Fraudsters have leaned hard into the unprecedented market incentives presented by pandemic-related disruptions. Depending on who’s doing the counting, identity fraud in its various forms shot up between 30% and 100% in the United States in 2020, and the numbers continued to climb in 2021. Similar trend lines can be seen for COVID-19 relief fraud, social engineering, card fraud and other scams.
For banking institutions and their customers, fraud losses have annually run into the tens of billions of dollars for years. But in the pandemic era, the potential reward for scammers has skyrocketed. The heavy flow of government stimulus funds intended to mitigate COVID-19’s impact created a larger opportunity set for crime, while the many millions of digital-banking novices created new possibilities for both clever and workaday crooks.
The report’s lead article, by Ed Lawler, describes those working to protect banks and credit unions and their customers from fraud as players in a perpetual game of Whack-a-Mole: Focus on the issue in front of you, and up pops a costly new problem somewhere else. Banks are employing a range of strategies in their attempts to limit the number of moles in play.
The challenge for banks has been to provide effective protection without degrading the user experience, but some say we already have the key to achieving that balance. “The technology exists to dynamically apply precise security for every single login and every transaction,” one expert told Lawler. “That’s the Holy Grail.”
What criminals do once they’ve taken over a customer’s account has also changed in some cases. Getting in and out fast is no longer the imperative—now, some fraudsters are setting up camp inside that hijacked account. They’re learning the financial rhythms of the account owner, maybe routing stolen money through the account while they patiently wait for their big score.
This long-game approach is among the subjects discussed in my Q&A with David Schneiderman and Andrew Corbett from fraud solutions firm NICE Actimize. They expect device duplication and schemes aimed at real-time payments to be important fraud trends in the coming year.
Indeed, given the ubiquity of mobile devices and our ever-growing reliance on them, it’s no surprise that these devices are in the fraudsters’ crosshairs via phishing, smishing (phishing via text message) and other schemes. BAI contributing writer Katie Kuehner-Hebert writes that roughly one in six Americans was the victim of a phone scam in the past year, with the average loss topping $500.
And the risks go beyond customers: Scams are also targeting bank employees who use their personal phones to log in to work-related applications.
Staying one step ahead: Bob Madrid from Vericast writes that criminals are getting bolder and their schemes more intricate and creative. To counter these trends, financial institutions need to have a clear understanding of the fraud landscape, adopt best practices in addressing fraud and embrace the latest technology.
How banks can close the fraud knowledge gap: Christina Luttrell from IDology writes that the typical customer does not have sufficient understanding of fraud forms and risks, especially when it comes to digital banking. She makes the case that financial institutions should invest more in cyberfraud security education to raise awareness of the many threats.
Don’t forget about check fraud: Matt Klempa from TROY Group acknowledges that payments are clearly trending toward digital, but paper checks still represent a major chunk of the market, particularly in the business realm. He writes that more secure check options are available for financial institutions to better safeguard customers.
Protecting customers from themselves: JP Blaho from BioCatch writes that the big upswing in social engineering scams requires banks and credit unions to rethink their strategies for protecting their customers and themselves. He says deeper visibility into a customer’s typical behaviors can help detect unusual activity that may indicate fraud in the making.
Unplugging the credit-washing machine: Jason Kratovil from SentiLink writes about the risk impacts and other challenges that credit-washing schemes, which center around false claims of identity theft, present for financial institutions. At the core of the issue are regulatory moves, intended to benefit legitimate victims of identity theft, that have been vigorously exploited by fraudsters.
Compliance training and professional development courses that are efficient, effective and on-point. Give your people the latest industry-approved tools they need to improve performance, reduce operational risk and better serve your customers.