Spam, shams, and other scams
Scams, scams…go away! Unfortunately, it’s not that simple. Spam, shams, and other scams are on the rise. Fraudsters use clever schemes to defraud millions of people for billions of dollars every year. In fact, 27 million Americans lost a total of $7.4 billion dollars to telephone scams alone in 2015, according to a survey by TrueCaller.
Fraudsters are crafty. They pressure people to make important decisions on the spot by using innovative schemes and new twists on existing age-old scams. Their multi-channel approach can involve phone calls, emails, online banking, and mobile technology. Fraudsters look for victims who find their stories convincing and will willingly share sensitive information, which can be used to authorize and transact wires, ACH, plastic card, and other types of transactions. Unfortunately, the fraudulent transaction is often a legit exchange based upon a fairy tale.
Prevalent scams include:
- Wire transfer fraud scams involving business email compromises or fraudulent emails providing “updated” wire instructions for real estate closings.
- Check scams swindling members through secret shoppers, prizes, or romance offers. These "too good to be true scams" have long shelf lives due to their continued success. Credit unions also report an uptick in counterfeited credit union cashier's checks.
- Counterfeiting members' HELOC checks by fraudsters impersonating credit union members and contacting credit unions to obtain information on members' home equity lines of credit (HELOCs) or to request canceled HELOC checks. Fraudsters also create counterfeit checks against members’ checking accounts and fund the checks with advances against members' HELOCs. A loss from a single counterfeit item could easily reach six-figures.
- Account takeovers happen when fraudsters take advantage of weak authentication methods for online banking self-enrollment and enroll member accounts. Once an account is set-up for online banking, fraudsters transfer funds to accounts at other institutions.
- Malware used in phishing, smishing (text), or website spoofing campaigns are used to steal online banking login or other authentication credentials.
Combatting fraud in a dynamic environment is not easy. You must continuously identify, measure, control and monitor scams to keep up. And, protecting members from themselves is an even trickier proposition.
So, what can you do?
- Know the scams that are happening nationwide and impacting your geographic area. Use resources like TruStage's RISK Alerts and the FBI's Internet Crime Complaint Center (IC3).
- Spread the word by educating members through your website, newsletters, and seminars. In addition, conduct periodic staff training covering how scams are perpetrated along with the controls used to protect the credit union and members.
- Review member authentication procedures. Make sure strong out-of-wallet security questions are used or deploy an identity verification solution within your call centers. Also, consider deploying an identity verification solution for your online banking self-enrollment feature.
- Evaluate large member checks presented for payment. Always verify member signatures, check characteristics, and contact the member to confirm check issuance. This review must be timely to allow the credit union to return unauthorized checks by its midnight deadline.
- Trust your gut. If something doesn't feel right, follow-up inquisitively to learn more. In some cases, refusing member service due to a potential scam is the only way out.
Recognizing scams and adopting controls to slow their spread is critical for your success. Do your credit union and members a favor by knowing which scams are hot, remaining vigilant and providing scam awareness. You can make a difference.
This article was originally published on CUInsight.com.