an issue that affects the whole of society, and one which everyone must come together to tackle. The finance industry is committed to playing its part.”
She said the banking industry was investing in advanced security systems to protect customers, introducing new standards on how banks respond to scam victims, and working with the Joint Fraud Taskforce to deter and disrupt criminals and better trace, freeze and return stolen funds.
To help everyone stay safe from fraud and scams, Take Five to Stop Fraud urges customers to follow the advice:
A genuine bank or organisation will never contact you out of the blue to ask for your PIN, full password or to move money to another account.
Only give out your personal or financial details to use a service that you have given your consent to, that you trust and that you are expecting to be contacted by.
Don’t be tricked into giving a fraudster access to your personal or financial details. Never automatically click on a link in an unexpected email or text.
Always question uninvited approaches in case it’s a scam. Instead, contact the company directly using a known email or phone number.
Tony Blake, senior fraud prevention officer at the Dedicated Card and Payment Crime Unit, said: “With criminals using social engineering to target people and businesses directly, it’s vital that everyone follows the advice of the Take Five campaign.
“Always stop and think if you are ever asked for your personal or financial details. Remember, no bank or genuine organisation will ever contact you out of the blue and ask you to transfer money to another account.”
The unauthorised fraud data on payment cards, remote banking and cheques for 2017 shows that combined total losses fell by 5% to £731.8 million, with card fraud down 8% to £566m.
Losses due to unauthorised remote banking fraud totalled £156.1 million, a 14% rise on 2016. Cheque fraud losses fell 28% in 2017 to £9.8 million – the lowest annual total on record.