Archive

Go to:

April 2019
SMTWTFS
123456
78910111213
14151617181920
21222324252627
282930
< Mar May >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Today’s top fraud trends: 10 ways to win the war
Wednesday, April 3, 2019 6:35 AM

CO-OP discusses how to fight today’s top fraud incidents with proven tools and strategies.

Fraud is an insidious threat to your institution and your members. And it is on the rise. In fact, research cited by CertifID projected that cybercrime costs will top $2 trillion this year. The FBI claims that companies have lost an estimated $12.5 billion globally to business email compromises alone.

And, securitymetrics.com projected consumers will experience “large-scale social-media-based hacks that lead to massive data losses,” compromises in biometric data, and a serious breach at a “major cloud storage provider” – all in 2019.

Here is an overview of today’s top fraud trends – and how to fight them with proven tools and strategies:

  1. Stopping business email compromises
    This threat occurs when a fraudster impersonates a high-level executive and sends an email with, for example, an invoice and instructions on how to wire funds. An unsuspecting recipient may believe the invoice is real – as the sender appears to be a trusted source – and unwittingly wires funds to the fraudster.
       
    Whenever a suspect communication is received, employees should be cautious. It is essential to double-click on the email address and scrutinize it to determine if the email address of the sender is valid. Remember: If the request involves funds or data, there should be a verbal verification performed by the recipient of the email.
        
  2. Fighting phishing threats from the inside
    Fraudsters are constantly shopping for credentials that give them access to corporate email accounts and servers. So, while an email may have originated from inside your organization, it still might be compromised with malware-infected links or attachments.
      
    To avoid an InfoSecurity incident, verify all emails that contain links and attachments regardless of who sent them.
       
  3. Avoiding fileless malware
    Many corporate enterprises today caution employees to “think before they click.” However, they fail to address the risks posed by browsing infected websites.
       
    Make sure employees consult the IT department before conducting research on poorly secured websites. Don’t forget to keep personal browsing to a minimum if you aren’t performing a job-related task.
       
  4. Preventing card-not-present fraud
    Card-not-present fraud is also a continuing threat. The good news here is that everyone has access to great fraud decision tools today, and more progressive organizations are deploying machine learning as an added powerful foil to CNP fraud. CNP fraud strategy is always a work in progress, so don’t forget that mitigation is ongoing and constant.
       
    Always remember to communicate any suspicious activity to your fraud prevention partners as soon as possible to maximize fraud capture.
       
  5. Synthetic ID fraud
    This occurs when a fraudster obtains access to stolen consumer data and then fills in any gaps with fake information or personally identifying information belonging to another consumer. The obvious goal here is to use this weaponized arsenal to open new bank accounts, perpetrating credit fraud, check kiting, and a bevy of account bust-out schemes. Unauthorized access to existing member accounts is also a target in this growing threat metric.
       
    Synthetic ID Fraud can be reduced with new technologies that verify driver’s licenses and passports.
       
  6. Battling first-party fraud
    False fraud claims from members remain all too common today – which is why credit unions should consider dispute resolution services that leverage insight into actual transactions to determine whether a claim is legitimate. These vendors won’t replace your current dispute resolution provider, but they may add extra information that enables your credit union to make smarter decisions.
       
  7. Investing in digital document verification
    Identity theft is often married to first-party, loan, and credit application fraud, so deploying technology to stop this type of criminal activity is well worth the investment. Identity verification is a natural part of financial services and consumers are demanding faster digitized channels for maximum convenience.
      
    There are several vendors offering digital identity verification, so review your options and choose a solution with a proven track record of effectiveness to reduce fraud and speed up the verification process.
      
  8. Purchasing the right cyber insurance
    Cyber insurance covers a business’ liability for a data breach with most policies covering the costs of client notification, data recovery, and sometimes threat remediation.
      
    Credit unions should invest wisely in a comprehensive cyber insurance policy that protects the business from end to end. Keep in mind that state, local, and federal requirements need to be reviewed prior to making a decision. Helpful information is available from the FFIEC, the NCUA, and CUNA. If you already have cyber insurance policies in place, don’t forget to review them annually to ensure adequate coverage.
      
  9. Securing digital banking transactions
    Virtually every consumer has a mobile device today, and this is helpful in the realm of digital banking – as long as the consumer is using your official banking app and not something they downloaded from a random social media website that could contain malware. Don’t forget to require long and strong passwords and educate your members on how to obtain your official mobile app to avoid problems later. Remind your members to use Cardless Cash at the ATM. Prestaging a transaction remotely keeps card data safe and engages the member.
       
  10. Promoting mobile wallets
    Consumers are starting to embrace mobile wallets. This payment method is highly secure – as long as the financial institution observes Yellow, Red, and Green path protocol to ensure stronger security. Remind your members that payments by mobile wallets are safer – many have no idea until you open up the conversation by providing excellent member service.

Source: Credit Union Times

CO-OP Financial Services is a five-star premier business partner of Credit Union Resources, Inc., a wholly owned subsidiary of Cornerstone Credit Union League.

Need help managing your security risk?

As technology changes, every credit union faces new security issues. Let Credit Union Resources help you stay on top of it—your future could depend on it. Our team of technology professionals provides guidance on compliance, shares best practices, and performs audits. We have a vested interest in your success, and your cybersecurity matters to us. To find out how we can help you manage cybersecurity and operational risks, contact:

Idrees Rafiq
469-385-6799
800-442-5762, ext. 6799
irafiq@curesources.coop

About Credit Union Resources Inc.
Credit Union Resources is a service corporation that provides industry-leading solutions and expertise to credit unions across the country. Credit Union Resources is a wholly owned subsidiary of the Cornerstone Credit Union League, a regional trade association representing the interests of credit unions in Arkansas, Oklahoma, and Texas.