• 2 min read
UK payment fraud hit £1.28bn as APP scams keep rising
UK fraud losses reached £1.28 billion in 2025, with APP fraud up 19% by value. Pay.UK says data sharing across banks, tech and telecoms is now critical.

Image: TechRadar
UK fraud losses reached £1.28 billion in 2025, up 4% year on year, as criminals shifted further from attacking systems to manipulating people. In this TechRadar Pro Perspectives piece, Pay.UK Chief Policy and Engagement Officer argues that the next phase of fraud prevention depends on tighter data-sharing between banks, telecoms, big tech, and the public sector.
The sharpest pressure point is Authorized Push Payment (APP) fraud. The UK recorded 248,070 cases in 2025, up 7%, while total APP losses climbed to £576.4 million, a 19% increase. According to the article, fraudsters are increasingly using social engineering in scams tied to investments, purchases, advance fees, invoices, mandates, romance, and impersonation.
Purchase scams accounted for 71% of all APP cases. The article says 66% of cases now begin online, representing 32% of losses, while 17% originate through telecommunications networks. That shift matters because most APP fraud now starts outside the banking system.

Recommended reading
AI won’t replace penetration testers just yet
Data-sharing and payment safeguards
The piece points to government and industry measures already in motion. It highlights the mandatory APP reimbursement scheme and says £215 million was reimbursed to victims in 2025 alone, citing PSR data. Across the scheme’s first 15 months — from October 2024 to December 2025 — 89% of money lost to APP scams was recovered from a payment firm and returned to victims.
That compares with the 65% reimbursement rate reported by UK Finance for personal accounts in 2024, though the article notes the figures are not directly comparable. The current scheme offers a recovery safety net of up to £85,000 and replaces the earlier voluntary Contingent Reimbursement Model (CRM) Code with a more consistent framework.
Pay.UK also highlights its work on Enhanced Data Exchange (EDEx) with Faster Payment System participants, aimed at secure and timely sharing of fraud data before money leaves the system. The article says this is designed to align with FCA APP fraud guidance and the Home Office’s Data Strategy.
Confirmation of Payee is presented as another key control, especially against misdirected payments, impersonation scams, and invoice scams. The piece adds that its influence has extended into Europe through the development of Verification of Payee.
The article also points to growing pressure for technology platforms and telecommunications providers to take enforceable responsibility for preventing fraud at the source — and to contribute financially and operationally to tackling it.
On the regulatory side, the PSR has appointed Frontier Economics to independently review APP fraud policies. Results are due in the second half of 2026, with findings expected to shape future fraud rules, performance reporting, and reimbursement requirements.
Security Editor
Sophia unpacks the invisible wars happening on our networks. Covering cybersecurity, privacy legislation, and cryptography, she exposes how our data is weaponized and defended. Before joining for(geeks), she spent years as a penetration tester. She's the reason the rest of the team uses physical security keys.
via TechRadar


