Products
Use Cases
Customers
Resources
Company
Book a demo
Products
Documents Detect document fraud in any PDF or image file, from anywhere
Transactions Boost any existing transaction monitoring system with AI
Defence in Depth Detect fraud and fincrime throughout the customer lifecycle
RAI-LinkedIn-Logo
How to get started with Resistant Documents Jump right in — get an overview of the basics and get started on building.
Watch now
WhitePaper_TheThreatofSerialFraud
The Threat of Serial Fraud Read our whitepaper about danger of Serial Fraud
Watch now
The Threat of Serial Fraud
WhitePaper The Threat of Serial Fraud
Read the Whitepaper
Documents
Merchant onboarding Verify KYB documents in under 20s
Loan underwriting Confidently approve more loans with fewer defaults
Tenant screening Check applicant documents for misrepresentation
Claims Escalate fake claims and process real ones instantly
Marketplaces Strengthen seller onboarding in seconds
Transactions
AML Catch more financial crime with less
APP fraud Protect scam victims and spot fraudster accounts
image-graph-placeholder
The Threat of Serial Fraud Read our whitepaper about danger of Serial Fraud
Watch now
Webinar
image-graph-placeholder
Watch on demand
Payoneer High-volume merchant onboarding automation
Habito Confident decisioning in online mortgage brokering
Finom Cross-border AML transaction monitoring
Verto Pan-African merchant onboarding
LYNK Capital Commercial real estate loan fraud prevention
Planet42 Rent-to-buy car subscription loans automation
Close Brothers 22x ROI in Motor Finance fraud prevention
image-graph-placeholder
The Threat of Serial Fraud Read our whitepaper about danger of Serial Fraud
Watch now
usecase-tax
The Threat of Serial Fraud Read our whitepaper about danger of Serial Fraud
Watch now
Webinar
image-graph-placeholder
Watch on demand
Resources
Content hub
White papers
Webinars
Event insights
ROI calculator
Support
Trust center
Documents API
image-graph-placeholder
The Threat of Serial Fraud Read our whitepaper about danger of Serial Fraud
Watch now
Webinar
fighting fraud in an ai world hero image
Join for free
About us
Blog
Threat intel
Industry insights
Partners
Careers
Press releases
image-graph-placeholder
The Threat of Serial Fraud Read our whitepaper about danger of Serial Fraud
Watch now
Webinar
fighting fraud in an ai world hero image
Join for free
Blog
What is APP fraud?

What is APP fraud?

Published 26 Jun 2026Updated 26 Jun 2026
What is APP fraud?
Table of contents
Subscribe to our newsletter

When we think about APP fraud, our hearts go out to the victims. But in 2026, banks in the UK are shouldering a lot of the financial load. £576.4 paid out in reimbursements last year speaks to massive fraud losses with little resolution in site.

Our APP fraud white paper raised this issue all the way back in 2024 as one of the biggest threats facing banks in the current day. Two years later, it’s only gotten worse. The only caveat? Institutions are feeling the effects of reimbursement legislation, costing them just as much as their deceived customers.

But it’s not just about financial losses. Exposing customers to APP fraud is one of the quickest ways to lose their trust and make them switch institutions. 72% of victims close their accounts after the fraud occurs.

Meanwhile, real-time payments are the status quo , criminals have AI-powered operations, and pre-onboarded institution accounts are being sold online for pennies on the dollar.

In this guide, we’d like to revisit APP fraud, how it works, why it’s so difficult to stop, and what institutions can do to fight back.

APP fraud definition

Authorized Push Payment (APP) fraud is a financial scam where a fraudster cons an individual or business into sending money to an account controlled by the criminal under the guise of a legitimate transaction.

Essentially, any scam in which a victim is deceived into authorizing a payment to an account controlled by a criminal.

The key characteristic is that the payment is initiated by the legitimate account holder. In that way, the victim essentially facilitates the scam themselves. Unlike traditional fraud, there is no unauthorized access (to the victim’s account) or stolen payment credentials. That’s what makes it so hard to prevent.

A real world example might look like this:

  1. A criminal contacts a victim pretending to be their bank.
  2. They claim the victim's account has been compromised.
  3. The victim is instructed to transfer their money to a "safe account."
  4. The safe account is actually controlled by the criminal.

After the scam, criminals can spend the funds directly, convert them into cash or cryptocurrency, or move them through networks of mule accounts to conceal origin before laundering the proceeds.

Importantly, APP fraud is a global threat. In the UK and Europe, bank to bank transactions and platforms like Revolut are the attack surface, in the US you have apps like Cash App, Zelle, and Vemo.

Regardless of where you live, crime is easy enough to commit anywhere: find a victim, con them, move the money, cash out. Every institution in the world is exposed to this type of fraud.

How does APP fraud work?

While scams vary, most APP fraud follows the same basic pattern:

Contact and manipulation

The criminal establishes contact with the victim and creates a believable story.

This can happen through:

  • Phone calls (vishing).
  • Text messages (smishing).
  • Emails (phishing).
  • Social media.
  • Messaging apps.
  • Deepfake voice or video impersonation.

Common tactics usually include a sense of urgency or playing on the emotions of the victim: “I need this money quickly to feed my sick son.” “Hurry up or you will lose access to your account.”

This kind of coercion is effective because it plays on the humanity of the person’s financial situation, giving way to terms like “pig butchering” to embody the innocence of the account holder.

Payment authorization

Once the victim believes the story, they are instructed to send money. Often, peer to peer payments are very difficult to reverse, so recovery is usually unlikely.

Unless the country has reimbursement laws like those that came into effect in the UK in 2024, in Singapore in 2024 (for some APP fraud cases), and in Australia (aimed at banks compensating victims when they don’t have the right fraud prevention measures in place).

Money movement

After receiving the funds, criminals rapidly move the money through mule accounts and other intermediaries.

By layering across multiple accounts and transactions, they make the funds harder to trace, recover, and link back to the original fraud.

The money is eventually cashed out, converted into cryptocurrency, used to purchase assets, or integrated into the financial system through additional money laundering activity.

In many cases, these transfers happen within minutes of the victim authorizing the payment.

Types of APP fraud

APP fraud is an umbrella term that covers a wide range of scams, but they all share the same objective: convincing a victim to voluntarily authorize a payment to a criminal-controlled account.

Purchase scams

A fraudster advertises goods or services that do not exist, or never intends to deliver them. After the victim pays by bank transfer, the seller disappears, leaving the victim without the product or their money.

Rental scams

Criminals pose as landlords, letting agents, or property owners and convince victims to pay deposits, rent, or reservation fees for properties that are unavailable, already occupied, or entirely fictitious.

Invoice redirection fraud (Business Email Compromise)

A scammer impersonates a legitimate supplier, vendor, or business partner and provides new payment instructions. They can do this through a compromised business email or one that looks almost legitimate. Replacing a “o” with a “0” is a common strategy.

The recipient, believing the request is genuine, sends payment to the criminal's account instead of the legitimate email.

CEO fraud

Fraudsters impersonate senior executives or trusted business leaders and pressure employees into making urgent wire transfers.

Romance scams

Criminals build trust over weeks or months through online relationships before requesting money for fabricated emergencies, travel costs, investments, or other personal expenses.

Victims may make multiple payments before realizing they have been deceived.

Investment scams

Scammers promise unusually high or guaranteed returns through fake investment platforms, cryptocurrency opportunities, or other fraudulent schemes. Victims are encouraged to transfer funds, only to discover the investment never existed or that withdrawals are impossible.

Institution or platform impersonation

Fraudsters impersonate banks, payment providers, cryptocurrency exchanges, government agencies, online marketplaces, or digital platforms.

Victims are told they must urgently verify their account, reverse a fraudulent transaction, pay a fee, or transfer funds to a "safe account." Believing the request is legitimate, they authorize a payment directly to the criminal.

Why is APP fraud increasing?

APP fraud has become the backbone of modern financial scams. According to industry estimates, it accounts for more than 75% of digital banking fraud by dollar value globally.

Several trends have accelerated this growth:

  • Real-time payments. Once a victim authorizes a payment, criminals can move the funds through multiple mule accounts within minutes, making recovery increasingly difficult.

  • Industrialized social engineering. Organized criminal groups use phishing kits, spoofing services, call centers, automation, and repeatable playbooks to target thousands of victims simultaneously.

  • Generative AI. AI has lowered the barrier to creating convincing scam emails, text messages, fake websites, and voice impersonations. Criminals can now launch more believable fraud campaigns with less effort than ever before.

  • Scalable money mule networks. Digital onboarding, synthetic identities, and automated account creation have made mule networks easier to build and scale.

  • The growth of digital financial services. Consumers increasingly expect instant payments, remote onboarding, and frictionless banking experiences. While these innovations improve convenience, they also give criminals the speed and scale needed to operate sophisticated fraud campaigns from anywhere in the world.

The role of documents in APP fraud

While APP fraud is ultimately about manipulating someone into authorizing a payment, documents often play a critical role in the process. Criminals use forged, stolen, and AI-generated documents to create accounts, support scams, and build the infrastructure needed to move and launder stolen funds.

Fraudulent onboarding documents

Before criminals can open bank accounts, digital wallets, or payment accounts, they must submit identity documents, proof of address, utility bills, pay stubs, proof of income, or synthetic identity packages to bypass KYC and KYB checks. These documents are often manipulated or entirely fabricated.

Fake payment evidence

Criminals may also fake payment receipts, bank statements, transaction confirmations, or payment screenshots to falsely claim that a transfer has already been made or that additional funds are required to complete a transaction.

These documents are commonly used in marketplace scams, rental fraud, business email compromise, and invoice redirection schemes to reinforce the deception and pressure victims into authorizing payments.

Account packages and money mule networks

Some criminal groups go a step further by creating or acquiring fully verified financial accounts before selling them to other fraudsters.

These "account packages" include the documentation needed to pass future verification checks (usually the documents originally used to onboard the account)

In other cases, legitimate account holders sell access to dormant accounts after moving abroad or no longer needing them, providing criminals with aged accounts that may appear less suspicious than newly created ones.

By treating verified accounts as a commodity, criminal groups can rapidly scale APP fraud operations without repeatedly creating new identities, making it easier to build the mule networks that support fraud and money laundering.

How transaction monitoring helps detect APP fraud

Because the victim authorizes the payment, APP fraud often bypasses traditional fraud controls. The customer logs in successfully, completes authentication, and initiates the transaction themselves. From a technical perspective, nothing appears wrong.

This is where transaction monitoring becomes essential.

Rather than focusing on whether a payment was authorized, transaction monitoring analyzes how money moves before, during, and after the transaction. It evaluates customer behavior, payment context, counterparties, and relationships between accounts to determine whether the activity is consistent with legitimate behavior or indicative of fraud.

Modern AI transaction monitoring builds on this foundation by combining machine learning, behavioral analytics, anomaly detection, and network analysis.

Instead of relying solely on predefined rules, AI can identify suspicious patterns that emerge across thousands or millions of transactions, even when each individual payment appears legitimate.

Conclusion

APP fraud succeeds because victims authorize the payment themselves.

Institutions need to identify the threat earlier, intervene before funds are withdrawn or layered through mule accounts, and uncover criminal activity that traditional rule-based systems may miss.

Rather than reviewing payments in isolation, institutions in 2026 need AI transaction monitoring that connects activity across customers, accounts, counterparties, and transaction networks.

Resistant Transactions is AI-powered with 80+ off-the-shelf models and a <100 millisecond real-time response rate.

Scroll down to book a demo.

APP fraud Frequently asked questions Hungry for more APP fraud content? Here are some of the most frequently asked APP Fraud questions from around the web.
What does APP fraud stand for?
APP fraud stands for Authorized Push Payment fraud.
What is an example of APP fraud?
A common example is a criminal impersonating a bank employee and convincing a victim to transfer funds to a fraudulent "safe account."
Is APP fraud the same as account takeover?
No. In account takeover fraud, criminals gain unauthorized access to an account. In APP fraud, the victim authorizes the payment themselves after being deceived.
Can banks recover APP fraud losses?
Sometimes, but recovery depends on factors such as how quickly the fraud is reported and how quickly the funds are moved.
How do banks detect APP fraud?
Resistant AI helps banks detect APP fraud by analyzing behaviors and transaction patterns to identify the crime before the money moves.
What is a mule account?
A mule account is a bank account used to receive, transfer, or conceal criminal funds.
Can APP fraud victims become money mules?

Yes. In some scams, criminals continue manipulating victims after the initial payment, convincing them to receive or transfer additional funds.

In these cases, victims may unknowingly act as money mules, helping move or disguise criminal proceeds without realizing they are participating in money laundering.
Who is liable for APP fraud?

Liability depends on the jurisdiction and circumstances of the scam. Because the victim authorizes the payment, they have traditionally been responsible for the loss.

Countries such as the UK now require payment service providers to reimburse eligible APP fraud victims in many cases.

 
Education center
Blog post author
David Gregory Resistant AI Content Strategy Manager

Resistant Transactions

5X the analyst productivity and 3X the risk coverage. 

Book a demo