Trending Risks Drive Significant Losses for Credit Unions

Read time: 2 min, 15 secs

Knowing which emerging risk is right around the corner is a challenging task and one that can’t be taken lightly. Unfortunately, risks and losses fluctuate, and at the same time, bad actors produce new, innovative tactics, often deploying age-old schemes with new twists.

While every credit union has its own unique risk footprint, it is crucial to be aware of the rapidly evolving risks and losses that could impact your operations and bottom line.

Unfortunately, many credit unions, just like yours, have been impacted by six- and seven-figure losses. These losses are within well-known functional risk areas involving account takeovers, fraudulent checks/deposits, interactive teller machines (ITMs), and automated teller machines (ATMs). Money mules, who knowingly or unknowingly transfer or move illegally acquired money on behalf of someone else, are often used to enhance the success rate of these scams.

Once these bad actors find something that works, it doesn’t take long for them to advance their schemes and tactics in other credit unions throughout the country. The good news is that we can learn from these losses and help ensure that the frequency and severity are significantly minimized at other credit unions by implementing proper loss controls.

Specifically, these six loss areas have been wreaking havoc over the last 12-18 months.

Account Takeovers

Fraudsters have launched sophisticated social engineering attacks against credit union members to scam them into providing their login credentials, including two-factor authentication passcodes.

These fraudsters are typically:

• Manipulating your members into providing login credentials and two-factor authentication passcodes required to reset passwords using the “forgot password” feature. They achieve this by sending fraudulent text alerts that appear to come from the credit union, or by calling members and spoofing the credit union's phone number to impersonate a credit union employee.
• Targeting your call center employees and getting them to reset member passwords and change member contact information.
• Simply asking the member for missing pieces, such as two-factor authentication passcodes, as they already have the member’s username and password from previous compromises.

Then, the fraudsters use an external transfer service to send funds out of compromised member accounts to money mule accounts, whether at the same credit union or externally. Fraudsters often recruit money mules through social media for an opportunity to earn easy money. Once the money mule accounts are opened, the fraudsters launch their social engineering attack against existing members to scam them out of their login credentials. The fraudsters initiate large dollar member-to-member transfers from the compromised member accounts to the money mule accounts. The money mules withdraw the funds through various means.

Fraudulent Checks and Deposits

Despite the numerous payment options available today, fraudulent paper checks and deposits have surged over the last few years. In fact, fraudsters have been using age-old tactics and scams to carry out their transactions such as washing, altering, and counterfeiting checks.  

A key driver of these losses has been the significant problem of stolen mail activity, with common access often obtained by targeting and breaking into blue collection postal mailboxes or stealing postal workers' keys. Once they have access to the mail, their search for actual checks begins, and when found, they’ll use them to carry out their fraudulent schemes.

Three losses that have seen significant increases in both frequency and severity are:

• Stealing and altering members’ issued checks or manufacturing fraudulent checks using info from legitimate checks​ to gain access to cash. In many cases, your members’ checks are being negotiated elsewhere to bypass some of your authentication controls.
• Another tactic is recruiting money mules to open accounts at credit unions to cash fraudulent U.S. Treasury checks​.
• And lastly, opening fraudulent business accounts in the name of the payees listed on stolen Treasury checks, depositing these checks,​ and then cashing out before they’re returned.
  
  

ITMs and ATMs

Another well-known risk area right now involves ITMs and ATMs. Significant six- and seven-figure losses have been occurring throughout the country in 2024 and are expected to continue into 2025.

• Interactive Teller Machine (ITM) Fraud - Fraudsters are using the self-service feature to make unauthorized withdrawals from member accounts, primarily using counterfeit debit cards. In some cases, credit unions have discovered deep-insert skimmers on their ITMs.
• ATM Jackpotting - ATM jackpotting cases impacting credit unions have seen a significant uptick. Most cases involve fraudsters connecting a device, referred to as a black box, to the ATM’s dashboard. Once installed, fraudsters issue a command for the ATM to dispense cash until it is empty. Money mules are typically recruited to retrieve the cash.
• ATM Smash and Grabs - A resurgence in ATM burglaries, where criminals use a blowtorch or other forced entry to open the ATM’s money chest or steal it altogether, is occurring in several states.
  
  

Each credit union must address these emerging loss trends along with their potential loss impact. You should take a proactive approach by implementing loss controls rather than waiting for a loss to occur.

Remember, when risk management is effective, typically nothing bad happens. Yes, it isn't easy to show the value of nothing happening. However, if a problem or loss blindsides you, your bottom line and reputation are usually the ones that take the hit. Don’t let not knowing which emerging risks are around the corner take the blame. Use these latest loss trends to help you assess your organization’s risks and implement controls to keep you safe.

TruStage^TM Fidelity Bond policyholders can learn more about these threats; check out TruStage risk resources and RISK Alerts located within the Business Protection Resource Center at trustage.com. If you have a question or would like a more detailed consultation on this emerging risk, you can also contact a TruStage risk consultant via email at riskconsultant@trustage.com or 800-637-2676.

To learn more about money mules, watch this on-demand TruStage virtual event – Money Mules & their Schemes.

____________________________

TruStage is a preferred business partner of Cornerstone Resources, a wholly owned subsidiary of Cornerstone League.