The UK Payment Systems Regulator (PSR) has published a report on Authorized Push Payment (APP) scams and how to avoid them. In brief, a fraudster pilfers money illicitly when it tricks targets into sending money to its account. The trick is presenting what looks like a legitimate payment request when, in reality, it is a financial trap.
The PSR reports that in 2023, an estimated £341 million was stolen from people in a Push Payment scam. Social Media, Messaging, and Call Platforms account for 56% of the total volume, or £67,429,184.
While the game remains the same, fraudsters have updated their tools by utilizing digital technology and posing as well-known tech brands. The PSR report indicates the following nefarious trends:
- Fraudsters target major platforms to commit scams: Social media, technology platforms, and telecoms are frequently exploited by scammers, resulting in losses of hundreds of millions of pounds for UK consumers.
Over half of scams involve Meta platforms: In 2023, Meta platforms (Facebook, Instagram, WhatsApp) were linked to 54% of scam incidents (119,338 cases) and 18% of total losses (£62.7 million). That’s roughly £1 in every £5 lost in scams. - Telecoms and emails cause significant losses: Fraudulent calls and texts via telecoms were used in 12% of scam cases (26,975) but accounted for 31.5% of the losses (£107.2 million). Emails, while only involved in 2% of scams, led to disproportionately high losses of £35 million (10% of the total).
- Romance scams are more common on Meta platforms: Meta platforms were used in more romance scams (31%) than all dating websites combined. Facebook, Instagram, and WhatsApp together accounted for 1,590 incidents and £5.1 million in losses.
- Purchase scams dominate on Facebook: The most common scams in 2023 were purchase scams, where victims buy items that never arrive. Facebook was used in 44% of these cases (67,337 incidents), with losses of £19.5 million—more than any other platform. While eBay saw fewer scams (1.6% of cases), the losses per scam were significant, totaling £6.7 million.
- Investment scams cause the biggest losses: Investment scams made up 23% of total losses (£80.3 million) but only 6% of scams (12,500 incidents). Fraudsters often used telecoms (£18.4 million in losses), Meta platforms (£11.6 million), and even friends and family connections (£9.6 million) to deceive victims.
Clearly, Meta and its brands, including Facebook, Instagram, and WhatsApp, must do more to protect their users. The tech company is falling short of vetting or guarding against bad actors.
Purchase scams top the list of frauds at 68% of the problem, followed by Impersonation Scam (10%), Advance Fee scams (9%), Investment scams (6%), and down from there.
Facebook alone dominates purchase scams with 44% of the volume and 27% of the aggregate value [when adding Facebook Marketplace, the percentages jump to 55% and 35%, respectively]. X (Twitter) is barely a blip on the screen at 5% of volume and just 1% of the value of scams. Elon Musk is doing better.
The scam types are defined as follows:
- Purchase Scams
- Romance Fraud
- Invoice and mandate fraud
- Impersonation scams
- Investment fraud
- Advance fee fraud
- Impersonation frauds (professional and family)
Kate Fitzgerald, PSR’s Head of Policy, explains that by publishing this data they seek to drive “real change” adding that preventing scams before they happen is the best way to protect consumers.
Silvija Kurpena, Director of the Financial Intelligence Unit at RedCompass Labs, says the PSR report on Push Payment Scams is too little too late.
“While its focus on collaboration between social media platforms and payment firms is welcome, the industry has been calling for this action for well over a year. It is clear again that the new reimbursement rules for APP fraud, aren’t addressing the root of the issue—stopping fraud at its source,” shared Kurpena. “As the new report highlights, over half of scams involve Meta platforms, with total losses amounting to £62.7 million in 2023. it’s imperative that social media companies step up and take responsibility. Whether through fines, contributions to prevention funds or heightened awareness campaigns, social media platforms must play an active role in shutting down vulnerabilities exploited by fraudsters.”
Kurpena said that tackling payment fraud in the UK requires an ecosystem-wide approach that incorporates financial services firms, law enforcement, and regulators, as well as tech firms that are a key vector for these scams. “Right now, these connections remain fragmented,” she said.
“Australia’s proposed unified scam-prevention network offers a compelling model to follow. By integrating efforts across sectors, it demonstrates that collective action isn’t just possible—it’s essential. The UK must adopt a similar approach, prioritising prevention over reimbursement. It’s time to stop subsidising criminal activity and start focusing on proactive fraud prevention through innovation, cooperation and public awareness.”
Perhaps making Meta (and others) liable for these scams is a start? Would the tech firm take the issue more seriously if they had skin in the game instead of the “who, me?” approach? A valid question.
The PSR report is available here.