Victims were tricked into transferring £236 million to fraudsters' accounts last year, latest figures show.

Figures released today from UK Finance, which represents almost 300 finance firms, show there were 43,875 cases of 'authorised push payment' fraud in 2017. Of these 88% were consumers who lost an average of £2,784 each.

Banks and credit card providers were able to recover £60.8 million (26%) of these types of payments, meaning the majority of victims were left hugely out of pocket.

It's the first time data has been collected on this type of scam and comes as the Payment Systems Regulator is developing a new code of conduct to help future victims, which is due to come into force this September.

Check out our tips for protecting your money with our 30+ Ways to Stop Scams guide.

What is an ‘authorised push payment’ scam?

The scam occurs when a victim transfers cash from their bank account to another belonging to a criminal. The money is usually moved on swiftly to other bank accounts, often abroad.

'Authorised push payment' scams differ from account hacks or data breaches because the customer has been duped into authorising a payment to another account.

Examples of this type of scam include criminals impersonating a bank employee or police officer and claiming to have spotted a fraud on a customer's account, posing as a property solicitor during the sale of a house or offering fake investment opportunities. They use a variety of methods to mislead, including phone calls and sending text messages, letters or emails.

While customers are legally protected for unauthorised fraudulent payments, such as hacked accounts, there has been no such protection for people duped into making an authorised payment.

Under current legislation, it's up to the banks if they decide whether or not to reimburse the victim, and it often depends on if they can recoup the lost money and if they think the customer has been negligent or not.

How to avoid being a victim

The Government has worked with UK Finance on guidance to help consumers spot these methods of fraud, which includes the 'Take Five' customer advice guide. The tips include:

  • Just because a person knows some of your personal details, such as name, address or your mother's maiden name, it doesn't mean they're genuine. Don't rely on your caller ID as scammers can clone numbers.
  • Banks or Government departments will never ask you for your PIN or full password, nor will they demand a money transfer to a safe account.
  • Never click on a link from an unexpected email or text message.
  • If a person asks for information without invitation, it's good to be hesitant. Instead contact the company directly using a trusted email or phone number to check the request is genuine.
  • Don't let yourself be pressured or rushed into making a decision. A genuine company or organisation will give you time to consider your actions.

If you think you've been a victim or fraud, or if you suspect a fraudster has targeted you, report it immediately to your bank or credit card provider and then contact Action Fraud (you can also call on 0300 123 2040).