5 minutes with Amy Grieveson, Director of Security Behaviours and Governance
Hi Amy! Tell us a bit about yourself.
I’m the Director of Security Behaviours and Governance here at Monzo. My job is to understand the human side of security – how people really think and react when something feels risky – and to make staying safe feel easy.
I focus on designing systems, policies and information that help people protect themselves, without getting lost in jargon. The goal is to make sure people feel confident making the right choices and, just as importantly, safe enough to tell us when something’s gone wrong.
Outside of work, I spend most of my time trying to avoid being scammed by my two daughters, who already seem to have mastered behavioural science techniques!
What's the one thing you wish you'd known about money sooner?
I wish I’d known sooner that it’s okay to talk about money.
Most people still find it awkward, and that makes everyday conversations harder – how to split the bill, how much to chip in for a group gift, or being honest about our salary expectations. It can lead to really difficult conversations, often with the people we care about most.
From a security point of view, it’s just as important to talk about when something’s gone wrong. Being open about money and our experiences doesn’t just make things fairer and less stressful – it helps us spot scams, share lessons, and support each other. The more we talk about it, the easier it gets for everyone.
What's a common myth about scams?
That they’re obvious, and that you’d never “fall for” one.
Scammers are professional social engineers – they’re masters of behavioural science and understand how people think, not just how technology works. Our data shows scams don’t only impact older or “less tech-savvy” people; in fact younger people (age 25-34) and those working in tech and engineering are more likely to report they have been scammed.
Everyone is susceptible, especially when we’re tired, stressed or distracted. It’s really important to know that scams target emotion and not intelligence, and that everyone should operate online with curiosity and healthy scepticism.
What new scam tactics should people watch out for next year?
Tools that can copy someone’s voice, writing style or even face are becoming easier to use and way more accessible, so we should expect scams to become more personalised and convincing. You might get a call that sounds exactly like a friend or family member asking for help, and that’s hard to ignore.
We’re also seeing more scams that blend real and fake information – like fake job offers that use genuine company names, recruiter profiles and even real LinkedIn details. They look authentic because parts of them are real, which makes it much harder to spot what’s fake until money or personal data has been handed over.
The days of spotting scams through spelling and grammar errors are behind us (mistakes are now back in the hands of humans!). Noticing scams will require us to tap into emotions more, and build that muscle to pause and take a beat before acting on anything.
What are three simple things everyone can do today to protect themselves?
Understand it: security isn’t complicated, it’s just been badly explained. Curiosity is your best defence; the more you engage with it, the harder it is for scams to catch you off guard.
Take control: set yourself up for success by keeping your apps up-to-date, using a password manager, and turning on two-factor authentication. Small habits like these quietly do the heavy lifting for your security.
Talk about it: there’s no shame in being scammed – if it happens to you, report it, and talk to your friends and family. Scammers rely on silence and shame, but open conversations make everyone safer and more confident to spot the next attempt.