Solving fraud in banks is a constant challenge. According to PYMNTS, banks experienced a 41% increase in fraud incidents between 2021 and 2022. ACH fraud increased from 19 to 24%, while fraud attacks via mobile wallets quadrupled. What’s more, there were nearly 1.7 million reports of identity theft in 2021 alone. The numbers have only soared for every type of bank fraud in recent years.
Given the strong similarities between the two types of entities, credit unions’ fraud issues are largely parallel to banks’.
Fraud prevention banking professionals know that as banking industry fraud increases, so do the associated losses. The United States’ Federal Trade Commission reported $5.8 billion lost to fraud in 2021 — up 70% since 2020 — with 2.8 million consumers impacted.
Why the steep increase in bank fraud? There are more fraud vectors. Digital channels are particularly susceptible, and as mobile banking, mobile payment apps, ACH payments and online loan applications rise in popularity, fraudsters targeting the banking industry stand to profit substantially.
Let’s examine various types of banking fraud, including what they are, how they occur and what can be done to stop them.
An Account Takeover – or ATO – occurs when fraudsters take ownership of an online account, often using stolen credentials. Thiefs can easily purchase credentials on the dark web or acquire them through social engineering scams, data breaches or phishing attacks and later use them to commit bank account fraud.
Once access is achieved, the attacker may change the password to lock out the real account owner. They may transfer money to another account, make fraudulent payments, or open new accounts (most often credit lines) in the victim’s name.
ATOs result in costly disputes for banks, and can have a detrimental impact on the company’s reputation and customer loyalty. They also cause substantial financial losses for consumers. About 22% of U.S. adults are victims of ATOs per year, with average losses of around $12,000.
Here’s a closer look at some of the techniques fraudsters may use to launch an ATO attack:
One of the most common type of bank fraud, New account fraud is also known as account creation fraud, account opening fraud, and fake account fraud. It describes the type of fraud that occurs when a fraudster or money mule opens an account with the intent of committing fraud, often utilizing stolen or synthetic identities.
They may steal identities of legitimate customers via data breaches or phishing, or they may sensitive information of children, deceased or even homeless people. In some cases, mules might create accounts using their own identities for fraudulent purposes, thus committing first-party fraud.
Fraudsters can also create synthetic or fake identities, which is more complex but common. To do this, they use some legitimate information about a real person combined with random, invented or stolen information from others. Once a new account is created, fraudsters may rack up charges or write checks against it in a victim’s name.
Money Laundering is named right – illegal or “dirty” money is put through a series of transactions through foreign banks and/or legitimate businesses, making it legal or clean. Through this process, the money is “washed” – its origin is concealed, and no one can trace it to illicit activities such as drug trafficking, corruption, embezzlement or illegal gambling. Typically, money laundering is executed by organized fraud rings. There are three stages to money laundering:
Some of the warning signs of money laundering include repetitive transactions in amounts just under $10,000. Transactions executed by the same account on the same day by different people and large numbers of internal transfers are also yellow flags.
It takes good expertise and strong data to combat money laundering and stay compliant with AML regulations to avoid regulatory and law enforcement issues. Customer due diligence is key, and so is having the right software to monitor accounts and warn officials of potential criminal activity.
Money mules transfer money that they acquire illegally either in person, via a courier service or digitally on behalf of someone else. They’re transaction mercenaries and paid for their services.
A criminal recruits a money mule to help launder funds that they secure through online scams and other types of fraud or criminal activity, such as drug trafficking. The mule helps add to the “layers” of distance between the criminal and the source of the funds they stole.
Money mules move funds through bank accounts, cashier’s checks, cryptocurrency, prepaid debit cards or other means. Some of the mules are aware that they’re assisting criminals, while others may be completely naive. For example, they may have a trusting relationship with the criminal who’s asking them for help, and think that they’re doing the person a favor. That’s why it is the one of the most difficult types of bank frauds to detect as mules pass all KYC and AML checks and are not flagged as fraudsters.
Payment fraud occurs when a cybercriminal completes any type of false or illegal transaction. There are many different types of transactions that take place in the banking Industry across the customer account lifecycle. Some examples include cash withdrawals and deposits, checks, online payments, debit card transactions, wire transfers and loan payments. Each one is an opportunity for bad actors to commit fraud.
ACH fraud occurs when a criminal steals funds through the Automated Clearing House (ACH) financial transaction network, which is a central clearing facility for all U.S. Electronic Fund Transfer (EFT) transactions. In 2020 alone, the Federal Trade Commission received more than 2.2 million fraud reports.
Imposter scams were the most common type of fraud, with scammers using Authorized Push Payment (APP) schemes to trick customers into executing ACH transitions. Since ACH fraud can be committed with just two pieces of stolen information – a business checking account and a bank routing number – it’s easy to commit. Banks must compensate consumer accounts for fraudulent ACH transactions, and, as a result, ACH fraud can be costly for banks.
Check fraud occurs when paper or digital checks are used to steal money. People may write fraudulent checks on their own accounts or closed accounts, forge someone else’s signature, or draft a fake check.
According to data published by the Association of Financial Professionals (AFP) in conjunction with JPMorgan, checks and wire transfers are still the payment methods most impacted by fraud (66% and 39%, respectively). One contributing factor to the rise in check fraud is the increased use of mobile check deposits, which rose 41% between 2020 and 2021.
Banks typically reimburse customers for check fraud, and the cost is high – for every dollar of losses, the associated costs for disputes and other fees is about $4.
Credit card fraud is probably the most common type of bank fraud. It is a broad term that signifies fraud committed using any type of payment card, including credit, debit, gift card, and prepaid ones. How do they obtain this information?
By stealing a physical card, finding a lost card or card information, or card skimming (for example at a gas station). It can e divided into card-present fraud (CP) and card-not-present (CNF) schemes. CNP fraud is 81% more prevalent than CP is.
The Payment Card Industry Data Security Standard (PCI DSS) is a data security standard. It was created to help financial institutions process card payments securely and reduce card fraud, but it’s not always successful.
According to 2021 research, about half of all Americans experienced a fraudulent charge on their credit or debit cards. Meanwhile more than one in three credit or debit card holders have experienced fraud multiple times.
Today, one billion people use Paypal, Venmo, Zelle, Apple Pay and other cash apps globally to complete peer-to-peer (P2P) payments. These digital payment apps are easy targets for fraudsters who know that companies often lack the data and insights to detect new fraud patterns associated with them.
Scams occur frequently — a fraudster might sell goods to consumers over an online marketplace requiring payment via Paypal or Zelle, for example, and never deliver the goods. Fraudsters may also use stolen credit card information to create P2P accounts and purchase goods and services for themselves.
Since 2016, the number of people falling victim to fraud via P2P payment fraud has risen an astonishing 733%. Unfortunately, most P2P apps don’t have policies for protecting users against fraud losses due to scams. Worse yet, P2P fraud serves as a gateway to account takeovers and other types of fraud.
The term “wire transfer” originated from the practice of transferring funds between banks across telegraph wires. Wire transfer fraud typically occurs in one of two ways:
With people becoming more comfortable sending money online, wire transfer fraud is increasing – as is the value of each transfer. One study shows that the average value is up nearly 68% from Q2 2020, reaching $12.5K in Q4 2021
To commit application fraud, criminals use stolen or synthetic IDs to apply for loans or lines of credit. Here are a few examples:
Third-party application fraud often involves fraudsters creating synthetic identities by mixing real and fake information. First-party fraud involves people using their true identity by providing false information, such as a fake residence or inflated income.
A subset of application fraud is loan fraud. During Q2 of 2022, nearly 1% of all mortgage applications – 1 in every 131 applications – contained fraud. There are several different types of loan fraud, including mortgage fraud, loan scams and payday fraud, but all of them involve criminals using a person’s personal information to illegally obtain a loan.
Loan fraud has increased in recent years due to the rising popularity of online lenders, who often don’t execute thorough background checks on applicants. They may rely solely on basic information such as name, address, social security number and income to make lending decisions – information that can easily be stolen or or obtained via nefarious means.
According to research by PYMNTS, 88% of banking executives say reducing fraud is critical to maintaining merchant processing revenue, and most are using machine learning and AI to do so. Nearly all – 98% of acquiring banks surveyed – use AI, with 60% using it as their primary weapon. Additionally, 27% say rules-based algorithms are the most important anti-fraud tool to combat various types of bank frauds.
By combining advanced machine learning approaches and rules-based detection, DataVisor’s comprehensive fraud and risk management platform helps banks capture up to 30% more fraud with 94% accuracy. This can save millions in fraud losses while removing friction from legitimate customer transactions. Learn more here and explore our banking industry case studies.
If you want to see how these ML techniques can fit custom with your fraud solution, reach out for a chat with our team of fraud experts.
Leverage DataVisor's cutting-edge approach to detect
new and unknown attacks before damage is done.
Stay up to date on the latest fraud trends and intelligence.
Thank you for subscribing.
