Financial crime and fraud tips
Our community banks are seeing more and more fraud and financial crime activity — and it’s a trend that doesn’t appear to have an end in sight.
One article I recently read uncovered a 233% increase in the first quarter of 2022 (Financial fraud shot up 233% last year, account takeover on the rise — scmagazine.com). Hacking attempts, losses and prevention expenses are likely to increase with the risk in mobile banking applications and the increased sophistication of social engineering attacks.
Is your organization prepared and more importantly how are you communicating the threats and risks to your customers? I’ve asked Ms. Teri Petrzelka, VP ISO/Security Officer for the Central Bank of Houston, to share her thoughts on how they are helping their customers. Petrzelka is also a member of the Texas Bankers ISAO advisory council. She has led the charge for her bank by not only raising awareness in fraud to their customers, but also the cyber threats they continue to face.
First, the basics. How are fraudsters targeting bank customers? There are many different scams but the objective remains the same: to steal money. Scammers often use sophisticated tactics to commit fraud that makes it hard to cancel or reverse a transaction. Wire transfer and digital payments scams are two examples.
Here are a few of the fraudster’s tactics according to Petrzelka along with some tips.
Social Engineering
Social engineering comes in so many forms but how do we combat and protect our staff and our customers? Some of the threats and options to minimize the threat are included below. These may be familiar to you, but they are always a good reminder.
Phishing emails
- Make sure DKIM and DMarc are set up correctly for business websites.
- Don’t make email addresses on social media sites public, especially on LinkedIn.
- Make sure multifactor authentication (MFA) is used for email accounts.
- Educate staff and customers on social media.
- Email compromises are leading to increased wire transfer fraud.
- Encourage customers to verify they have MFA turned on in their own email accounts.
- Make sure you have processes in place for changes to accounts, including existing customers’ change requests. Call backs should be done regardless of how well you know the customer.
Smishing
- Smishing is targeted texts appearing to come from the CEO.
- Do not put phone numbers on any social media site — personal or business — and do not make them public, especially on LinkedIn.
Check Fraud
- Check fraud is increasing. We have seen customers’ checks intercepted after mailing.
- Encourage customers to stop mailing checks and to use an online application to pay their bills.If customers are afraid of using online services, encourage them to get a laptop for online banking and bill paying only. This means no surfing the web or using email on this device.
- Encourage Positive Pay for commercial customers.
Debit Card Fraud
- Encourage customers to use credit instead of debit when using their bank cards.
- Encourage customers to use credit instead of debit at gas stations.
ACH Fraud
- Encourage customers to use ACH Positive Pay.
Other
ATM Robberies
- Security gates and blocker kits should be installed in ATMs.
- These don’t keep an attack from being successful, but can help slow down the success rate.
- Consider joining the ATM Task Force. TBA’s Michele Carfello or Alvin Mills can get you the information. This task force is made up of banks in the U.S. and includes law enforcement.
- When you work together you have a better chance in identifying the culprits and working with law enforcement to capture them.
Customer Education
- Include updated information on your website about fraud and latest trends.
- Host “Customer Education Teams Meetings.”
- Include a few slides to ensure you address the required topics, then open the session up for Q&A.
- Record it and post on your website for those who cannot attend.
What are you doing to educate your customers? We encourage you to share your education and training tactics as we can all benefit from others’ ideas.
[email protected]
www.texasbankers.com/tbisao