APP Fraud


BCB Group champions the fight against APP Fraud

BCB Group operates on ‘compliance first’ principles. We take a zero tolerance approach to any criminal activity conducted across our platform and pride ourselves on the strength of our compliance, security and fraud prevention teams, processes and technology.

Whilst BCB Group only offers payments accounts to businesses and does not support individual retail consumers our focus has always been supporting the evolution of a safe secure digital assets ecosystem for both our clients and in turn just as critically, their customers (who may include retail consumers). We continually strive to use our unique position as the premier payments service provider to the crypto industry to champion initiatives focused on the establishment of the highest levels of protection for all those seeking to use crypto as a means of payment or investment.

With the regretful increase in Authorised Push Payment (APP) fraud within the banking and payments industry and the particular vulnerabilities of retail consumers active in the digital asset sector we have never been more committed to creating a safe level playing field for our clients and their customers. We work closely within and across our industry, with our banking partners, regulators, law enforcement agencies and legal advisors to ensure our products and services and the products and services of our clients are resilient to fraudsters.

What is APP Fraud?

Authorised Push Payment (APP) fraud is a sophisticated type of financial crime that capitalises on deception and manipulation. It occurs when fraudsters deceive individuals or businesses into voluntarily transferring money to accounts controlled by the criminals or manipulate them to share personal details under false pretences. Unlike traditional fraud, which typically involves unauthorised transactions, APP fraud relies on manipulating the victim into authorising the transfer themselves. This makes APP fraud particularly challenging to address because the transaction is initially perceived as legitimate by banks and financial institutions.

APP fraud is currently the most common type of financial scam in the UK.

How APP Fraud Works?

The process often begins with the fraudster gaining the victim’s trust or by creating a scenario of urgency that prompts an immediate financial action. The deceptive methods used can vary widely, but they commonly include social engineering tactics, phishing emails, spoofed phone calls, or fake invoices.

Key Typologies of APP Fraud?

  • CEO or Executive Impersonation:
    • Description: Fraudsters impersonate a senior company executive or the CEO to instruct finance or accounting staff to make urgent transfers, often for a purported confidential deal.
    • Example: An employee receives an email, seemingly from the CEO, requesting an immediate transfer to finalise a secret acquisition. The email address looks correct, but it is actually a spoofed version that differs by only one or two characters.
  • Professional Body (HMRC/Bank/ Financial Services Firms) Impersonation:
    • Description: Fraudsters impersonate representatives from professional body to deceive individuals into providing sensitive financial information or making fraudulent transactions.
    • Example: A customer receives a phone call from someone claiming to be from their bank’s fraud department, informing them of suspicious activity on their account and requesting their online banking credentials to “verify” their identity and secure their funds.
  • Romance Scams:
    • Description: Fraudsters use online dating sites or social media platforms to feign romantic intentions, build a relationship with the victim, and eventually request money for emergencies, medical issues, or travel.
    • Example: After months of building a seemingly genuine relationship, the fraudster claims to be in a difficult financial situation due to a sudden illness or a detained family member abroad and asks for money to help resolve the issue.
  • Investment Scams:
    • Description: Victims are lured with promises of high returns on investments in various schemes, including cryptocurrency, real estate, or stocks that are non-existent or grossly misrepresented.
    • Example: A victim receives a call or sees a social media advertisement from a seemingly reputable investment firm offering a once-in-a-lifetime opportunity to invest in a fast-growing technology company. The firm may ask the victim to download a remote desktop application (such as AnyDesk) to enable them remote access to the victim’s computer. The firm, however, is fake, and the investment money goes directly to the fraudsters.
  • Invoice and Billing Scams:
    • Description: Typically targeting businesses, fraudsters send fake invoices that appear to be from legitimate vendors or service providers. The amounts and services listed might be plausible, making it difficult to spot the fraud.
    • Example: A business receives an invoice that closely resembles those from a real contractor it frequently works with, but the bank account details have been changed to divert payments to the fraudster.
  • Advance Fee Scams:
    • Description: Involve fraudsters promising a large sum of money, a valuable item, or a lucrative opportunity in exchange for an upfront payment or fee. The scam typically targets individuals who are in financial distress or seeking quick financial gain. The fraudsters use various tactics, such as lottery or inheritance or business opportunities to lure victims into believing they will receive a significant return on their investment. However, once the victim pays the initial fee, the promised reward never materialises, and the fraudsters disappear with the money.
    • Example: An individual receives an email informing them that they have won a substantial sum of money in a foreign lottery. To claim the prize, they are instructed to pay a processing fee upfront. Excited by the prospect of winning, the victim pays the fee as requested. However, after sending the payment, they never receive the promised winnings, and the fraudsters cease all communication.

Preventive Measures

To combat APP fraud, both individuals and businesses should:

  • Verify any request for money or change in payment details directly using established communication channels.
  • Be wary of unsolicited contacts or pressure to act quickly.
  • Train employees in recognising and responding to signs of APP fraud.
  • Use technology solutions like transaction monitoring systems that can help detect unusual payment patterns.

Stop, challenge, protect

If you’re contacted out of the blue by phone, email, social media platforms or text:

  • stop – taking a moment to stop and think before parting with your money or information could keep you safe.
  • challenge – could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
  • protect – check with someone you trust, such as a friend or family member and contact the company directly.

If you think you might have been a victim of APP fraud involving a payment processed by BCB please so not hesitate to let us know at [email protected]

For further advice on fraud prevention, there are several key agencies and organisations where you can get assistance or file a complaint. Here’s a list of relevant contacts:

1. Action Fraud

  • Website:
  • Role: Action Fraud is the UK’s national reporting centre for fraud and cybercrime. If you’ve been scammed, defrauded, or experienced cybercrime in England, Wales, and Northern Ireland, you should report it to Action Fraud.

2. Financial Conduct Authority (FCA)

  • Role: The FCA can help if you’ve been scammed by a financial firm or if you suspect a firm does not have FCA authorisation. They also provide information on how to avoid investment and pension scams.

3. Citizens Advice

  • Role: Offers advice on a range of issues, including what to do if you think you’ve been scammed. They can provide guidance on how to proceed and which regulatory bodies to contact.

4. The Pensions Regulator

  • Role: Contact for issues related to pension scams. They offer specific advice and what steps to take if you suspect a pension scam.

5. Get Safe Online

  • Role: Provides practical advice on how to protect yourself from online scams and frauds, including advice on secure shopping, banking, social networking, and safeguarding children.

6. UK Finance

  • Role: UK Finance represents nearly 300 of the leading firms providing finance, banking, markets, and payments-related services in or from the UK. They provide information and updates on banking and finance scams.

Each of these agencies plays a critical role in helping victims of fraud and providing resources to prevent future occurrences. If you suspect fraud or have been a victim, reaching out to these organisations can provide you with the necessary support and information.

How to Avoid Cryptocurrency Scams: Essential Tips for Safe Investing

As the popularity of cryptocurrencies continues to rise, so does the number of scams associated with this digital asset. Protecting yourself from these scams is crucial to ensure that your investment and personal information remain secure. Below are some essential tips to help you avoid falling victim to cryptocurrency scams.

1.  Know Your Investment

Understanding what you’re investing in is fundamental. Cryptocurrencies and blockchain technology can be complex, and scammers exploit this complexity. Take the time to learn about the cryptocurrency market, the technology behind it, and the specific details of the coin or token you’re considering.

2.  Research Thoroughly

Before investing in any crypto project, do thorough research:

  • Don’t fall for fake endorsements – fraudsters may impersonate famous personalities on social media or messaging groups, to make their offer look legitimate
  • Check the credibility of the project. Look for detailed and transparent information about the project, including the development team, the technology, and the investment terms.
  • Read the whitepaper. Legitimate projects typically have a comprehensive whitepaper that outlines the project’s purpose, technology, and a roadmap for the future.
  • Search for independent reviews and discussions. Look at forums, social media, and other platforms to see what others are saying about the project.

3.  Verify Sources

Scammers often create fake websites, whitepapers, and even fake online profiles. Always verify the authenticity of the information you find:

  • Check the official website’s domain. Scammers may use a slight variation of a known website’s URL.
  • Be wary of unsolicited offers. Scams often come in the form of an unexpected email or message urging you to invest quickly to avoid missing out.

4.  Look Out for Red Flags

Certain signs can indicate a potential scam:

  • Promises of very high returns. Be cautious of any scheme promising quick returns that sound too good to be true.
  • Lack of detail about the project. Vague information about how the project works or how returns are generated is a red flag.
  • Pressure to invest quickly. Scammers often try to create a sense of urgency so that you don’t have time to think critically or investigate thoroughly.

5.  Use Secure and Reputable Wallets

Your digital wallet’s security is paramount:

  • Choose reputable wallets. Use wallets that have strong user reviews and a long track record.
  • Enable multi-factor authentication. This adds an extra layer of security to your wallet.

6.  Stay in control

  • Never assign or share access.
  • Never let anyone set up a cryptocurrency wallet, upload ID documents or manage investments for you.
  • Keep your crypto account private: fraudsters may ask you to download software so they can access your devices and move money without your knowledge.
  • Spot familiar tricks – you may be asked to move money and asked to mislead your bank about the reason for making the payment. Fraudsters know these payments may attract more scrutiny and will try to avoid it.

7.  Beware of Phishing Attacks

Phishing is a common way for scammers to steal your credentials:

  • Never click on suspicious links. These can come from emails, messages, or social media.
  • Double-check email addresses. Phishing emails often come from addresses that are similar to, but not exactly the same as, those of legitimate companies.

8.  Keep Your Private Keys Private

Your private keys are the keys to your cryptocurrencies. Never share them with anyone, and avoid storing them online or in places where they could be easily stolen.

9.  Regularly Update Your Security Practices

As technology evolves, so do the tactics used by scammers. Keep your software up to date and stay informed about new security practices.


Investing in cryptocurrencies can be rewarding, but it’s essential to remain vigilant and informed. By educating yourself and following these safety tips, you can help protect your investments and personal information from scammers looking to exploit the unwary. Remember, if something seems too good to be true, it probably is. Always invest with caution and due diligence.

This site uses cookies

We use cookies to improve user experience and analyse website traffic. By clicking “Accept“, you agree to our website’s cookie use as described in our Cookie Policy