Both new account and account takeover fraud have increased significantly over the past several years, from around 2.5 million victims in 2015 to 10 million in 2021. At the same time, the amount of fraud per transaction has risen. It’s no wonder they continue to be highly motivated to target financial institutions.
Fraudsters are getting better at perpetrating fraud. They are increasingly working together to gather and disseminate information, and on the dark web, there are how-to guides and best-practices documents that teach phishing techniques and information on how to run an account takeover scam at a specific financial institution along with a rating of that institution’s security measures.
In addition, fraudsters also share the data itself, making it easier to create a “fullz package.” From one breach, they might be able to get Jane Smith’s login information, email address and online banking passwords, and from later breaches, they might snag her Social Security number and credit profile information to help answer out-of-wallet questions. Using data-mining techniques, the fraudster can then open a new account using this information. Or the bad actor can call the financial institution where they know Jane has accounts, answer the verification questions and make changes to take over the account.
But financial institutions and their service providers are also stepping up their game, and often it’s being driven by the same collaborative approach to create a solution greater than the sum of its parts. In a survey of frontline fraud fighters, 81% of respondents say they collaborate or share insights and ideas with fraud fighters working at other institutions at least a few times a year, with a third of them saying they collaborate weekly or daily.
It should come as no surprise that fraud fighters are starting to embrace the benefits of collaboration because it greatly increases the ability to successfully combat fraud. Being a part of a collaborative network brings fraud investigators into a mutually beneficial relationship with other financial institutions where contributions from each institution helps to create a feedback loop. Each participating institution provides information about which accounts have been confirmed as fraudulent and which have been confirmed as legitimate. Sharing findings improves fraud models and drives additional efficiency by reducing false positives.
The other big benefit of being part of a collaborative fraud prevention network is the ability to see and track velocity, which can be a significant predictor of fraud.
Velocity is a view across the banking system of the various financial institutions that contribute new account inquiries or profile change requests. We know that fraudsters frequently target multiple financial institutions – either because they fail and are looking to improve their approach, or because they’re successful and they want to perpetrate as much fraud as they can.
Velocity tracking helps investigators identify those scenarios where the application data looks right, but the fact that the applicant took that data to five different institutions in a short period of time raises a red flag. It can also help identify legitimate consumers. If the velocity data reports that the network has only ever seen Jane Smith at one address, with one Social Security number and at one financial institution, it increases the likelihood that the activity is legitimate and normal consumer behavior.
The feedback loop also improves machine learning models by allowing for regular retraining based on the freshest data. The result could be processes and procedures that may be more advanced than what an organization has been able to establish for its investigators alone.
Organizations can identify trends across the banking system and establish normal patterns of behavior. Once they know the normal pattern of behavior, they can detect anomalies. And when they identify anomalies, they can create a strategy to give those suspect transactions a closer look.
When fraudsters band together, they can do more damage to financial institutions and their customers. However, with the power of collaboration, velocity data and feedback loops, fraud investigators can mount a significant defense and no longer need to be operating alone. They can – and should – be part of a community that shares data and resources to create a better, more sophisticated fraud-prevention model that directly responds to fraudsters’ team approach.
In this month’s BAI Executive Report, we examine where things stand with fraud protection and how it can be done more efficiently and effectively, including looking at the role of both humans and technology in fraud prevention strategies. Download Now...
A strong authentication process is key to mitigating mobile phone fraud and distinguishing legitimate customers from fraudsters. Don Smith, product manager of global fraud solutions at Neustar, a TransUnion company, spoke with BAI about strategies to strengthen customer authentication....
Compliance training and professional development courses that are efficient, effective and on-point. Give your people the latest industry-approved tools they need to improve performance, reduce operational risk and better serve your customers.