Today’s Top Fraud Trends: 10 Ways to Win the War
CO-OP discusses how to fight today’s top fraud incidents with proven tools and strategies.
And, securitymetrics.com projected consumers will experience “large-scale social-media-based hacks that lead to massive data losses,” compromises in biometric data and a serious breach at a “major cloud storage provider” – all in 2019.
Here is an overview of today’s top fraud trends – and how to fight them with proven tools and strategies:
1. Stopping Business Email Compromises
This threat occurs when a fraudster impersonates a high-level executive and sends an email with, for example, an invoice and instructions on how to wire funds. An unsuspecting recipient may believe the invoice is real – as the sender appears to be a trusted source – and unwittingly wires funds to the fraudster.
Whenever a suspect communication is received, employees should be cautious. It is essential to double-click on the email address and scrutinize it to determine if the email address of the sender is valid. Remember: If the request involves funds or data, there should be a verbal verification performed by the recipient of the email.
2. Fighting Phishing Threats From the Inside
Fraudsters are constantly shopping for credentials that give them access to corporate email accounts and servers. So, while an email may have originated from inside your organization, it still might be compromised with malware-infected links or attachments.
To avoid an InfoSecurity incident, verify all emails that contain links and attachments regardless of who sent them.
3. Avoiding Fileless Malware
Many corporate enterprises today caution employees to “think before they click.” However, they fail to address the risks posed by browsing infected websites.
Make sure employees consult the IT department before conducting research on poorly secured websites. Don’t forget to keep personal browsing to a minimum if you aren’t performing a job-related task.
4. Preventing Card-Not-Present Fraud
Card-not-present fraud is also a continuing threat. The good news here is that everyone has access to great fraud decision tools today and more progressive organizations are deploying machine learning as an added powerful foil to CNP fraud. CNP fraud strategy is always a work in progress, so don’t forget that mitigation is ongoing and constant.
Always remember to communicate any suspicious activity to your fraud prevention partners as soon as possible to maximize fraud capture.
5. Synthetic I.D. Fraud
This occurs when a fraudster obtains access to stolen consumer data and then fills in any gaps with fake information or personally-identifying information belonging to another consumer. The obvious goal here is to use this weaponized arsenal to open new bank accounts in order to perpetrate credit fraud, check kiting and a bevy of account bust-out schemes. Unauthorized access to existing member accounts is also a target in this growing threat metric.
Synthetic ID Fraud can be reduced with new technologies that verify driver’s licenses and passports. Vendors like Fraud Fighter offer devices covering all aspects of I.D. and bill authentication, and are worth exploring.
6. Battling First-Party Fraud
False fraud claims from members remain all too common today – which is why credit unions should consider the dispute resolution services of Ethoca, Verafi or other companies that leverage insight into actual transactions to determine whether a claim is legitimate. These vendors won’t replace your current dispute resolution provider but they may add extra information that enables your credit union to make smarter decisions.
7. Investing in Digital Document Verification
Identity theft is often married to first-party, loan and credit application fraud, so deploying technology to stop this type of criminal activity is well worth the investment. Identity verification is a natural part of financial services and consumers are demanding faster digitized channels for maximum convenience.
There are several vendors offering digital identity verification, so review your options and choose a solution with a proven track record of effectiveness to reduce fraud and speed up the verification process.
8. Purchasing the Right Cyber Insurance
Cyber insurance covers a business’ liability for a data breach, with most policies covering the costs of client notification, data recovery and sometimes threat remediation.
Credit unions should invest wisely in a comprehensive cyber insurance policy that protects the business from end to end. Keep in mind that state, local and federal requirements need to be reviewed prior to making a decision. Helpful information is available from the FFIEC, the NCUA and CUNA. If you already have cyber insurance policies in place, don’t forget to review them annually to ensure adequate coverage.
9. Securing Digital Banking Transactions
Virtually every consumer has a mobile device today, and this is helpful in the realm of digital banking – as long as the consumer is using your official banking app and not something they downloaded from a random social media website that could contain malware. Don’t forget to require long and strong passwords and remind your members on how to obtain your official mobile app to avoid problems later. Remind your members to use Cardless Cash at the ATM. Prestaging a transaction remotely keeps card data safe and engages the member.
10. Promoting Mobile Wallets
Consumers are starting to really embrace mobile wallets. This payment method is highly secure – as long as the financial institution observes Yellow, Red and Green path protocol to ensure stronger security. Remind your members that payments by mobile wallets are safer – many have no idea until you open up the conversation by providing excellent member service.
John Buzzard is Industry Fraud Specialist for CO-OP Financial Services. He can be reached at john.buzzard@coop.org.