How to Identify Push Payment FraudSpotting the Wolf in Sheep’s Clothing
How to Identify Push Payment Fraud: Tips to Spot Red Flags
Thanks to AI voice cloning, email spoofing, and other insidious contemporary tactics, it’s become harder than ever to identify push payment scammers.
But, no matter how sophisticated the technology becomes, fraudsters almost always tip their hand. From extreme urgency and mimicry that seems a little off to purported employers fishing for bogus application fees, push payment fraud trends to follow unnatural patterns or employ subtle psychological “tells.”
In this chapter, I’ll reveal some common red flags so that you can spot push payment fraudsters before they strike.
Push Payment Fraud
How does push payment fraud work and what can merchants do to identify and protect it? In this guide, we’ll share some tips and tricks to help you stay safe.
Red Flags to Watch For
To identify push payment fraud, you’ll need to shift your mindset a little. Remember: you aren’t looking for traditional warning signs of fraud associated with brute-force attacks and card testing events. Rather, you’re looking for psychological red flags.
When it comes to APP fraud, bad actors attempt to create emotional states like panic, excitement, or subservience, that override your logical mind. Both consumers and merchants alike need to watch out for the following red flags:
Artificial Urgency & Pressure
Fraudsters use language like “act now” or “account frozen” or “immediate expiration” to induce panic. Legitimate entities understand that financial processes take time and will rarely threaten immediate consequences for a delay of a few hours.
Requests for Secrecy
Any request that isolates you, such as instructions to “keep this confidential” or “don’t discuss this with your bank,” should be a major red flag. Scammers know that if you mention the transaction to a third party, it’ll blow their cover.
Unusual Payment Methods
Be skeptical if a vendor or entity suddenly insists on a specific and rarely-used payment method, like a crypto transaction or an Apple gift card, instead of a credit card payment. This is often done to bypass the more robust chargeback protections associated with card payments.
Demand for Specific Platforms
If a seller refuses standard payment options and insists you must use Zelle, Venmo, or Cash App for a commercial transaction, then walk away. These platforms offer little to no recourse once the money is pushed.
Unexpected Contact
Legitimate organizations rarely call or text you out of the blue to demand money or sensitive information. If the contact is unsolicited, even if the number looks real, treat it as hostile until proven otherwise, or hang up and dial in yourself.
“Too Good to Be True” Encounters
Whether it is an investment offering guaranteed double-digit returns or a supplier offering inventory at 50% below market rate, extreme value is usually a trap. High rewards with “zero risk” simply do not exist in the world of finance.
Business-Specific APP Fraud Red Flags
Merchants are high-value targets. Fraudsters know that businesses move large sums daily. Retailers, in particular, should be on high alert. Look out for:
Last-Minute Bank Detail Changes
Be instantly suspicious of any request to change payment routing information, especially if it arrives right before a payment deadline. It could be a case of invoice redirection fraud.
Changes Communicated Only by Email
A request to update banking details that comes only via email — without a supporting text or portal notification — should raise immediate red flags. When in doubt, Google your bank’s number and call them directly to verify.
Unusual Payment Instructions
If a long-standing vendor suddenly asks you to pay a different entity, or sends an invoice that looks slightly different from their standard template, then hit pause. Deviations from established processes could be evidence of a spoofed identity.
Urgent Executive Requests
Fraudsters often pose as CEOs or CFOs emailing subordinates to request a “secret” or “urgent” wire transfer for a confidential deal. If the request bypasses normal approval channels because “the boss said so,” it’s probably a scam.
Generic Email Greetings
Sophisticated spear-phishing attacks are getting more convincing by the day, but many scammers still use generic openers like “Dear Valued Customer” or “Dear Accounts Payable Team.” A legitimate vendor who knows you will typically address you by name.
Mismatched Email Domains
Scammers will register domains that are visually similar to real ones. For example, by substituting the number “1” for the letter “I.” As a best practice, hover over the sender’s address to ensure it matches the vendor's known domain exactly.
Requests Bypassing Normal Approval
Any instruction that encourages you to skip a signature request from your controller or CFO, or ignore standard procurement policies to speed things up, is a red flag. Internal controls exist to introduce deliberate friction in order to stop fraud; anyone asking you to ignore them should be deemed an attacker.
Consumer-Specific APP Fraud Red Flags
When fraudsters target individuals, they exploit personal fears and relationships. Be aware of the following suspicious scenarios:
Bank- or Government-Initiated Contact
The IRS, Social Security Administration, and your bank will almost never call you to demand an immediate payment. If someone calls claiming to be from these agencies and demands money to avoid arrest or penalties, then hang up, look up the organization’s official hotline, and call in yourself.
Requests for Immediate Push Payments
Real utility companies and service providers allow time to pay bills and offer multiple channels to do so. A demand for immediate payment via a specific push app to avoid service disconnection is likely a scam.
Inability to Verify Through Official Channels
If the caller discourages you from hanging up and calling the number on the back of your debit card or the official website, they’re lying. A legitimate representative will always encourage you to verify their identity.
Love Interest Needs Money
If someone you met online and have never seen in person suddenly claims they have a medical emergency or a travel crisis requiring cash, it’s almost always a scam. This is a heartbreaking but statistically common tactic; scammers prey on peoples’ loneliness to drain victims’ savings.
Cryptocurrency Investment Guarantees
Any “investment manager” contacting you on social media promising guaranteed returns is a fraudster. Returns can never be guaranteed, and legitimate brokers do not solicit via direct messages.
Employment Opportunity Requires Upfront Payment
Legitimate employers pay you; you don’t pay them. Any job offer that requires you to pay for startup equipment or training materials — especially via P2P apps before starting — is a fake listing.
Verifying Push Payment Fraud
If you’ve ever participated in a fire drill, you probably recall the phrase “Stop, Drop, and Roll.” When it comes to APP fraud, you can apply an analogous “Stop, Look, and Call” verification test if you spot any of the red flags above.
- 1. First, stop the transaction immediately — urgency is your enemy here.
- 2. Afterwards, look at the details. Scrutinize the email address, the invoice format, and the request logic.
- 3. Finally, call the supposed requestor. Do not use the phone number provided in the suspicious message. Look up the official number from your internal records or their public website and speak to a human you know. If the request is real, they will appreciate your caution; if they get angry, you just dodged a bullet.
Remember that “Stop, Look, and Call” framework. It’ll be your best line of defense against suspected push payment fraud.
Regulatory & Industry Responses to Push Payment Fraud
Push payment scams are growing in frequency, sophistication, and magnitude. In response, both governmental bodies and the financial services industry are devising ways to address the challenge.
In the UK, for instance, consumers and businesses were faster to adopt push payments. In response, the British government adopted the Contingent Reimbursement Model, or CRM.
The CRM is essentially a reserve of cash that signatories to the Code agree to fund. The reserve can then be used to reimburse victims of APP fraud attacks.
More recent regulatory efforts, like the APP scams reimbursement requirement imposed by the UK’s Payment Systems Regulator (PSR), aims to make victims whole through other means. Effective October 7, 2024, UK payment service providers are required to reimburse APP fraud victims up to £85,000 per instance.
While this requirement goes a long way in insulating consumers from potentially devastating financial consequences, it remains a reactive solution that fails to address the root cause of the problem: the fraud itself.
For this reason, the banking industry must also educate the public about APP scams and invest in robust tools and strategies for fraud detection and prevention. Always-on machine learning-based anomaly detection and fraud scoring systems, for instance, can help banks monitor 100% of their transactions. Suspicious payments can then be forwarded to fraud analysts for manual review or met with multi-factor authentication (MFA) challenges.
Ultimately, a multi-layered, collaborative approach that combines regulatory safeguards with proactive industry-led prevention is the best way governments and banks can work together to stay one step ahead of APP fraudsters.
