Fraudsters grow more virulent during the pandemic

COVID-19 has created new opportunities for fraudsters to exploit banks, credit unions and their customers. This month’s BAI Executive Report identifies the challenges faced by financial services organizations and offers insights on how to address them.

 

Fraudsters are nothing if not resourceful and opportunistic—give them an inch, and they’ll take as much as they possibly can. And COVID-19, which has brought severe disruption to workplaces and customers, certainly created many opportunities for them to exploit financial services.

The latest fraud trends report from LexisNexis Risk Solutions found that monthly fraud attempts at financial services firms climbed nearly 20 percent during the period after the arrival of the coronavirus, and that the cost of fraud to the firms increased by roughly 11 percent.

The types of attacks aimed at banks and credit unions have also grown more varied and sophisticated. Some of them take inspiration from the specifics of the COVID-19 environment—examples include calling work-from-home bank employees while posing as company IT representatives, and contacting customers new to digital banking and pretending to be from bank call centers.

This month’s BAI Executive Report identifies fraud and cybersecurity challenges faced by financial firms and offers insights on how to address them. Our lead story by Karen Epper Hoffman digs into the tougher time that smaller financial providers are having with fraud because of their more limited IT departments and smaller capital budgets. She centers her reporting around a family of community banks in the Midwest working to stay ahead of the scam artists plying old and new tricks.

Because customers can be weak spots in a bank’s defense, these banks have prioritized efforts to raise awareness of various fraud risks and how to minimize those risks. They are also implementing stronger employee protocols and technology for prevention and detection to further harden their security.

New account opening is a main targets for fraudsters during COVID-19, with cybercriminals using personal information stolen in phishing attacks or data breaches. Remote takeovers of cell phones, used for sending those six-digit codes to confirm identity, have also been reported.

In his article, Howard Altman writes that 85 percent of banks and credit unions experience fraud during the account opening process, but they are fighting back. Responses include increasing their training regimens, which can better prepare bank employees who have been shifted to new roles during the pandemic. BAI’s training business has seen nearly a 20 percent jump in the use of its curriculum.

Cheryl Chiodi from ABBYY makes the case for a holistic approach centered on automation and analytics. She contends this can not only provide more-robust risk protection, but also enhance the customer’s experience, which can help generate more revenue.

In her article, she defines this holistic strategy as being “a dynamic, continually evolving combination of prevention, detection, analysis and response.” And its high-tech structure allows for lessons learned in one place to be shared, enabling the industry to join together to safeguard common interests.

The other articles in this month’s Executive Report include:

» Andy Shank from Harland Clarke on fraud pressures facing small businesses, for whom each dollar lost represents a bigger chunk of revenue. He lists 10 ways to minimize the risk of getting scammed—near the top of the list is hiring well and not skimping on training.

» Katie Kuehner-Hebert on how banks are working to infuse their anti-fraud technology with customer-friendly features that blend more smoothly into the banking experience. One of the keys, she writes, is to build in more personal characteristics into the security side.

» Chad Davis from F5 on the fine security line that banks and credit unions walk between protecting customers and frustrating them, but from the verification perspective. He advocates for more modern, technology-based solutions to strike that balance.

» And Jordan Riek from Cardtronics on what banks and credit unions can do to make their ATMs less vulnerable to attack, both by tech-minded fraudsters and brute-force bad guys using heavy chains and pickup trucks. These days, he writes, ATMs function like miniature branch offices and, security-wise, need to be thought of that way.

With the development of COVID-19 vaccines, we are all optimistic that we may be on the back side of the current pandemic. But there is no accompanying anti-fraud vaccine, so banks and credit unions must be diligent in taking measures to protect themselves from infection by those intending to do them serious harm.

Terry Badger is the managing editor at BAI.

Subscribe to the BAI Banking Strategies newsletter and podcast.