Committing bank fraud is easy when you have help on the inside. That’s what the prosecutors in the UK think happened in a $2m fraud scheme involving high net worth accounts. Between July and September 2008, a gang lead by Neil Wynne targeted Barclays Bank branches throughout the middle of England. Prosecutors believe that the gang had help from a bank employee as they had an uncanny knack for picking the best accounts to target. They also had no problem overcoming the bank’s security procedures. They just can’t prove that an employee was involved – at least not yet.

Here’s the scheme… With a fake passport in hand, one member of the gang pretended to be the owner of an existing, well-funded, Barclay’s Bank account. A second member of the gang posed as the accountholder’s partner.

Once the new account was opened, the gang proceeded to ...

At year’s end, I like to take a step back and assess the main fraud trends I’ve seen and heard when speaking with our customers. Not only have we seen a lot of movement in the ACH area due to the FFIEC Supplement released this year, but there also have been some major events in the news this year that have driven action in fraud prevention measures overall. There are a few trends, in particular, that stand out to me more than others.

1. Internal Fraud is Here to Stay: The interest in Internal Fraud continues to be high, and without a proactive monitoring system in place, banks are at higher risk of being exposed to theft from their own employees. Some of the more common fraud strategies in Internal Fraud include ...

With the new year here, I figured it was a good time to step back and take stock of our progress – as an industry – in the ongoing battle against fraud. A frank assessment: we could be doing a lot better.

Sure, there are always improvements that can be made to the organizations, processes and technologies that must come together to solve a complex issue like fraud management. But I think the more important barriers our industry faces are more fundamental and structural in nature. Specifically, I see the following:

The Boiling Frog
Our industry’s slow reaction to the growing, morphing fraud problem makes me think of the boiling frog phenomenon. If you haven’t heard of it ...

“We all have a part to play, and playing as a team we will be so much more effective than as individuals trying to do our solitary best.” That is a quote from a blog post I wrote back in June on how data breaches are more pervasive and premeditated than many understand. Because of this, fraud prevention specialists need to take extra precautions by having multiple security check points in addition to a robust back-end detection system. This is exactly the concept behind layered security.

At this point, many of us recognize that there are no silver bullets in the ongoing fight against fraud. Fraudsters use a variety of tools and they collaborate. Fraud prevention specialists such as ourselves need to do likewise...

In most college towns, this is the time of year when swarms of U-Hauls and overstuffed cars bear down onto college campuses. Students will settle into their dorms and likely kick off their social lives before their classes even begin. The funds that they have for day-to-day expenses will begin to run low, and students will look for ways to supplement their income. This is prime opportunity for fraudsters to seek out and prey upon students.

Given that, we can deduce why college campuses are a ‘hang out’ for fraudsters - because students are easy targets. The sheer volume of students makes it easy to recruit vulnerable, needy, and/or naive students. I find it interesting that the scams have not changed much since I was in college. Scams relating to fraudulent grant letters, credit cards applications, work from home, check cashing and the ever so popular ATM card scams are still thriving. It is still common for fraudsters to not only pay students to pass bad checks through their accounts for nominal compensation, but also to ...

It seems like yesterday when I first saw an ATM and had to be taught how to use it. When my bank sent the piece of plastic to me called a debit card, I was ever so hesitant to use it. And forget about online banking; my fraud investigations experience would in no way enable me to use my computer to perform my banking transactions. For baby boomers like me, we have seen a dramatic shift in the way we perform our banking, especially with online and mobile banking. It appears that the face of banking is an ever changing frontier. From a consumer’s viewpoint, all of these changes make things easier. But as a fraud professional, I am very nervous about the implications.

With this evolution in the way we do banking comes new threats. Modern trojans and viruses that may infect not only our computers but our mobile devices are alive and thriving. Just as I graduated from my old flip phone to my new high tech smartphone, I heard about a variant of the ZeuS Trojan that runs on the Android phones. According to researchers ...

In a recent Bank Fraud Forum blog post, Discussing Multi-Factor Authentication, Shirley Inscoe stated that cross-channel fraud detection enables the analysts "...to see the complete picture with regards to a customer or account, and detect suspicious events that would otherwise result in losses...” Having been an investigator as well as a manager of a cross-functional fraud team for over 2 decades, I could not agree more.

However, it must be said that even if you provide a holistic picture of fraud to the analysts, it does not do them - or your customers - any good if they are not skilled in investigating and properly mitigating cross-channel fraud alerts. For those who have worked fraud over multiple channels, there are varying rules and regulations that may entail some compliance issues, including Reg E, Reg CC, UCC Articles 3 and 4, Reg J, Check 21, Clearinghouse Rules ...

When most people think of data breaches, they think of the big headline grabbers like Hannaford, Heartland, and TJ Maxx (now disappearing into the distant past, but dredged up every time a big one like Heartland occurs). There are many more, but you get the point. The naïve view of breaches is that they are accidental most of the time, but that notion should have been dispelled by the overwhelming evidence that breaches are often times the result of a premeditated attack. We have seen that these data breaches do result in fraud, sometimes quickly and sometimes as much as two or more years later.

Why can the fraudsters wait so long? Because there is a ready supply of personal data to be had in the fraud underground, a veritable secondary economy with producers, brokers, and buyers.

This ready supply is fueled not just by the “biggies”, but also by a host of largely unreported breaches of various sizes. More often than we care to imagine, these breaches are ... 

A couple of weeks ago, NACHA’s Electronic Check Council hosted a Forum entitled, “Moving Beyond Well-Trodden Paths: New Maps for Combating Risk and Fraud”. In this Forum, several industry experts discussed a wide variety of risk and fraud topics related to payments.

I was honored to open the forum with a session that subsequent presenters could build upon. In my session, “After You’ve Authenticated the Customer: Transaction Monitoring”, the audience and I discussed the need for layered security on all payment systems. Financial institutions have learned that multi-factor authentication is no silver bullet, nor are systems which validate the hardware transactions are originating from, monitoring IP addresses, etc. In order to better protect themselves and their customers, it is becoming increasingly important to proactively monitor transactions to detect suspicious activity in real time.

I have been in countless dialogues regarding fraud prevention with fraud and risk specialists at various management levels within financial institutions of all sizes. In my many discussions around various fraud prevention measures, I’ve come to realize that while a sophisticated enterprise fraud management system is the bank’s best line of defense, the front line employees can play a valuable role in detecting and preventing fraud.

Bank tellers are the front line of the institution, handling deposits, withdrawals, and transfers while trying to accurately account for every piece of paper and coin that passes through their hands every day. They also are human and, while they have been trained to spot alterations, counterfeits, and other fraudulent items, they also have instincts. Many times, a teller might not have physical proof of fraud but often has a ‘gut feeling’ that something just isn’t right.