The move to make a cardholder’s name as important as their sort code and account number may be delayed by up to 18 months, according to UK finance.
The move to make a cardholder’s name as important as their sort code and account number may be delayed by up to 18 months, according to UK finance.
The new ‘Confirmation of Payee’ system is being introduced to help crack down on fraud – currently, anyone making a payment can add the recipient’s name but this information is not verified by the bank. It will mean that anyone making a payment will be notified if the name of the person they are transferring to does not match the account.
Official bodies have been prompted to make these changes by a scam known as authorised push payment (APP), where people are tricked into sending money to another account.
A high profile APP case hit the headlines in June 2018 when Angelene Bungay, of Shrewsbury, was conned into paying £13,000 to someone posing as the builder carrying out her loft conversion. Due to the nature of the transaction she was not refunded by her bank; banks may refund up to a fifth of the money that goes missing, but many will point to legislation that states the customer is liable if they authorise the payment without carrying out thorough checks.
When the Confirmation of Payee system is in place, the intention is that victims will be reimbursed when neither the bank or the victim are to blame for the fraud. This marks a huge shift in attitudes towards the victims of such crimes; more often than not, people who fall prey to scams of this nature are left with no one to turn to.
Preventing an APP scam
Ms. Bungay was scammed when a fraudster hacked into her email account posing as her builder; she received a fake invoice and paid it without questioning whether the details were correct. Easily done – but not so easily rectified. Until the Confirmation of Payee system is in place, here’s some top tips on protecting yourself…
1. Check if your email address has ever been leaked
Fraudsters lurking on the dark web have access to millions of stolen credentials including email addresses and passwords. Once they have hacked into someone’s inbox they’re able to read through any correspondence and in a situation like Ms. Bungay’s, they might get lucky. Scan your email address using our free dark web scanning tool – 60% of people who run a scan discover their information has been leaked.
If you find out your information has been leaked, do everything you can to protect that account – change the password to something unique (a password you have never used on another site), a minimum of 12 characters long, include upper and lower case characters, numbers and special characters. Try to avoid using your name, or simple words and phrases. If your email provider offers it, you should also enable 2-factor authentication (also known as 2-step verification).
2. If you receive an invoice by email, call the payee to confirm the details
Although it may not feel natural to double check a payment when an invoice and email looks legitimate, remember that it’s easy to fake an email and document. It’s even more important when the sum of money is life changing. If Ms. Bungay had called her builder to double check his account details, she would have been alerted to the scam.
3. If someone is pressuring you to make a payment quickly, alarm bells should ring
It goes without saying that if a contractor is due to start working on your home, they’ll more than likely be happy to wait until you’re ready to make payment – and many will have payment terms. Getting a call or email demanding urgent or instant payment is out of character for an exchange of services.
If you’d like to protect yourself online and continuously monitor your email addresses against potential breaches, sign up to a DynaRisk plan today.