Both new account and account takeover fraud have increased significantly over the past several years, from around 2.5 million victims in 2015 to 10 million in 2021. At the same time, the amount of fraud per transaction has risen. It’s no wonder they continue to be highly motivated to target financial institutions.
Fraudsters are getting better at perpetrating fraud. They are increasingly working together to gather and disseminate information, and on the dark web, there are how-to guides and best-practices documents that teach phishing techniques and information on how to run an account takeover scam at a specific financial institution along with a rating of that institution’s security measures.
In addition, fraudsters also share the data itself, making it easier to create a “fullz package.” From one breach, they might be able to get Jane Smith’s login information, email address and online banking passwords, and from later breaches, they might snag her Social Security number and credit profile information to help answer out-of-wallet questions. Using data-mining techniques, the fraudster can then open a new account using this information. Or the bad actor can call the financial institution where they know Jane has accounts, answer the verification questions and make changes to take over the account.
But financial institutions and their service providers are also stepping up their game, and often it’s being driven by the same collaborative approach to create a solution greater than the sum of its parts. In a survey of frontline fraud fighters, 81% of respondents say they collaborate or share insights and ideas with fraud fighters working at other institutions at least a few times a year, with a third of them saying they collaborate weekly or daily.
It should come as no surprise that fraud fighters are starting to embrace the benefits of collaboration because it greatly increases the ability to successfully combat fraud. Being a part of a collaborative network brings fraud investigators into a mutually beneficial relationship with other financial institutions where contributions from each institution helps to create a feedback loop. Each participating institution provides information about which accounts have been confirmed as fraudulent and which have been confirmed as legitimate. Sharing findings improves fraud models and drives additional efficiency by reducing false positives.
The other big benefit of being part of a collaborative fraud prevention network is the ability to see and track velocity, which can be a significant predictor of fraud.
Velocity is a view across the banking system of the various financial institutions that contribute new account inquiries or profile change requests. We know that fraudsters frequently target multiple financial institutions – either because they fail and are looking to improve their approach, or because they’re successful and they want to perpetrate as much fraud as they can.
Velocity tracking helps investigators identify those scenarios where the application data looks right, but the fact that the applicant took that data to five different institutions in a short period of time raises a red flag. It can also help identify legitimate consumers. If the velocity data reports that the network has only ever seen Jane Smith at one address, with one Social Security number and at one financial institution, it increases the likelihood that the activity is legitimate and normal consumer behavior.
