How Scam Prevention and Scam Detection Help Banks and Customers
Authorized push payment fraud, aka scams, are exploding in volume and impact - banks should consider the role of AI in scam detection and prevention
Around the world, consumers have eagerly adopted real-time payments (RTP) through services like Faster Payments (UK), Pix (Brazil), UPI (India), and Zelle (USA). In many regions, these payments are the primary way that consumers move money, which is fundamentally changing the payments landscape.
Fraudsters have taken note of this shift, and are targeting consumers directly. Authorized push payment (APP) fraud incidents, also known as scams, have exploded and are becoming increasingly sophisticated, posing significant threats to both consumers and financial institutions. Criminals are using an ever-growing range of tactics and techniques that include impersonation scams, investment scams, romance scams and employment scams, just to name a few.
On the one hand, banks and other financial institutions need the right tools and approaches to detect and prevent scams, which include techniques powered by artificial intelligence and machine learning. On the other hand, consumers must understand how to protect themselves, and learn what to look for as criminals adopt ever more sophisticated tactics like generative AI to conduct their scam activities.
Authorized Push Payment (APP) Fraud and Scams Flourish
APP fraud, commonly known as scams, happen when victims are tricked into authorizing payments to fraudsters. This tactic has taken root globally and continued to grow, resulting in increasing losses for both consumers and banks.
For example, UK Finance reports £450.7 million lost to authorized payment fraud in Britain in 2024, with just £267.1 million returned to customers. These numbers were similar in 2022 and 2023, confirming this long-term APP fraud trend has solidified and is not abating on its own.
Similar fraud challenges have expanded in Australia. Scams grew 18% between 2022 and 2023, totaling AU$2.74 billion in losses. These were reported across more than 600,000 individual complaints for more than $4,500.00 in losses per case.
The problem has permeated the US too. The FBI’s annual IC3 report tallied an average of 836,000 fraud complaints per year since 2020, or more than 4 million total, totaling $50.5 billion in losses – or $12,625.00 per report.
According to the FBI, the scams reported most – and by a significant margin – included phishing and spoofing, extortion, and personal data breaches. Each of these scam tactics can and increasingly does lead directly either to APP fraud, or other digital banking frauds like account takeover:
 | Phishing and spoofing are used to steal personal information, credentials, and one-time passcodes (OTPs). With those data points, criminals can commit fraud like unauthorized transactions. |
 | Spoofing and impersonation are often used to commit APP fraud through victim extortion. Criminals will pretend to be someone of authority, or pretend to have compromising information about the victim, to convince victims that they must make a payment to avoid a negative outcome like being arrested. |
 | Personal data breaches lead to password resets and account takeovers, and to exposure of sensitive data to the dark web. These breaches can feed data into criminal networks, which then use the compromised information to either extort victims or try to take over the victim’s account. |
Because scams and other financial crimes have become a continuous and financially painful problem for consumers, legislators and regulators have been under pressure to act.
Governments Respond with New Liability Rules
To address the worldwide scams problem, governments have begun to respond with rules and laws that make financial institutions liable for scam fraud losses. In these frameworks, liability typically means fines for the bank, and reimbursement of losses associated with scams not otherwise returned to customers.
New laws and rules relating to scams are accelerating the need for banks to invest in scams detection & scam prevention technologies. For example, Australia’s new scams prevention framework is dubbed the “world’s toughest anti-scam laws”. It requires social media providers to verify their advertisers; telecoms to detect and disrupt scam phone numbers, calls, and texts; and banks to confirm payee identities. Failure to do so can result in fines up to AU$50 million.
In Spain, the Tribuno Supremo ruled in favor of an Ibercaja bank customer after an account takeover scam. The customer was targeted with a phishing attack and their spouse’s SIM card was duplicated. The criminals reset the customer’s bank password by intercepting an OTP sent via SMS and stole €83,000. The bank recovered and returned €27,000. The customer sued the bank and was rewarded the difference, €56,000, plus interest, at the bank’s expense.
The Role of AI Scams and Scam Defense
Fraudsters are increasingly leveraging AI tools to enhance their scams. AI enables them to create more convincing deepfake video and audio content, to craft sophisticated phishing attacks, defeat some biometric security measures, and perpetrate outlandish and highly effective impersonation scams.
For example, the FBI’s 2024 IC3 report ranked “romance/confidence” scams as tenth most reported type of scam – and AI is making romance scams even more effective. Because GenAI tools can manipulate voice and video, they are potent tools for deceiving victims into sending money or divulging sensitive information.
A woman in France was convinced she was ‘dating’ actor Brad Pitt and that he fell ill and needed money. The victim sent more than $800,000 directly to the scammer, believing she was saving Brad Pitt’s life.
Similarly, a woman in the US was convinced to invest in a venture by a person she believed was actor Kevin Costner. Over a 6-month period, she sent $62,000 to the scammer, all because of an illusion created by AI.
In the latest escalation, criminals are using agentic AI to automate and scale how they perpetrate frauds. AI agents can communicate, open accounts, and transfer money while impersonating users and navigating digital experiences faster and easier than humans.
Tactics for Scams Detection and Scam Prevention
Given the rapid evolution of these complex frauds, banks have an opportunity to improve how they detect and prevent scams. Four significant steps include:
Enhance signals: Banks can take advantage of capabilities like Scam Signal, which combines real-time telephony data with contextual customer and payment data in real time to inform the bank about the likelihood of a transaction being associated with a scam. This approach scales and improves detection and prevention across products, portfolios, and channels – and provides a basis to adjust and improve unique transactions and the data used to generate risk decisions over time.
Communicate live: Closing the loop between the bank and the account holder relies on communicating information, notifications, and alerts to customers through the right channels, at the right time, and then translating them into action. A notification of a scam in real-time as a customer is in the process of falling for APP fraud is an effective way to “break the spell” of the scammer and make the customer think twice before sending funds.
Implement robust verification processes: Scammers frequently try to impersonate someone, whether it is an authority figure, a “trusted” contact, a business associate, or a love interest. All transactions should be able to undergo thorough verification, including step-up authentication and extended review periods, to prevent authorized payments from being made to criminals.
Collaborate with authorities: Work closely with regulatory bodies and law enforcement to stay ahead of emerging threats and have a positive influence on the required solutions. Collaboration across industries is crucial as well, just as banks, mobile operators, regulators, and solution providers are cooperating in the UK to provide Scam Signal and combat APP fraud.
How Consumers Can Protect Themselves from Scams
Many sources offer scam advice, but it's always worth repeating the fundamentals:
- Never respond to unsolicited requests for personal information and do not share personal information via phone, text, instant messenger or any other unsecure way.
- Enable multifactor authentication (MFA), avoiding text or email for one-time passcode sharing whenever possible.
- Understand that scammers use social engineering and urgency to coerce immediate payments. Many of the details you share through social media can be used against you in a social engineering approach to scams.
- Educate yourself of the differences in protection between peer-to-peer (P2P) payments channels and other payments products like credit cards. Treat P2P payments like cash transactions – in many cases, you cannot expect to get that cash back.
- Pay attention to warnings and alerts during the payment process. Your bank or payment will often ask if you’re sure that you want to make a specific payment, especially to a new recipient. Heed any warnings and be sure you want to make a payment before you do so.
- Before blindly proceeding with a payment, no matter the channel, take a minute to slow down and think carefully. If there’s an unnatural sense of urgency from someone to get money, step back and ask if you’re being scammed. A thoughtful pause can help prevent fraud, keep your accounts intact and see you well positioned for the future.
- Stay up to date on existing and emerging kinds of scams. Resources like the FTC website are a good way to stay informed about what kinds of scams are prevalent.
One of our fraud experts, TJ Horan, wrote a good post about what to do if you fall for a scam.
How FICO Helps Scam Detection and Prevention
FICO is playing a key role working with banks, consumer organizations, mobile network operators, and regulators to combat fraud and financial crime. FICO’s capabilities, which leverage advanced analytics and AI-driven solutions, enable financial institutions worldwide to detect and prevent scams, fraud and financial crimes more effectively. Clients can use real-time communications, award-winning ML-driven scam detection models, end-to-end-orchestration and more to consistently enhance their security measures, provide better protection for their customers, and remain responsive to the latest scams, frauds, and financial crime.
Learn more about FICO’s approach to fraud protection and compliance
Check out how you can fight scams with AI Decisioning
Discover the power of omni-channel engagement for scam prevention
Popular Posts
Business and IT Alignment is Critical to Your AI Success
These are the five pillars that can unite business and IT goals and convert artificial intelligence into measurable value — fast
Read more
Average U.S. FICO Score at 717 as More Consumers Face Financial Headwinds
Outlier or Start of a New Credit Score Trend?
Read more
FICO® Score 10T Decisively Beats VantageScore 4.0 on Predictability
An analysis by FICO data scientists has found that FICO Score 10T significantly outperforms VantageScore 4.0 in mortgage origination predictive power.
Read moreTake the next step
Connect with FICO for answers to all your product and solution questions. Interested in becoming a business partner? Contact us to learn more. We look forward to hearing from you.