"AJSH & Co LLP"    is now    "Mercurius & Associates LLP" "AJSH & Co LLP"    is now    "Mercurius & Associates LLP" "AJSH & Co LLP"    is now    "Mercurius & Associates LLP"

Authorized push payment fraud

payment 1

Authorized push payment fraud (or usually abbreviated as an APP Fraud) can be defined as a fraud in which victims are exploited in such a manner that they enter into making real-time payments to persons acting as shams. This kind of fraud is usually carried out in various ways which may include: social engineering attacks involving impersonation acts.

This kind of fraud came into light through a very recent incident that happened in the United Kingdom where fraud victims had authorized the payments fallaciously even after knowing the fact that such payments are not going to be reimbursed by their respective financial institutions. Since the payment transactions in such kind of frauds are made on a real-time basis, the fraudsters can easily take advantage of victims and run away with their money by such kind of dishonest conduct.

This fraud can be categorized into three main categories which include:

  • Attack on individuals

APP is carried out on comparatively large masses mainly with the help of social engineering techniques. Social engineering typically means an act mainly used by cyber crooks and fraudsters to carry out their various hoax activities or fraudulent undertakings. Fraudsters also attack people through hacking into emails that are mainly set up to take advantage of victims.

They generally attack individuals by asking them to make the payment of an invoice that might seem them in favor of a genuine party but ultimately turn out to be a payment into fraudster’s bank account. They also often ask individuals to make payment in respect of some work performed or service availed. For instance, they pretend to be the legitimate contractor of some tradesperson and ask the customers to make payment in lieu of services performed by that tradesperson.

  • Targeting the transactions chiefly associated with some kind of property

In this case, fraudsters generally try to intercept the email chain between all the relevant trading parties who are involved in the sale or purchase of real estate or property. The trading parties may include sellers, buyers, solicitors, and real estate agents. After they are successful enough to intercept the communication process, they change the information pertaining to funds transfer and thus ultimately divert the funds into their bank accounts.

  • Diverting the payments made to suppliers

The process of diverting the payments of suppliers is also one way through which fraudsters are likely to commit fraud like APP. This process is very much similar to attacks on individuals, but the victims, in this case, are business firms.

In this, fraudsters generally use a combination of two or more techniques such as social engineering, email hack as well as interception and in this way, they are more likely to penetrate business networks and convince business firms to change the details associated with bank account and thus ultimately are able to replace the bank account number of the legitimate suppliers with their own.

Fraud protection and compliance
There are certain ways through which a business firm may prevent itself from frauds like APP. The process of conducting internal audit and forensic audit can prove to be quantum leap in this regard.

As far as fraud detection is concerned, employees are always considered business firm’s front line. If a business firm properly provides training to its employees, then the chances of fraud may be minimized and thus it will further help in mitigating financial losses.  There are certain studies and researches that have been carried out over the years which have indicated the fact that a company conducting internal audit helps a firm to be aware of the impending frauds including cyber frauds like APP.

Further, forensic audit helps in providing useful insights when it comes to dealing with frauds like APP. Forensic audit provides exhaustive overview to identify all the vulnerabilities a business may possess. The forensic specialist team at the end of the day often provides a recommendation list so as to business firm may work on those recommendations and finally may come with ways to ferret out fraudsters in least possible time.

At AJSH & Co, we do provide certain services to our clients in which we come up with various ways to help them in matters of internal and forensic audit. To know more about our services and offerings, you can write to us info@ajsh.in or you can visit our website: click here.


Ready to assist with any of your queries or concerns


Ready to assist with your Queries