When a 30-minute pause saves a life’s savings

What more than 1,000 scam cases — and conversations with banks on three continents — taught us about interrupting fraud at just the right moment.

There’s a common pattern in almost every social engineering scam we’ve studied. Whether it starts with a convincing email, a spoofed caller ID, or a fake bank website, the moment that matters most usually happens after the call ends.

The payment has been made.
The pressure lifts.
The voice in their ear goes quiet.
And then it hits: “Wait… what just happened?”

That moment of realisation often comes minutes too late.

Over the past year, we’ve reviewed more than 1,000 cases of real-time payment fraud, and spoken with over ten banks across the US, EU, and Australia. We’ve seen the same techniques play out again and again: impersonation, fear tactics, emotional manipulation. The methods evolve — from phishing emails to vishing calls and deepfake scams — but the psychological playbook rarely changes.

The scam works when the pressure’s on.
It falls apart the moment there’s time to think.

Inside the psychology of social engineering

Fraudsters don’t need your credentials — they just need your trust. That’s what makes social engineering so effective. It’s not about brute force. It’s about cognitive overload.

Here’s the pattern:

• Urgency and fear: Victims are told their account’s at risk. “You must act now or lose everything.” It creates a tunnel vision — everything narrows to the task at hand.

• Authority bias: The scammer impersonates a trusted figure — a bank official, police, or CEO — often using caller ID spoofing or email spoofing to make it believable.

• Emotional manipulation: Some scams build over days or weeks. Investment scams and romance scams rely on building trust slowly, then cashing in when the victim is emotionally invested.

• Real-time coaching: Many victims are coached live, on the phone. The scammer stays in control, guiding them step-by-step through login flows, fraud warnings, even confirmation of payee screens.

• Isolation tactics: Victims are told not to speak to anyone — “This is confidential”, “Don’t tell your team”, “We’re investigating internal fraud.”

These are the moments where people fall victim to Authorised Push Payment (APP) fraud, real-time payments fraud, and payment redirection scams. It’s not that users don’t know the risks — it’s that they’re not given the space to recognise them.

Why the realisation comes after, not during

Most victims don’t realise they’ve been manipulated until the pressure ends. Sometimes it’s a minute after the call. Sometimes it’s an hour. But in most cases, it’s fast.

They notice the bank details look wrong. Or the voice they trusted starts to feel off. Or they finally have the chance to talk to someone — and that’s when it all clicks.

In a study by Which?, victims repeatedly said they felt “foggy” or “not themselves” during the scam. That’s cognitive overload in action — a result of isolation, fear, and the intense pressure to act. The fraudster’s goal is simple: keep the user acting, not thinking.

Delays change the game

So what happens if you introduce a cooling-off period? Just 15 to 60 minutes between when a user authorises a transfer and when the money leaves?

You break the scam script.
You give the victim time.
And for many, that time is all they need.

A FICO study found that 45% of users actively want cooling-off periods for high-value transactions. And 73% said they’d feel more positive about their bank if it paused a suspicious payment. It’s not about locking people out — it’s about helping them protect themselves.

We’ve seen first-hand how a well-placed delay stops APP fraud in progress. One bank we spoke with introduced a short pause for new payees flagged by behavioural biometrics and risk-based authentication. Their fraud rates on those payments dropped significantly — and customer complaints didn’t rise.

Scammers don’t like friction

When friction enters the flow — whether it’s a delay, a warning, or a second opinion — scammers tend to push harder.

• They tell the victim it’s standard protocol.

• They coach them through confirmation screens and fraud alerts.

• If the victim hesitates or asks questions, they often hang up.

This is where delays shine. Not because they stop every scam, but because they create hesitation. And hesitation gives users a way out.

Some scammers adapt, yes — but many disappear the moment they sense the victim is slipping from their control. They’re running a high-volume game. They want fast wins, not drawn-out resistance.

Designing friction that protects, not frustrates

Nobody wants a 24-hour delay when they’re trying to pay rent or close a deal. But friction can still be effective — if it’s smart, contextual, and human.

Here’s what we’ve seen work:

• Targeted payment delays — for large transfers, first-time payees, or risk-flagged behaviours.

• Clear, calm language — “We’ve paused this payment for 30 minutes to help protect you from fraud. If this payment was made under pressure, you can cancel it during this time.”

• In-the-moment education — not a generic popup, but relevant, empathetic messaging based on the situation.

• Customisable settings — letting users opt in to stronger protections builds trust and ownership.

• Adaptive segmentation — using customer profiles to offer more support to high-risk or vulnerable users.

The goal isn’t to block payments. It’s to build confidence. Delays, scam warnings, behavioural cues — they’re all part of a smarter, friction-based security model.

What we’re building at Enlace

We’re working with banks and credit unions to turn these insights into action. Our fraud prevention platform uses behavioural signals — like rushed logins, new device access, MFA fatigue patterns, and smishing/Vishing triggers — to detect when a user might be under social engineering pressure.

From there, we apply smart interventions:

• Suspicious transaction monitoring that looks beyond the transaction value

• Friction-based delay rules tailored to customer behaviour

• Confirmation screens that don’t just ask “Are you sure?”, but provide a moment to stop and think

Whether it’s APP fraud, CEO fraud, invoice scams or BEC — the faster the payment, the smaller the rescue window. That’s why a little more time, placed at just the right moment, can change everything.

Fraud prevention doesn’t need to be a wall.
Sometimes, it just needs to be a pause.

One that helps people move from pressure to clarity.
From panic to control.
From “I didn’t see it coming” to “I stopped it in time.”

That’s the kind of protection people remember.

The insights in this post are based on industry research, conversations with banks and fraud prevention experts, as well as our own experience. The content is for general information only and not intended as legal, financial, or technical advice. While Enlace strives for accuracy, the information may not reflect the latest developments.