Authorised push payment (APP) scams involve scammers convincing their victims to make payments they believe are legitimate, when in fact they're sending money directly to the fraudsters. The pattern and trends of APP Scams are consistent globally and our data shows the most popular typologies as well as how these are evolving.
APP scams are global, transcend borders and affect all jurisdictions. The interconnected global economy and the ease with which information and money can be transferred across borders means one instance of an APP fraud can affect multiple financial institutions worldwide. It is estimated that global scam losses amount to billions each year.
KPMG's Global Banking Scam Survey encompasses the views of 48 banks in 16 countries, across 5 continents to identify trends and best practice that helps these institutions to protect consumers.
Download the report
Download our report to read the responses and insights from survey participants.

KPMG Global Banking Scam Survey 2025
Global banking scam survey insights
Discover KPMG's cyber services
and technology solutions
-
Forensic Investigations & Integrity Services
Contact KPMG's banking scam specialists
To find out how KPMG can help you design, assess and implement your scam risk management framework, get in touch.
- Item 1
- Item 2
- Item 3
Financial crime prevention and fraud risk management insights
Something went wrong
Oops!! Something went wrong, please try again
FAQs
Our data found the most common APP Scams are:
- e-commerce and purchase scams
- investment scams
- sophisticated impersonation scams (including bank employees, CEOs and authority figures).
- romance scams.
Our research found the best approach is a combination of several proactive and reactive methods. These may include pausing or blocking transactions and accounts, contacting customers, warning messages in the online or app banking experiences and real time monitoring of inbound customer activities.
Fifty-nine percent of survey participants said their technology stack used an orchestration layer which integrates multiple data sources into a single system to allow faster and more accurate decision making as well as easier interrogation in the case of cyber incidents. Other next-generation technology in consideration included behavioural analytics, deepfake detection and generative AI-produced dynamic warnings.
All our participants felt that education was a process of continual engagement across multiple platforms, rather than a single effort. A few banks said campaigns were effective for a short time. Some were considering other approaches, including:
- industry partnerships and collaborations
- tailored messages about fraud trend used on hold messages at contact centres
- seasonal initiatives targeting holidays like Christmas or events like major concerts
- compulsory e-learning modules about cryptocurrencies before they could open a digital wallet.