Skip to main content
Search

Spotting email fraud: protecting your clients and your business

Date: 24 June 2026

Protect yourself from tax and other scams

4 minute read

Authorised push payment (‘APP’) fraud and email account compromise are costing UK clients hundreds of millions of pounds each year. Fraudsters are becoming more sophisticated, often exploiting trust, familiarity and routine to bypass even experienced professionals.

For advisers, the risk is no longer theoretical. These scams can lead to financial loss for clients, alongside reputational and regulatory consequences for your business.

In summary

Email fraud often involves impersonation, urgency and changes to bank details. Where something feels unusual, it is important to pause, verify and challenge before any transaction is processed.

What is email compromise fraud?

Email compromise fraud occurs when a fraudster gains access to a client’s email account without their knowledge and uses it to impersonate them.

They may monitor genuine communications over time, learning how the client writes and when transactions typically take place. When the opportunity arises, they intervene with a request that appears credible, often linked to a legitimate conversation or activity.

What is authorised push payment (APP) fraud?

APP fraud happens when someone is persuaded to send money to an account controlled by a fraudster.

In an advice context, this can involve a compromised email account being used to request withdrawals, provide new bank details or create a sense of urgency around a payment.

How these scams typically unfold

Email compromise fraud often follows a familiar pattern.

A client’s email account is accessed without their knowledge. The fraudster observes past conversations, replicates tone and behaviour, and then sends a request at a point where it appears plausible.

You may receive what looks like a legitimate instruction, for example:

  • a long-standing client requests a large withdrawal
  • they say they are travelling, busy or unable to take calls
  • the tone seems slightly different, perhaps shorter or less personal
  • new bank details are provided, with a request for urgent action

Taken individually, these signals can be easy to explain. When they appear together, they should prompt caution.

Why these scams work

These scams rely as much on human behaviour as they do on technical access. Fraudsters exploit:

  • trust built through long-standing client relationships
  • familiarity with established communication patterns
  • urgency, which can discourage verification
  • routine processes that appear predictable and easy to replicate

Even experienced advisers can be caught out where controls are not applied consistently.

Warning signs to look out for

There are a number of indicators that a request may not be genuine. Be particularly alert to:

  • unexpected contact or unusual instructions
  • a change in tone or communication style
  • requests that do not align with a client’s known objectives or plans
  • instructions not to verify details by phone
  • new or amended bank account information
  • a strong sense of urgency

Where more than one of these factors is present, the level of risk increases.

What to do if something does not feel right

If an instruction raises any concern, treat it as a potential fraud case until you have verified it. Before taking action:

  • call the client using contact details already held on record
  • do not rely on email confirmation, even if the request appears genuine
  • avoid replying within the same email chain to validate instructions
  • treat any new or amended bank details as high risk
  • pause the transaction until you are satisfied the instruction is legitimate
  • escalate internally if there is any doubt

It is better to delay a transaction briefly than to proceed on the basis of a fraudulent instruction.

The role of the adviser

Advisers play an important role in helping to protect clients from fraud. That includes:

  • setting clear expectations about how instructions will be verified
  • encouraging clients to report anything unusual in their communications
  • applying consistent verification processes across the business
  • challenging requests that fall outside normal patterns

In a fraud landscape that depends heavily on human judgement, vigilance remains one of the strongest controls available.

How Quilter can support you

At Quilter, controls are in place to help reduce the risk of fraud and to investigate suspicious transactions where concerns arise. These controls are designed to support advisers, but they are most effective when combined with strong front-line awareness, consistent verification and appropriate challenge.

Final thought

Fraudsters are increasingly sophisticated, but the underlying patterns remain familiar. If something does not feel right, take the time to check. A brief pause, a conversation with the client and a consistent approach to verification can all help reduce the risk of a fraudulent payment being made.

Related articles

Investor trends survey Q2 2026

Read the latest edition of our investor trends survey, a quarterly survey of the views of our WealthSelect global partners.

Published 11 June 2026

Investment scams in the age of AI: how to stay protected

3 minute read

Investment scams are becoming more sophisticated, with fraudsters increasingly using artificial intelligence (AI) to make their schemes look genuine.

Published 04 June 2026