Identity Theft Red Flags
0 comment(s)
Whether they realize it or not, customers trust your bank with not only money, but also their identity. What happens when customers decide that your bank cannot protect their identity in the same manner it protects the money in their account? They will leave and tell at least 10 of their friends that your bank cannot be trusted. Put simply, identity theft scares your customers more than they may know or care to admit.
So what does identity theft look like in your bank? Stealing an identity is remarkably simple. If one of your employees is "hired" or placed by organized crime to steal your customer's identities they can do so in a number of different ways. They can steal or photocopy paper documents containing elements of your customers' identities. They can access all manner of information in the various databases your bank uses to house customer data. Alternatively, employees can unwittingly share crucial logon data via an email that phishes for information. Understanding what patterns to look for regardless of the source of the threat is critical. After all, your customers want you to protect their identity regardless of source of the threat.
On average, how many customer accounts does a lead teller access in your bank during one month? If the same teller is involved in identity theft, how many accounts will they access during the same period? Does their activity while viewing the account look different when they are in the process of stealing an identity versus conducting a normal business transaction with the customer standing in front of them? If your customers have received phishing emails that captured their online banking login information, how would you tell which customer's information has been compromised?
Consider the following red flags that may indicate that your customer's identities are being targeted by internal or external threats:
- A bank employee prints 1,000 account summaries every month
- Many of your customer's accounts are being accessed online from Georgia (the county, not the state)
- Documents sent to your operations center are often delivered late, sometimes several hours late to allow your courier time to share them with criminals
- An employee appears to be emailing customer information to their personal email account on a daily basis
- A back office printer runs out of toner three times as often this year as it did last year. Employees in that department are printing duplicate copies of entire loan applications
Remember: The activity above is taking place before the stolen identities are put to work to commit fraud. Often, a criminal will use more than one source to steal all of the components of an identity that they need to commit fraud. Not only does your bank have to know when an identity is being stolen from your bank, it also has to recognize when that same identity is being used to commit fraud against your bank.
How many of the red flags noted above is your bank able to detect?