SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Ps jf headshot
#
Payment Technologies
#
Cybersecurity
#
Social Media

Why APP fraud is still rising and how we can stop the surge

Tue, 18th Nov 2025
By Jonathan Frost, Director of Global Advisory for EMEA, BioCatch

APP fraud now accounts for almost half of all fraud losses in the UK. Jonathan Frost, Director of Global Advisory for EMEA at BioCatch, looks at why this type of fraud is increasing and what banks can do to protect consumers.

UK Finance's 2025 Half-Year Report reveals fraud losses rose by 2% in the first half of 2025.

A 2% increase might not sound significant, but it happened even after public awareness campaigns like "Stop! Think Fraud" and a year after the UK introduced mandatory reimbursement for APP fraud.

The UK lost £2,300 per minute to fraud in the first half of the year, a citizen fell victim to fraud every 7.5 seconds, and UK banks stopped £93 of fraud per second.

But the financial losses are only part of the story. Even though 88% of victims get their money back, the emotional impact remains. Most victims feel anger, stress, and anxiety, and one in five has experienced depression.

Criminals are using more advanced social engineering tactics to target people. Financial institutions, tech companies, and regulators need to work together now to protect potential victims.

Why is APP fraud rising?

APP fraud is still the fastest-growing and most damaging type of fraud. It made up 42% of losses in the first half of 2025, up from 37% in the same period of 2024.

Mandatory reimbursement has helped protect consumers, but the policy still faces challenges. According to the Payment Systems Regulator, APP fraud rose by 15% between the first and second quarters of 2025, showing that criminals are not discouraged.

Most APP scams start online, with two-thirds of cases in early 2025 beginning this way. UK banks have spent billions on fraud prevention, reducing criminal gains to 30p for every £1. Meanwhile, Big Tech platforms are still profiting, and about 70% of new Facebook and Instagram advertisers are scammers.

Since the Online Safety Act's rules on paid fraudulent ads won't be enforced until 2027, scammers will likely keep taking advantage of this gap for now.

The human factor

APP scams are different from unauthorised fraud because they trick victims into acting for the criminals. By taking advantage of human weaknesses, these scams make victims help commit the fraud without realising it.

Fraudsters now use remote and mobile channels to get around security controls instantly. Remote purchase fraud reached record levels in 2024, growing by up to 26% in some cases. With criminals tricking people into confirming online card purchases.

Criminals are adapting quickly, using investment scams, so-called finfluencers who promise high returns, and romance scams that take advantage of trust. They are moving faster than awareness campaigns can keep up.

What needs to change?

There are some positive signs. Unauthorised fraud dropped by 4% from the first half of 2024 to the first half of 2025, and more cases are being stopped.

Payment Service Providers blocked £860 million in attempted fraud, stopping 70p of every £1 targeted. This shows that investing in prevention is working.

Still, criminals are making progress. Many investment and romance scams are connected to global crime networks, with call centres in Southeast Asia responsible for about 60% of losses from online scams.

Financial institutions need to work together as closely as criminals do. Fraud crosses banks and channels, but defences are still separated. PSPs can only spot fraud in their own systems and cannot see threats across the wider financial network.

Other parts of the world offer an already-proven solution.

Australia's largest banks have set up a real-time intelligence-sharing network that helps spot scams before transactions happen, without making things harder for customers. This network covers over 85% of the country's banked population and reviewed $320 billion in payments in its first 10 months.

Banks can also use better fraud detection tools and behavioural technology to reduce APP losses and shut down mule accounts that support these scams.

Working together across banks, regulators, and tech companies is essential to tackle social engineering, mule activity, and misuse of real-time payments. This kind of teamwork could make a big difference in protecting people from the financial and emotional harm of fraud.
 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Enterprises pivot to risk-aware, human-centric AI in 2026
Cyber leaders warn resilience gap as boards eye 2026
AI bubble cools as HR shifts to outcomes & new roles
Keeper links identity security alerts into ServiceNow
Safe AI coaches staff to cut cyber attack errors

Top stories

Exclusive: Cybrary on cyber training as tailored defence, not checkbox
Evolution named Gallagher’s top channel partner for 2025
Aryaka predicts AI-led overhaul of SASE & enterprise security
Radware warns 2026 will mark rise of ‘Internet of Agents’
SonicWall rolls out AI chat & tools for self-service