Fraud

STAY AHEAD OF FRAUD: IS SOMEONE ASKING YOU TO MOVE YOUR MONEY? NEVER TRANSFER MONEY TO SOMEONE YOU DON’T TRUST OR SHARE PASSWORDS WITH ANYONE. THIS INCLUDES PEOPLE ONLINE YOU’VE NEVER MET, TOO GOOD TO BE TRUE INVESTMENTS AND COMPANIES ASKING YOU TO TRANSFER FUNDS DIRECTLY TO THEM

APP Fraud

BCB Group champions the fight against APP Fraud

BCB Group operates on ‘compliance first’ principles. We take a zero tolerance approach to any criminal activity conducted across our platform and pride ourselves on the strength of our compliance, security and fraud prevention teams, processes and technology.

Whilst BCB Group only offers payments accounts to businesses and does not support individual retail consumers our focus has always been supporting the evolution of a safe secure digital assets ecosystem for both our clients and in turn just as critically, their customers (who may include retail consumers). We continually strive to use our unique position as the premier payments service provider to the crypto industry to champion initiatives focused on the establishment of the highest levels of protection for all those seeking to use crypto as a means of payment or investment.

With the regretful increase in Authorised Push Payment (APP) fraud within the banking and payments industry and the particular vulnerabilities of retail consumers active in the digital asset sector we have never been more committed to creating a safe level playing field for our clients and their customers. We work closely within and across our industry, with our banking partners, regulators, law enforcement agencies and legal advisors to ensure our products and services and the products and services of our clients are resilient to fraudsters.

What is APP Fraud?

Authorised Push Payment (APP) fraud is a sophisticated type of financial crime that capitalises on deception and manipulation. It occurs when fraudsters deceive individuals or businesses into voluntarily transferring money to accounts controlled by the criminals or manipulate them to share personal details under false pretences. Unlike traditional fraud, which typically involves unauthorised transactions, APP fraud relies on manipulating the victim into authorising the transfer themselves. This makes APP fraud particularly challenging to address because the transaction is initially perceived as legitimate by banks and financial institutions.

APP fraud is currently the most common type of financial scam in the UK.

How APP Fraud Works?

The process often begins with the fraudster gaining the victim’s trust or by creating a scenario of urgency that prompts an immediate financial action. The deceptive methods used can vary widely, but they commonly include social engineering tactics, phishing emails, spoofed phone calls, or fake invoices.

Key Typologies of APP Fraud?

  • CEO or Executive Impersonation:
    • Description: Fraudsters impersonate a senior company executive or the CEO to instruct finance or accounting staff to make urgent transfers, often for a purported confidential deal.
    • Example: An employee receives an email, seemingly from the CEO, requesting an immediate transfer to finalise a secret acquisition. The email address looks correct, but it is actually a spoofed version that differs by only one or two characters.
  • Professional Body (HMRC/Bank/ Financial Services Firms) Impersonation:
    • Description: Fraudsters impersonate representatives from professional body to deceive individuals into providing sensitive financial information or making fraudulent transactions.
    • Example: A customer receives a phone call from someone claiming to be from their bank’s fraud department, informing them of suspicious activity on their account and requesting their online banking credentials to “verify” their identity and secure their funds.
  • Romance Scams:
    • Description: Fraudsters use online dating sites or social media platforms to feign romantic intentions, build a relationship with the victim, and eventually request money for emergencies, medical issues, or travel.
    • Example: After months of building a seemingly genuine relationship, the fraudster claims to be in a difficult financial situation due to a sudden illness or a detained family member abroad and asks for money to help resolve the issue.
  • Investment Scams:
    • Description: Victims are lured with promises of high returns on investments in various schemes, including cryptocurrency, real estate, or stocks that are non-existent or grossly misrepresented.
    • Example: A victim receives a call or sees a social media advertisement from a seemingly reputable investment firm offering a once-in-a-lifetime opportunity to invest in a fast-growing technology company. The firm may ask the victim to download a remote desktop application (such as AnyDesk) to enable them remote access to the victim’s computer. The firm, however, is fake, and the investment money goes directly to the fraudsters.
  • Invoice and Billing Scams:
    • Description: Typically targeting businesses, fraudsters send fake invoices that appear to be from legitimate vendors or service providers. The amounts and services listed might be plausible, making it difficult to spot the fraud.
    • Example: A business receives an invoice that closely resembles those from a real contractor it frequently works with, but the bank account details have been changed to divert payments to the fraudster.
  • Advance Fee Scams:
    • Description: Involve fraudsters promising a large sum of money, a valuable item, or a lucrative opportunity in exchange for an upfront payment or fee. The scam typically targets individuals who are in financial distress or seeking quick financial gain. The fraudsters use various tactics, such as lottery or inheritance or business opportunities to lure victims into believing they will receive a significant return on their investment. However, once the victim pays the initial fee, the promised reward never materialises, and the fraudsters disappear with the money.
    • Example: An individual receives an email informing them that they have won a substantial sum of money in a foreign lottery. To claim the prize, they are instructed to pay a processing fee upfront. Excited by the prospect of winning, the victim pays the fee as requested. However, after sending the payment, they never receive the promised winnings, and the fraudsters cease all communication.

Preventive Measures

To combat APP fraud, both individuals and businesses should:

  • Verify any request for money or change in payment details directly using established communication channels.
  • Be wary of unsolicited contacts or pressure to act quickly.
  • Train employees in recognising and responding to signs of APP fraud.
  • Use technology solutions like transaction monitoring systems that can help detect unusual payment patterns.

Stop, challenge, protect

If you’re contacted out of the blue by phone, email, social media platforms or text:

  • stop – taking a moment to stop and think before parting with your money or information could keep you safe.
  • challenge – could it be fake? It’s ok to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
  • protect – check with someone you trust, such as a friend or family member and contact the company directly.

If you think you might have been a victim of APP fraud involving a payment processed by BCB please so not hesitate to let us know at [email protected]

For further advice on fraud prevention, there are several key agencies and organisations where you can get assistance or file a complaint. Here’s a list of relevant contacts:

1. Action Fraud

  • Website: actionfraud.police.uk
  • Role: Action Fraud is the UK’s national reporting centre for fraud and cybercrime. If you’ve been scammed, defrauded, or experienced cybercrime in England, Wales, and Northern Ireland, you should report it to Action Fraud.

2. Financial Conduct Authority (FCA)

  • Website:fca.org.uk
  • Role: The FCA can help if you’ve been scammed by a financial firm or if you suspect a firm does not have FCA authorisation. They also provide information on how to avoid investment and pension scams.

3. Citizens Advice

  • Website:citizensadvice.org.uk
  • Role: Offers advice on a range of issues, including what to do if you think you’ve been scammed. They can provide guidance on how to proceed and which regulatory bodies to contact.

4. The Pensions Regulator

  • Website:thepensionsregulator.gov.uk
  • Role: Contact for issues related to pension scams. They offer specific advice and what steps to take if you suspect a pension scam.

5. Get Safe Online

  • Website:getsafeonline.org
  • Role: Provides practical advice on how to protect yourself from online scams and frauds, including advice on secure shopping, banking, social networking, and safeguarding children.

6. UK Finance

  • Website:ukfinance.org.uk
  • Role: UK Finance represents nearly 300 of the leading firms providing finance, banking, markets, and payments-related services in or from the UK. They provide information and updates on banking and finance scams.

Each of these agencies plays a critical role in helping victims of fraud and providing resources to prevent future occurrences. If you suspect fraud or have been a victim, reaching out to these organisations can provide you with the necessary support and information.

How to Avoid Cryptocurrency Scams: Essential Tips for Safe Investing

As the popularity of cryptocurrencies continues to rise, so does the number of scams associated with this digital asset. Protecting yourself from these scams is crucial to ensure that your investment and personal information remain secure. Below are some essential tips to help you avoid falling victim to cryptocurrency scams.

1.  Know Your Investment

Understanding what you’re investing in is fundamental. Cryptocurrencies and blockchain technology can be complex, and scammers exploit this complexity. Take the time to learn about the cryptocurrency market, the technology behind it, and the specific details of the coin or token you’re considering.

2.  Research Thoroughly

Before investing in any crypto project, do thorough research:

  • Don’t fall for fake endorsements – fraudsters may impersonate famous personalities on social media or messaging groups, to make their offer look legitimate
  • Check the credibility of the project. Look for detailed and transparent information about the project, including the development team, the technology, and the investment terms.
  • Read the whitepaper. Legitimate projects typically have a comprehensive whitepaper that outlines the project’s purpose, technology, and a roadmap for the future.
  • Search for independent reviews and discussions. Look at forums, social media, and other platforms to see what others are saying about the project.

3.  Verify Sources

Scammers often create fake websites, whitepapers, and even fake online profiles. Always verify the authenticity of the information you find:

  • Check the official website’s domain. Scammers may use a slight variation of a known website’s URL.
  • Be wary of unsolicited offers. Scams often come in the form of an unexpected email or message urging you to invest quickly to avoid missing out.

4.  Look Out for Red Flags

Certain signs can indicate a potential scam:

  • Promises of very high returns. Be cautious of any scheme promising quick returns that sound too good to be true.
  • Lack of detail about the project. Vague information about how the project works or how returns are generated is a red flag.
  • Pressure to invest quickly. Scammers often try to create a sense of urgency so that you don’t have time to think critically or investigate thoroughly.

5.  Use Secure and Reputable Wallets

Your digital wallet’s security is paramount:

  • Choose reputable wallets. Use wallets that have strong user reviews and a long track record.
  • Enable multi-factor authentication. This adds an extra layer of security to your wallet.

6.  Stay in control

  • Never assign or share access.
  • Never let anyone set up a cryptocurrency wallet, upload ID documents or manage investments for you.
  • Keep your crypto account private: fraudsters may ask you to download software so they can access your devices and move money without your knowledge.
  • Spot familiar tricks – you may be asked to move money and asked to mislead your bank about the reason for making the payment. Fraudsters know these payments may attract more scrutiny and will try to avoid it.

7.  Beware of Phishing Attacks

Phishing is a common way for scammers to steal your credentials:

  • Never click on suspicious links. These can come from emails, messages, or social media.
  • Double-check email addresses. Phishing emails often come from addresses that are similar to, but not exactly the same as, those of legitimate companies.

8.  Keep Your Private Keys Private

Your private keys are the keys to your cryptocurrencies. Never share them with anyone, and avoid storing them online or in places where they could be easily stolen.

9.  Regularly Update Your Security Practices

As technology evolves, so do the tactics used by scammers. Keep your software up to date and stay informed about new security practices.

Conclusion

Investing in cryptocurrencies can be rewarding, but it’s essential to remain vigilant and informed. By educating yourself and following these safety tips, you can help protect your investments and personal information from scammers looking to exploit the unwary. Remember, if something seems too good to be true, it probably is. Always invest with caution and due diligence.

Phishing Scams

Understanding Phishing Scams

1. What are phishing scams?

Phishing scams are fraudulent attempts to obtain sensitive information such as usernames, passwords, credit card numbers, and other personal details by disguising as a trustworthy entity in electronic communications. These scams often use email, social media, text messages, or malicious websites to trick individuals into providing their private information.

2. How do phishing scams work?

Phishing scams typically follow these steps:

  1. Bait: The scammer sends a message that appears to come from a legitimate source (like a bank, social media site, or employer).
  2. Hook: The message creates a sense of urgency or curiosity, prompting the recipient to act quickly without thinking.
  3. Catch: The recipient is directed to a fake website or asked to download an attachment, where they are prompted to enter personal information or download malware.

3. What are the common types of phishing scams?

Common types include:

  • Email Phishing: Fraudulent emails that appear to come from reputable sources.
  • Spear Phishing: Targeted phishing attempts directed at specific individuals or organizations, often using personalized information.
  • Whaling: Phishing attacks aimed at high-profile targets such as executives or high-ranking officials.
  • Smishing: Phishing attacks conducted through SMS/text messages.
  • Vishing: Voice phishing scams conducted over the phone.
  • Clone Phishing: Duplicate emails or messages that mimic legitimate ones, with malicious links or attachments.

4. What are the signs of a phishing scam?

 Signs include:

  • Unsolicited emails or messages from unknown senders.
  • Requests for personal or financial information.
  • Messages that create a sense of urgency or fear.
  • Poor spelling and grammar.
  • Suspicious links or attachments.
  • Email addresses or URLs that look slightly off (e.g., an extra letter or number).

5. How can I protect myself from phishing scams?

To protect yourself:

  • Verify the source: Double-check the sender’s email address or phone number.
  • Be cautious of unsolicited requests: Do not provide personal information in response to unexpected messages.
  • Hover over links: Check the URL before clicking to ensure it directs to a legitimate site.
  • Use security software: Keep your antivirus and anti-malware programs updated.
  • Enable two-factor authentication (2FA): Adds an extra layer of security to your accounts.
  • Educate yourself: Stay informed about common phishing tactics and new scams.

6. What should I do if I fall victim to a phishing scam?

If you fall victim:

  1. Change your passwords: Immediately update passwords for any compromised accounts.
  2. Notify your bank or credit card company: Alert them if financial information was provided.
  3. Monitor your accounts: Keep an eye on your bank and online accounts for unauthorized activity.
  4. Report the scam: Notify the relevant authorities, such as the Federal Trade Commission (FTC) or Anti-Phishing Working Group (APWG).
  5. Scan your device: Use antivirus software to check for malware or viruses.

7. What are some real-world examples of phishing scams?

Examples include:

  • Banking scams: Emails pretending to be from your bank asking you to verify your account details.
  • Social media scams: Messages from friends or contacts whose accounts have been hacked, asking you to click on a link or download a file.
  • Corporate scams: Emails appearing to come from your employer or a trusted company, asking for login credentials or sensitive information.
  • Tech support scams: Calls or emails claiming to be from tech support, prompting you to install software that grants scammers access to your device.

8. How do phishing scams affect businesses?

For businesses, phishing scams can lead to:

  • Data breaches and loss of sensitive information.
  • Financial losses from fraud and theft.
  • Damage to reputation and loss of customer trust.
  • Legal consequences and fines.
  • Operational disruptions and downtime.

9. How can businesses protect themselves from phishing attacks?

Businesses can:

  • Implement robust email security protocols.
  • Train employees to recognize and report phishing attempts.
  • Use advanced threat detection and response tools.
  • Regularly update security policies and software.
  • Conduct phishing simulations to test employee readiness.

By understanding and recognizing phishing scams, both individuals and businesses can take proactive steps to protect themselves from these malicious attacks.

10. Where can I find more resources on phishing prevention?

For more resources:

  • Visit cybersecurity websites like the Anti-Phishing Working Group (apwg.org) or the Federal Trade Commission (FTC) at ftc.gov.
  • Check your email provider’s security and help sections.
  • Look for online courses and tutorials on cybersecurity best practices.

By following these steps and remaining vigilant, you can significantly reduce the risk of falling victim to phishing scams and protect your personal information.

Phishing: What BCB Group Will Never Ask You to Do

1. Will BCB Group ever ask me for my password?

No, BCB Group will never ask you to provide your password via email, phone, or any other form of communication. Your password is confidential and should only be entered on the official BCB Group login page.

2. Will BCB Group request my personal information through email or text messages?

No, BCB Group will never request personal information such as your Social Security number, bank account details, or credit card numbers through email or text messages. We only collect such information through secure, official channels.

3. Will BCB Group send me unsolicited attachments or links?

No, BCB Group will not send unsolicited attachments or links. If you receive an email with an unexpected attachment or link, do not open it. Instead, verify the authenticity of the message by contacting us directly through our official website or customer service number.

4. Will BCB Group ask me to verify my account via a link in an email?

No, BCB Group will not ask you to verify your account by clicking a link in an email. Any requests for account verification will be done securely through our official website or mobile app.

5. Will BCB Group call me to ask for my secure PIN or OTP?

No, BCB Group will never call you to ask for your secure PIN (Personal Identification Number) or OTP (One-Time Password). These details are private and should not be shared with anyone, including representatives of BCB Group.

6. Will BCB Group ask me to download software or applications from third-party websites?

No, BCB Group will never ask you to download software or applications from third-party websites. Always download apps from official app stores or our official website to ensure security.

7. Will BCB Group ask me to transfer money to another account for verification purposes?

No, BCB Group will never ask you to transfer money to another account for verification or any other purpose. Any such request is likely to be a phishing attempt and should be reported to us immediately.

8. Will BCB Group request remote access to my computer or device?

No, BCB Group will never request remote access to your computer or device. If someone claiming to be from BCB Group asks for remote access, it is a scam.

9. Will BCB Group communicate urgent account issues via social media?

No, BCB Group will not communicate urgent account issues through social media. Official communications regarding your account will be conducted through secure and established channels such as our website, app, or direct customer service contact.

10 What should I do if I receive a suspicious request that appears to be from BCB Group?

If you receive a suspicious request:

  1. Do not respond: Avoid replying to the message or providing any information.
  2. Do not click on links or download attachments: These could be malicious.
  3. Contact BCB Group directly: Use the contact information provided on our official website to verify the request.
  4. Report the incident: Forward the suspicious email to our security team at [email protected]] or contact customer service to report the phishing attempt.

By understanding what BCB Group will never ask you to do, you can better protect yourself from phishing scams and ensure your personal and financial information remains secure.

How do I get in contact with BCB Group?

If you are an existing customer of BCB Group and you have any questions about your accounts, or our products and services, please contact our Customer Success Team via your dedicated customer channel.

If you’re not currently a BCB Group customer please fill in the contact form and a member from our team will be in touch shortly.

This site uses cookies

We use cookies to improve user experience and analyse website traffic. By clicking “Accept“, you agree to our website’s cookie use as described in our Cookie Policy

Accept