Identity fraud constantly challenges not only credit unions, but all financial institutions globally. Over the past six years, cybercriminals stole $112 billion or $35,600 every minute. The outlook gets worse.
An IBM blog report, “Massive Identity Data Exposure Leads to Rising Tides of New Account Fraud – What's Next?” revealed adding to the challenge are major data breaches, which resulted in a flood of personally identifiable information, such as names, addresses, Social Security Numbers, birthdays and more have added to the dark web.
This enables cybercriminals to catfish people's identities, making it harder for financial institutions to detect new account fraud in its early stages. And, as credit unions and banks continue to expand services online, new customers are arriving, but not all are legitimate: In 2016, identity fraud hit a record high with 15.4 million victims in the U.S. alone, up 16% from 2015.
“The challenge online service providers face nowadays is not only an increase in NAF, but also in NAF's sophistication and the difficulty to detect it in its early stages due to the more convincing nature of the elaborate data sets being used by criminals to open new accounts,” Limor Kessem, Global Executive Security Advisor, IBM Security, said in a blog. He added, detection increased when 41% of NAF uses real identities, with the correct information.
On October 31, IBM Security announced a new Trusteer offer to help financial institutions better identify and stop cybercriminals from opening fraudulent accounts by detecting and predict the risk of fraudulent intent.
Financial online fraud and the fuels that feed it have been growing steadily in the past decade, resulting in losses to financial institutions, businesses, and individuals, especially with cases of new account fraud, or NAF.
According to Javelin Strategy & Research, there was $112 billion stolen globally through fraudulent means between 2009 and 2015, equating to $35,600 lost every minute. In 2016, identity fraud hit a record high with 15.4 million victims in the U.S. alone, up 16 percent from 2015. Javelin predicted that NAF will rise as much as 44 percent by 2018 in the U.S., increasing losses from $5 billion to $8 billion in just four years.
Cybercriminals continue to target PII and personal health information because they represent lucrative targets. Matching different sets of PII with their financial information, like payment card data or account credentials, can enable criminals to compromise identities.
The common ways for cybercriminals to obtain personal details are through phishing attacks, information stealing malware, keyloggers, and data breaches from different sources. Kessem pointed out, “But data can be lost or stolen in other ways, due to oversight or physical theft. Even the over-sharing of personal information on social media has become a source of personal and identifying data for fraudsters, as are obtaining credit reports on potential victims, buying background checks, or scouring genealogy sites for extra information.”
The typical uses for the stolen data is basic financial fraud, involving the illicit use of payment card data or bank account details, but also cases of NAF, which have been continually growing and expanding.
After opening a new fraudulent account, fraudsters will typically wait and let the account lay dormant for an average of 30 days before they make a significant withdrawal. The eventual fraudulent transaction is likely to take place within the first 90 days of the account's creation.
Kessem noted an effective detection process should rely on a few factors: user parameter validation, fraud evidence collection, and early account activity monitoring
Some typical actions fraudsters take: depositing small cash amounts to the account, using forged checks to increase the account balance, and making withdrawals soon after funds become available.
“Post-creation monitoring of new accounts during that critical period is important in order to help identify the tell-tale signs of a suspicious account that made it through the enrollment, the possible use of mule accounts, and flagging known fraud patterns that can expose a loss in the making.” Kessem stated.
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
