Credit Unions Swelter in Summer of Scams

Earlier this summer, a woman wearing scrubs walked into a branch of Railway Credit Union in Mandan, N.D. It wasn’t her first time there — the day before, she’d opened an account at the credit union, which has $109 million in assets and about 7,300 members. Now she wanted to cash a payroll check from a health care company with a Bismarck address.

But an eagle-eyed credit union employee got suspicious about the timing of the transaction and decided to verify the funds with the issuing bank. Bingo: the check wasn’t from a valid account. And the supposed employer’s address didn’t check out either.

It wasn’t the first time someone had tried to cash a fake payroll check at a credit union, said Katie Dressler, who is chief officer of member engagement at the Credit Union Association of the Dakotas, which sent out an alert about the scam in June. In fact, there was a second attempt soon after. But the timing was notable, she said — another example of the fake-check rings, phishing enterprises, counterfeit bills, phone spoofing and other fraud schemes that industry pros say seem to intensify during the summer.

“It’s definitely seemed like it has picked up a little bit, especially this month,” Dressler said. “I think just in general our credit unions are watching very, very closely for those things — I also think they’re becoming better about detecting them.”

Jonathan Kirby, who is assistant vice president for security and investigations at Redstone Federal Credit Union, also said criminal activity against credit unions has picked up over the summer and tends to do so every year. The Huntsville, Ala.-based credit union has $4.7 billion in assets and about 416,000 members.

About two months ago, Redstone members started getting phone calls that looked and sounded like they were from the credit union, Kirby said. The caller tells the member the credit union has detected fraud on the member’s card, and then they ask for the card’s CVV number, claiming they need to prove the card is in the members’ possession.

But what the criminal is really doing is gathering the last piece of information needed to rack up thousands of dollars in fraudulent purchases using the rest of the member’s stolen card data.

“They choose a decent dollar amount transaction at a well-known merchant. Obviously our member has not performed those transactions, so their heart rate gets escalated and they want to do whatever they can to stop further activity from occurring,” he explained. That’s when the fraudster asks for the CVV.

“They’re very convincing,” Kirby explained. “They have all the information that they need with exception of the CVV, and so they’re very careful to point out, ‘I don’t want your card number, I don’t want your expiration. We just need to verify that you are in possession of your card.’”

“When they provide the CVV — this is what amazes me — typically within five to 10 minutes, 10 minutes at the outside, they have coded and manufactured a counterfeit card and they’re using it,” he added.

Criminals aren’t doing everything remotely, however. Many of them are going to branches this summer so they can use fake documents to open fake accounts, CO-OP Financial Services Industry Fraud Specialist John Buzzard said.

“There’s a lot of really high-quality-looking fake driver’s licenses,” he explained. “We’ve seen a fraud actor that has handfuls of counterfeited Virginia driver’s licenses that he uses when he goes out to credit unions.”

One tip-off, he said, is that few legitimate people show up at a credit union branch with everything they need to open an account.

“Sometimes, if they’re hard to identify, you would have to send them away to collect some information and then you would open an account. But for a fraudster like this particular fellow, he shows up with a fake ID that matches his image close enough that people don’t question the image part of it, but he also explains he just moved to the area and in his pocket he happens to have two or three counterfeited utility bills with a fake address. Everything’s ready to go,” he explained.

The criminal, whom Buzzard said is still on the run, often acts disgruntled — upset that he’s waited in line.

“You would think a criminal would blend in and just be sweet and quiet, but it works because he’s sort of replicating what he thinks is more of an authentic behavior,” he added.

There are ways to fight back against summer scammers, the pros said.

Trust but verify

Credit unions must train employees — especially on the front line — to look for signs of fraud, and they must develop cultures that make employees feel comfortable slowing down and taking action when things look strange, Buzzard warned.

“It really means a lot to be able to say to your employees, ‘I think it’s fine if you have somebody that’s in front of you and you’re questioning it to go ahead and question it,’” he said.

“And people appreciate it; the members love that extra step,” he added. “Everything is so formulaic in the way the world works that fraudsters depend on it.”

It can prevent some unfortunate conversations, Kirby added.

“You’d rather call them up and tell them that there was an attempt, than them call you up and tell you that they’re $40,000 missing from their account,” he added.

Watch 24/7

Investing in real-time fraud-monitoring software is important — a move Kirby said Redstone has made. But it’s also important to have the right staff in place to keep an eye on what that software is doing, he noted.

“It’s very interesting because when [one of our fraud analysts] goes to lunch now, they always make sure that someone else is on the software,” he said. “Because in a matter of an hour, we could lose a couple hundred thousand dollars. It’s not like it used to be. An hour away from the software, you might have an attempt, you might not have an attempt.”

Talk about it

Credit unions should tell their leagues about fraud attempts so they can spread the word quickly, Dressler said.

“I think that really helps the rest of our credit unions,” she said.

Credit unions should also make sure they’re providing concise, understandable warnings to members, Buzzard added.

“I don’t think that people want to read War and Peace when they log into online banking,” he said. “It’d be really nice if you could just break it down into like a little digestible — I hate to say the size of a tweet — but something that people can grasp and say, ‘Oh, you know my credit union just warned me the other day about being careful depositing checks from people you don’t know.’ That really does help.”

Celebrate September

Though dealing with fraud is unfortunately the new normal for many credit unions, Buzzard said things tend to slow down a little when autumn rolls around.

“Criminals have to send their kids back to school, too,” he noted.

But things will likely pick up again over the coming holiday breaks.

“All kinds of skullduggery starts to kick in around Thanksgiving,” he warned.