First 24 Hours After Being Scammed — Ireland

Researched by A. R. Alsaedi, Head Researcher

Primary sources cited; not legal advice.

Source: An Garda Síochána; GNCCB; GNECB; Central Bank of Ireland Consumer Protection Code 2012; PSD2 (European Union (Payment Services) Regulations 2018); FSPO Act 2017.

Sourced from Irish Acts of the Oireachtas, statutory instruments, and official guidance. Written in plain language for general understanding — this is educational content, not legal advice. Our editorial standards

Irish National Law

What is this right?

Three jobs in parallel. Call your bank's fraud line immediately. Under PSD2 (S.I. 6/2018) Irish banks must reimburse unauthorised electronic transactions by end of next business day unless they have reasonable grounds to suspect fraud by you. Customer liability capped at €50 unless gross negligence. Report to An Garda Síochána at your local station; cybercrime cases route to GNCCB and economic crime to GNECB. Preserve evidence.

Emergency: 999 / 112. Crime Stoppers (anonymous): 1800 25 00 25.

When does it apply?

An unauthorised debit / credit card transaction, online-banking transfer, or direct debit on your Irish bank account.
You were tricked into authorising a transfer (impersonation — fake bank fraud team, fake Revenue, fake delivery charge).
An OTP, PIN, or m-banking login was disclosed to a caller who turned out not to be from the bank.
An online sale on DoneDeal, Adverts, Facebook Marketplace failed to deliver after payment.
Investment / crypto / 'authorised push payment' scam.
SIM-swap fraud.
Sextortion or NCII — see Data Privacy & Digital Rights.

What to Do in the First Day After Being Scammed

Call your bank's fraud line. Number from the card or in the official banking app. Block the card, freeze the account, request recall on transfers. Demand a written reference number. PSD2 requires the bank to refund unauthorised transactions by end of next business day.
Report to An Garda Síochána. Call your local Garda station or 999 / 112 for ongoing crimes. Cybercrime cases route to GNCCB; large-value or organised fraud to GNECB.
For investment scams or pension/insurance issues, also notify the Central Bank of Ireland.
For SIM / telecom scams, file at ComReg.
Preserve evidence. Screenshots, transaction SMS, voice notes. Cloud-save immediately.
Change passwords; switch to authenticator-app 2FA. SMS 2FA is defeated by SIM-swap.
Write a one-page timeline. Bank reference, Garda Pulse number, ComReg reference. FSPO escalation will ask for them.

What should you NOT do?

Don't share OTP / PIN / banking credentials with anyone — including someone claiming to be from your bank, Revenue, or An Garda Síochána. No Irish bank or state agency will ask for OTP.
Don't pay 'recovery agents' charging upfront fees. All Irish recovery routes (bank, FSPO, GNCCB) are free.
Don't delete WhatsApp threads, call logs, or fraudulent SMS.
Don't miss the FSPO six-month clock from the bank's final response. Once the bank issues a Final Response Letter, you have 6 months to refer to FSPO.

About Scams, Fraud & Money Recovery in Ireland

Ireland's scam-recovery system runs across three institutions. An Garda Síochána investigates cybercrime through the Garda National Cyber Crime Bureau (GNCCB) and economic crime through the Garda National Economic Crime Bureau (GNECB). The statutory frameworks are the Criminal Justice (Offences Relating to Information Systems) Act 2017 (giving effect to EU Directive 2013/40/EU) and the Criminal Justice (Fraud Offences) Act 2001. For the money side, Irish banks must reimburse unauthorised electronic transactions under EU PSD2 (Regulation 2015/2366) and the European Union (Payment Services) Regulations 2018 — generally by end of next business day. If the bank refuses, the Financial Services and Pensions Ombudsman (FSPO) resolves the dispute for free under the Financial Services and Pensions Ombudsman Act 2017. For telecom-side scams (fake calls, SMS, SIM-swap), ComReg is the regulator.

Emergency: 999 / 112. Crime Stoppers: 1800 25 00 25.

Common Questions

Will the bank reimburse an unauthorised transaction?

Yes, generally. PSD2 (transposed into Irish law by the European Union (Payment Services) Regulations 2018, S.I. 6/2018) requires Irish banks to reimburse the amount of unauthorised electronic transactions by end of the next business day unless they have reasonable grounds to suspect fraud by you. Customer liability for unauthorised use of a lost or stolen payment instrument is capped at €50 (Regulation 75) unless you acted fraudulently or with gross negligence.

What is the GNCCB?

The Garda National Cyber Crime Bureau is An Garda Síochána's specialist unit handling cyber-dependent and cyber-enabled crime. Reports through your local Garda station typically route to GNCCB if cybercrime is the primary feature. For large-value or organised fraud, the Garda National Economic Crime Bureau (GNECB) handles cases.

What does APP fraud / authorised push payment recovery look like in Ireland?

Ireland does not yet have a UK-style mandatory APP fraud reimbursement regime. For authorised-but-induced transfers (you were tricked into authorising), recovery depends on the bank's discretion under the Central Bank of Ireland's Consumer Protection Code 2012 and the FSPO's view on the facts. The FSPO has upheld a significant share of APP fraud complaints on appeal — escalation is worthwhile.

When does the FSPO clock start?

The six-month FSPO clock starts on the date of the bank's Final Response Letter. You must refer to FSPO within that 6-month window. The FSPO complaint itself is free; the bank pays a case fee. FSPO decisions are legally binding under the Financial Services and Pensions Ombudsman Act 2017.

What is the first 24 hours after being scammed right in Ireland?

Three jobs in parallel. Call your bank's fraud line immediately. Under PSD2 (S.I. 6/2018) Irish banks must reimburse unauthorised electronic transactions by end of next business day unless they have reasonable grounds to suspect fraud by you. Customer liability capped at €50 unless gross negligence. Report to An Garda Síochána at your local station; cybercrime cases route to GNCCB and economic crime to GNECB. Preserve evidence.Emergency: 999 / 112. Crime Stoppers (anonymous): 1800 25 00 25.

When does it apply — first 24 hours after being scammed?

An unauthorised debit / credit card transaction, online-banking transfer, or direct debit on your Irish bank account.You were tricked into authorising a transfer (impersonation — fake bank fraud team, fake Revenue, fake delivery charge).An OTP, PIN, or m-banking login was disclosed to a caller who turned out not to be from the bank.An online sale on DoneDeal, Adverts, Facebook Marketplace failed to deliver after payment.Investment / crypto / 'authorised push payment' scam.SIM-swap fraud.Sextortion or NCII — see Data Privacy & Digital Rights.

What should I do immediately after being scammed in Ireland?

Call your bank's fraud line. Number from the card or in the official banking app. Block the card, freeze the account, request recall on transfers. Demand a written reference number. PSD2 requires the bank to refund unauthorised transactions by end of next business day.Report to An Garda Síochána. Call your local Garda station or 999 / 112 for ongoing crimes. Cybercrime cases route to GNCCB; large-value or organised fraud to GNECB.For investment scams or pension/insurance issues, also notify the Central Bank of Ireland.For SIM / telecom scams, file at ComReg.Preserve evidence. Screenshots, tran...

What should you NOT do — first 24 hours after being scammed?

Don't share OTP / PIN / banking credentials with anyone — including someone claiming to be from your bank, Revenue, or An Garda Síochána. No Irish bank or state agency will ask for OTP.Don't pay 'recovery agents' charging upfront fees. All Irish recovery routes (bank, FSPO, GNCCB) are free.Don't delete WhatsApp threads, call logs, or fraudulent SMS.Don't miss the FSPO six-month clock from the bank's final response. Once the bank issues a Final Response Letter, you have 6 months to refer to FSPO.