Authorised push payment fraud (APP fraud) is a form of fraud in which victims are manipulated into making real-time payments to fraudsters, typically by social engineering attacks involving impersonation.[1] [2] These authorised frauds can also be related to investment scams, where the victim is tricked into sending money for investments that do not exist, and to romance scams, where the fraudster tricks the victim into thinking they are in a relationship.
Until 2019 in the United Kingdom, because the victims of these frauds authorised the payments, albeit mistakenly, they were typically not fully reimbursed by their banks.[3] From May 2019 some victims will receive a refund under the Contingent Reimbursement Model Scheme,[4] a voluntary scheme overseen by the Payment Systems Regulator that provides protections for customers of signatory firms[5] subject to a number of exclusions.