You’ve heard the saying, “Every day is a school day” and 2022 held no shortage of intense learning, education-on-the-spot scenarios for the fraud and bond arena.
- We experienced a surge in cybersecurity threats during the height of the Russian invasion of Ukraine.
- The number of wrongful termination lawsuits spiked.
- More than half of Americans were victims of payment app fraud.
- Social engineering got cleverer.
- Card fraud got harder to pin down and prevent.
Wow, that was all in one year? It sure was.
There were countless lessons learned in fraud’s classroom last year, and each quarter Allied’s very own risk experts deep dove into what the bad guys were up to – and how to predict and prevent their next moves. In case you missed our Let’s Talk Fraud sessions, or you’d simply like a recap, here are the top fraud lessons learned.
Subscribe now to receive fraud prevention insights in your inbox.
Lessons Learned: Fraud Edition
Lesson #1: Fraud is expensive
For every dollar lost to fraud it costs a financial institution $4.00 to remediate. That’s a steep cost, and not one to ignore, especially with fraud creeping towards $500 billion in losses. FI’s are moving away from the mindset of the cost of doing business and asking the question, “what would it cost us if we don’t prevent losses in the first place?” It’s not cost effective to be reactive anymore.
Takeaway: Authenticate new accountholders and set parameters for how soon they can access funds. Set daily dollar limits on all debit cards. Be on the lookout for suspicious money orders. Invest in a holistic fraud monitoring tool.
Lesson #2: No swipe, bad guys strike
The pandemic accelerated online shopping and card-not-present transactions in ways that the banking industry wasn’t prepared for. This trend of spending opens doors for the bad guys to steal funds, card information, and contact information in countless ways. Support 3-D Secure with effective authentication strategies prior to authorization to protect your charge-back rights.
Takeaway: Set strong password requirements for online banking and encourage accountholders to verify online shopping websites prior to entering card information. Ensure that your card processing system is operating on 3DSecure 2.0.
Lesson #3: Authentication, biometric style
The bad guys are getting cleverer and finding ways around traditional authentication measures to steal your accountholders’ information and money. Biometrics leverage a person’s unique, non-duplicatable body to authenticate their identity prior to a transaction. This dynamic form of authentication is more secure because it’s harder - if not impossible - to manipulate.
Takeaway: Enable multi-factor, biometric authentication for employee access and encourage accountholders to use biometric authentication (fingerprint, facial recognition, voice ID) whenever possible.
Lesson #4: Friends and family only
Our fraud prevention rule of thumb for person-to-person payment apps (think Zelle, Venmo, etc.) is friends and family only. In Q3 of 2022, Amazon rolled out a Venmo integration. As convenient as this might be for shoppers, it goes against our fundamentals of payment app security. The method of fraud varies from payment app to payment app but the rule of friends and family can protect against significant losses of dollars and personal information.
Takeaway: Encourage and educate your accountholders to keep payments between friends and family. No strangers, no e-commerce.
The challenges we faced last year prepared us for what 2023 may bring.
Fraud Predictions for 2023
Fraud isn’t going away anytime soon and the bad guys are going to get more dexterous. In 2023, beware of fraud via:
- Card (present and not)
- Payment apps
- Wires and money orders
- Credential stuffing
- Social engineering
Your financial institutions can implement these lesson takeaways to make strides in detecting fraud – and to stop it before it happens.
Missed a Let’s Talk Fraud session? Catch up now.