Tag Archive for: Fraud

Posts

,

Executive Letter: Check Fraud Resources

By Rose Oswald Poels

Check fraud remains a top issue and expense for WBA members. Often when needing to work through the process of collecting on a fraudulent check, it can be difficult to determine the correct party or department to work with at another financial institution involved in the particular check negotiation chain. I have heard of banks having to wait several weeks, or even months, to get a response from another when trying to resolve a fraudulent check matter. I have also heard from bankers of the frustration of not knowing what the other bank may need for research purposes or if a particular affidavit is required, such as an affidavit of forgery.

To help with this problem, the American Bankers Association (ABA) has created an online directory to assist banks in handling check fraud claims more efficiently. The directory lists contact information for banks that need to file a check warranty breach claim with another financial institution. It is searchable by bank name, city, state, or FDIC number, so banks can find the right contact at the institution to help resolve a warranty breach claim. The directory is available to ABA members and non-members.

To access the directory, banks will need to provide their detailed contact information and any documentation requirements for submitting a claim. As I understand the process, ABA will verify all submissions before uploading information to the directory. The process may take 5–10 business days, after which ABA will email the bank to let the bank know it has been added to the directory. I encourage banks to participate to maximize the utility of the resource.

To further assist banks with other resources, various affidavits have been created and/or shared by the WBA Financial Crimes Committee and may be found in the Security/Financial Crimes folder within the WBA Best Practices Library.

The WBA Best Practices Library is password protected; should you need the password, please contact WBA Legal at wbalegal@wisbank.com.

Information about the ABA Check Fraud Claim Directory may be found at: aba.com/banking-topics/risk-management/fraud/check-fraud.

If you have other suggestions or needs for resources to help your team mitigate check fraud, please let me know.

/by
,

Fraud Report: Felony Lane Gang Activity Continues to Target Wisconsin Banks

By the WBA Financial Crimes Committee

A group of organized criminals, referred to as the Felony Lane Gang, uses the Fort Lauderdale-area as a home base to plan their attacks on unsuspecting banks. The group travels across the U.S., stealing items from unattended vehicles parked in areas such as state or county parks, sporting events, parking structures, and more. The Felony Lane Gang looks to steal checks and identification belonging to victims like driver’s licenses, credit, and debit cards. Once gathered, the group cashes numerous fraudulent transit checks by posing as a valued customer of your bank.

The Felony Lane Gang received their name because they often target the far drive-up lane to make positive identification more difficult.

Felony Lane Gang Tactics

  • Late model vehicles are driven (usually rented) bearing stolen Wisconsin plates.
  • Criminal actors (often female) will dress the part — using wigs and other means to resemble the picture displayed in the stolen identification.
  • The Felony Lane Gang will typically supply two forms of identification to lure front-line staff into a false sense of security.

Once the Felony Lane Gang is successful in cashing the first check, other branches are quickly targeted.

Possible Red Flags

  • The actor presenting the check appears anxious, rushed, overly chatty, or name drops.
  • The branch location appears out of the area in comparison to the customer’s address on file.
  • A second form of identification provided (a debit or credit card issued by your bank) has been previously closed or hot carded.
  • The actor cannot accurately answer additional security verification questions.

Best Practices

Depending on your branch footprint and overall risk tolerance, consider adopting best practices such as:

  • Adding an electronic notation or warning flag to a relationship profile when a customer reports that their identification was stolen. This serves as a fraud warning prior to Felony Lane Gang activity occurring.
  • Compare the likeness of the person conducting the transaction to the identification presented for inconsistencies.
  • Adopt step up identification procedures for transactions that exceed a certain dollar amount.
  • If the customer is not “personally known” to you or other branch staff, use out-of-wallet identification methods — such as employer information, last direct deposit date, etc.

It is important to note that although the Felony Lane Gang typically uses drive up lanes to commit fraud, bolder groups are going inside the branch as well.

When in doubt, follow your bank’s procedures on suspicious transaction activity to minimize losses.

/by
,

Steps to Help Avoid Wire Transfer Fraud Targeting HELOC Accounts

Home Equity Line of Credit (HELOC) scams continue to be a costly and challenging issue for financial institutions. Wire transfer fraud can easily reach millions of dollars, and with advancements in technology, such as online databases for county clerk records, online banking and online title searching, data commonly used by financial institutions to verify customer identity for wire transactions is routinely and easily compromised.

Several financial institutions have fallen victim to losses arising out of wire transfer and check forgery schemes targeting HELOC accounts and have taken action to mitigate the risk of future loss experience. Institutions that place a high value on their customer service and customer confidence in the institution’s security against wire transfer fraud have implemented risk mitigation upgrades to their operations to help solidify customer confidence. According to Travelers, the following steps are initiatives that can help to avoid, or at least significantly reduce, losses arising out of HELOC fraud scams:

  • Place greater emphasis on getting full account numbers from callers;
  • Phrase verification questions so that the caller is providing the information, rather than simply confirming what the financial institution has on file;
  • Remove items from the list of authentication options (such as mother’s maiden name and date of birth) that have become “public information” through social media websites and venues;
  • Train employees who field calls to verify authentication items in a specific order and not skip to other items if the caller cannot verify the requested information;
  • Train personnel with an updated full fraud-awareness module to help employees identify warning signs of fraud;
  • Encourage customers to set up PIN numbers if the automated phone system allows it;
  • Update customer account files with driver’s license numbers, if not copies of the entire driver’s license (or other government-issued ID if there is no driver’s license);
  • Utilize a mandatory callback procedure for all customer-not-present wire transfer requests;
  • Use a password to authenticate customers rather than commonly compromised information and only allow in-person modification of passwords and key account information;
  • Consider requiring full balance transfers (or transfers up to a certain percentage of the available funds) to be made in person while placing a reasonable monetary limit (or percentage limit) on customer-not-present wire transfer requests;
  • Establish a reporting procedure which refers all suspicious wire transfer requests to a higher level of authority for confirmation/processing;
  • Require a dual telephone confirmation procedure where the financial institution calls the home phone of the customer as well as an alternate number, such as a mobile phone or work phone;
  • Establish an automatic two-day holding pattern anytime a request is made to initiate a wire transfer from a HELOC account to a foreign bank account within which time the financial institution ensures accurate verification and deters fraudsters seeking immediate processing;
  • Verify change of address or phone number requests with a call to the customer’s phone number on file;
  • Customize specific and unique verification questions and procedures with an account holder/customer that can only be modified in-person.
  • Consider performing a verification call back when a purported customer calls the bank to set up on-line banking for the first time.

Technology has made it easier than ever for bad actors to obtain data that is commonly used by financial institutions to verify the identity of their customers. That’s why financial institutions must utilize robust

authentication procedures to protect their customers – and themselves – from wire transfer fraud. This includes greater awareness, updated and vigilant policies, procedures and training, and implementing imaginative and unique verification procedures to help reduce the risk of loss arising out of wire transfer fraud targeting HELOC accounts.

Travelers, a WBA Associate Member, is committed to managing and mitigating risks and exposures, and does so backed by financial stability and a dedicated team — from underwriters to claim professionals — whose mission is to insure and protect a company’s assets.

/by
,

Fake Check Scams Posing as IRA Proceeds

By Dave Oldenburg

Financial institutions have reported incidents where a new or seasoned customer is instructed to open an IRA account, with a fake check, disguised as a rollover. Criminals who orchestrate these crimes hope that front lines staff will be fooled into believing that IRA accounts are not typically associated with fraud. Unfortunately, this type of fake check scam has gained traction and has the potential to inflict substantial losses when not detected early. Although some account holders are aware that they are negotiating a fake check, others do not realize that they are being manipulated as part of a relationship or similar fraud scheme.

How Does the Scam Work?

Similar to other fake check schemes, the purpose is to falsely inflate the balance of an account and withdraw funds as quickly as possible. Funds are often transferred internally, followed by outgoing wires, BillPay, or other electronic payment methods, before the check is returned unpaid.

How Do I Spot a Fake IRA Check Scheme?

It is important to note that criminals generally use accurate information from compromised accounts such as a bank’s ABA, account number, and approximate check range to create and distribute the checks. Some may go further and use convincing check stock, bearing a quality signature of an authorized signer to increase the likelihood that the check will be negotiated.

With that in mind, it’s important to recognize common red flag indicators associated with this type of fraud:

  • The check is made payable to an individual. As a rule of thumb, legitimate Traditional and Roth IRA rollover checks are generally made payable to the financial institution, for benefit of (FBO) the account holder
  • The check doesn’t appear to be drawn on a qualified retirement plan. Many fake checks are drawn on a law firm, cashier’s check or what appears to be a general business operating account.
  • The check is sent directly to the branch by an unknown third party with instructions to deposit the check into a new or existing IRA
  • A memo line with vague instructions to deposit the check into an IRA account
  • The customer seems concerned when funds will be made available
  • The account holder wants to disburse funds shortly after the account was opened

When in doubt, it’s best not to accept the check and follow your bank’s procedures on suspicious account activity.

Oldenburg is a fraud officer, Bank First, Manitowoc and member of the WBA Financial Crimes Committee.

/by
, ,

The New Face of Identity Theft

The rapid growth of synthetic identity fraud

By Hannah Flanders

Like many aspects of our day-to-day lives, the expansion of technology has both enhanced and complicated the ways in which we operate. As more and more of our information lives online, identity theft — once more likely to occur because of a stolen wallet — has also assumed a digital appearance: synthetic identity theft.

What is Synthetic Identity Fraud?

Synthetic identity fraud is defined as the use of a combination of pieces of personally identifiable information (PII) to fabricate a person or entity in order to commit a dishonest act for personal or financial gain.

This form of identity theft has allowed bad actors to combine a stolen Social Security Number (SSN) and other false information — such as a fake name, address, date of birth, or phone number — to create a counterfeit identity to steal funds, escape prosecution, or any other number of criminal and fraudulent activities.

An Alarming Trend

In 2020, the Federal Bureau of Investigation (FBI) named synthetic identity theft as the fastest growing financial crime in the United States. Fraud targets are often those who do not typically use credit or are less likely to monitor their credit activity — including children, homeless individuals, and the elderly. These victims may find themselves blindsided as fraudsters create a new identity, apply for credit, and after years of building good credit by making payments for a time, abandon the account without paying anything back to the financial institution.

While this type of fraud is already difficult to detect due to its elusive or “normal” nature, many bad actors go to incredible lengths to appear as such, states Forbes. In addition to establishing good credit by making payments quickly and on time, some create digital profiles or use P.O. boxes for addresses.

Not only has technology and access to the dark web made PII more accessible to fraudsters, in 2011 the Social Security Administration (SSA) began randomizing the nine-digit social security codes rather than assigning them to individuals based on their geographical location and group number. No longer do social security numbers raise red flags when enrolling or opening accounts “out of state.”

As online banking grows in popularity, so too do concerns for synthetic identity theft. Between prevalent phishing schemes and heightened risks for data breaches — accessing PII and conducting synthetic identity fraud has become much easier than in years prior.

How to be Proactive Against Bad Actors

Inconsistent categorization and reporting make it difficult to identify and mitigate this type of fraud — as far as banks and credit bureaus can tell, these individuals are just like anyone else. . . until they “bust out” or abandon the maxed-out account with no intention of repayment.

After abandoning the false identity’s account, a fragmented file is created. This additional file not only becomes associated with the original SSN but also holds the additional credit report information and other fabricated PII. Unfortunately, this information could negatively impact the credit rating of the real individual.

When working with customers, bankers should advise frequent credit report checks or freezing unused credit at credit bureaus throughout the U.S. as to deter criminals or catch them early.

In addition, customers may take additional steps to protect themselves and their family against synthetic identity theft. One way parents can protect their children from fraudsters is by requesting their child be added to their credit profile. By adding a child to an adult’s credit profile, not only does the child’s own credit profile become established in his or her name and SSN, but the child is also able to begin building their credit.

The Cost of Synthetic Fraud

While victims of identity theft typically are not liable for fraudulent purchases or accounts, as long as they can prove they are the real SSN holder and not the thief, banks and other financial institutions are left to absorb the cost. This scheme is not only incredibly costly to banks across the country — with losses estimated at $20 billion in 2020, according to the Federal Reserve Bank of Boston — but gaps in the U.S. Fair Credit Reporting Act may have also increased the likelihood of repeat offenders.

The Federal Reserve has reported that bad actors are able to ‘flood the financial institution with an overwhelming number of claims’ on their fake accounts, and when creditors are unable to fulfill the investigation in the allotted timeframes, the disputed item is removed from the false credit report and time and time again, fraudsters get away with the act.

“Synthetic IDs are a struggle for community banks to identify,” states Lenore Breit, vice president – compliance manager at Wausau’s Prevail Bank. “Based on a recent presentation, [community banks] most likely have synthetic ID fraud in their deposit and loan accounts that remains undetected with traditional third-party ID verification programs that most community banks use.”

“There are other, more robust ID verification programs available to detect synthetic ID fraud,” adds Breit. “But they are costly and may not interface with legacy software.”

One such software program, the electronic Consent Based SSN Verification service, was created in part by the Economic Growth, Regulatory Relief, and Consumer Protection Act. The electronic service offered by the SSA was created in 2018 to aid financial institutions in combating synthetic identity fraud and verify an authorizing individual’s name, date of birth, and SSN against the SSA records. Services are based on the annual transaction volume and can cost thousands or even millions of dollars.

Common Signs of Synthetic Identification Theft

While difficult to trace, there are a few significant ways bankers can remain attentive to PII and other key indicators of synthetic identity fraud.

Most obvious is ensuring all SSNs match to the PII given. Do not assume a name change or relocation; ask questions or require verification for the sake of your bank and the security and privacy of all customers. This extra step could make all the difference in protecting the personal information of every customer.

If an account is already open, bankers should note applicants who have the same contact information or SSN as well as those with multiple authorized users.

As synthetic identity fraud becomes increasingly prevalent throughout the U.S., it is critical, for the safety of customers and security of all financial institutions, that Wisconsin bankers are prepared to combat this emerging fraudulent activity, caution community members against sharing unnecessary personal information with others, and assist individuals in regaining their rightful identity if necessary.

If you are interested in learning more about synthetic identity fraud, how these schemes can impact your bank or customers, or more ways you can take a stand against bad actors, please contact WBA’s Legal Team at wbalegal@wisbank.com or 608-441-1200.

/by
,

Law Enforcement Warns of Check Fraud Schemes in Wisconsin

By Detective Daniel R. Kuhnz, Beaver Dam Police Department

All around Wisconsin and the country, financial institutions have been targeted by check fraudsters who use homeless or indigent people to cash counterfeit checks. This method of operation has been dubbed “operation homeless” around the country. Essentially what happens is bad guys get a hold of valid business checks by intercepting them from unsecured mailboxes of businesses. Other methods of obtaining banking information of a victim business might be by purchasing blocks of data from sellers on the dark web. The bad guy then provides the account identifying information from the check or the check itself to a person who actually manufactures a new check with the valid account number and routing number on it but alters the dollar amount to stay under a certain limit (common amounts are $2,500 or less), alters the payee, and alters the check number.

They then proceed to recruit vulnerable people who are promised a portion of the proceeds. They will travel substantial distances to financial institutions that the checks are written from, so the account numbers can be validated and adequate funds are determined to be in the account to cover the check amount. They are told to use their real identification when cashing the checks to legitimize the transaction.

The bad guys who are driving the homeless or indigent people around will usually wait in an adjacent parking lot and monitor the building. If the teller determines the transaction to be suspicious and calls the police, the homeless or indigent individual is abandoned at the bank. In most cases, the homeless or indigent person is arrested and put in jail. However, law enforcement and prosecutors are usually more interested in “moving up the chain” to identify the intermediate individuals that were driving the homeless or indigent person around and ultimately, who manufactured the counterfeit check. This can be very difficult as the intermediate suspects usually provide false names and change their phone numbers.

This crime, contrary to popular belief, does not only occur only in the big cities. In fact, many of the cases that were recently found to be connected around Wisconsin overwhelmingly occurred in suburban and rural communities.

Law enforcement around the state would benefit from tellers and other employees at banking institutions to always be vigilant and constantly question whether something makes sense or not. We are confident that banking institutions are always on the lookout for fraudulent activity such as internet scams but this type of fraud can be more difficult to detect and act on. We simply want to remind you that you are on the front lines of this type of criminal activity and should know about current trends and fraud schemes that are occurring.

/by
,

Student Loan Repayment Scams

Read more
/by
Triangle Background
,

Signs of Business Check Cashing Fraud to Watch Out For

Dave Oldenburg

By Dave Oldenburg, fraud officer, Bank First, Watertown and member of the WBA Financial Crimes Committee

Business check cashing fraud, dubbed “operation homeless” by law enforcement, continues to impact our industry. Furthermore, it can negatively affect customer perception when fraudulent “on-us” checks are cashed at your bank.

Although there are many kinds of check fraud schemes, business check cashing fraud begins when a customer’s legitimate business checks are taken from commercial mailboxes. Often times, the compromise occurs when a customer’s outgoing mail or the recipient’s mailbox is breached. These mailboxes are often unsecured — making them an ideal target to steal checks. Once the checks are stolen, the ringleader produces quality counterfeit checks that closely resemble the features of legitimate checks. In this type of fraud, the intent is to cash as many checks as possible at numerous bank branches — sometimes pocketing tens of thousands in just one day.

The ringleader creates the checks, but recruits individuals (mules) to cash the checks if they have current and valid identification. In turn, the mules receive a small portion each time a check is paid out. In an organized fashion, these criminals travel around the state with counterfeit items, drawn on many accounts from different banks.

Fortunately, there are ways to stop fraud in its tracks. Here are some suggested “best practices” for front-line staff:

  • Compare the check to recently cleared checks as well as the signature card on file.
  • Looks for signs of traced, forged, or scanned signatures that appear irregular.
  • The current check range on recently cleared items may be considered — however a counterfeit check is often in the current range.
  • Look for recently issued identification (sometimes mules will obtain identification for the sole purpose of committing check fraud).
  • Refuse to cash the check when presented with worn or damaged identification that omits information.
  • Refuse identification that doesn’t appear to match the individual presenting the check.

Be aware of some common “red flags” that may be indicators of business check cashing fraud such as:

  • The branch location is “out of the way” from the non-customer’s address listed on the check or listed on the identification presented.
  • The person presenting the check came to the branch on foot or was dropped off.
  • The person presenting the check appears anxious, rushed, or overly chatty or name drops.
  • The person is in contact with someone on their mobile phone while the transaction is being performed.

To help mitigate your institution’s risk of loss, it is recommended that checks presented by non-customers be handled with additional scrutiny. Most importantly, if the maker of the check does not have positive pay services, consider adopting procedures where an authorized signer is contacted to validate checks over a certain dollar amount.

/by

Identity Theft Notifications from DOR

The Wisconsin Department of Revenue recently mailed identity verification (PIN) and grant denial letters to individuals and businesses related to the Wisconsin Tomorrow Small Business Recovery Grant. Many who received these letters did not apply for the grant, making it likely those applications were submitted fraudulently by ID thieves.

For reference, attached are examples of the letters DOR has sent:

Grant PIN Verification Letter
Grant Denial Letter
Grant Denial Letter Page 2

We understand citizens receiving these letters are contacting local law enforcement agencies to report identity theft. Please refer to the Wisconsin Tomorrow Small Business Recovery Grant link for additional information related to the grant program and resources available for victims of ID theft.

The citizen, or their authorized representative, may make a request for a copy of the fraudulent grant application by contacting DOR customer service at (608) 266-2772.

If you have any questions, do not hesitate to reach us at (608) 266-2772. We appreciate your assistance with this important issue.

By, Ally Bates

/by
WBA logo

questions@wisbank.com

608-441-1200

4721 S Biltmore Ln.
Madison, WI 53718

Get our Newsletter!
Subscribe