By Roy Urrico
Finopotamus aims to highlight white papers, surveys, analyses and reports that provide a glimpse as to what is taking place and/or impacting credit unions and other organizations in the financial services industry.
As more consumers headed online for banking and other financial transactions, fraudsters expanded their attacks against the financial services industry. A new report from TransUnion analyzed global fraud and found, when comparing the last four months of 2020 and the first four months of 2021, suspected financial services global digital fraud attempts increased 149%. In the U.S., finserv fraud attempts increased 109%.
TransUnion also found globally across industries the rate of suspected digital fraud rose 24% when comparing the first third of 2021 with the last third of 2020. In the U.S., the percentage of fraud attempts increased 25% during the same time period.
TransUnion’s bases its digital fraud analysis on intelligence gathered from billions of transactions and more than 40,000 websites and apps contained in its flagship authentication and fraud analytics solution suite – TransUnion TruValidate. The Chicago-based firm categorizes financial services (finservs) as all type of banking, credit union, credit card accounts and applications for credit and card accounts. But insurance is a separate category.
“The rate of fraud attempts is up globally and especially in the financial services industry because fraudsters understand this is where the most high-value transactions are taking place,” said Shai Cohen, senior vice president of Global Fraud Solutions at TransUnion. “We are seeing more financial services organizations implement fraud prevention solutions with some success, though our findings make it clear that this is not the time to relax.”
Cohen noted, “Financial institutions also need to do even better to ensure they are providing a secure marketplace that offers friction-right experiences to consumers.” A secure marketplace became especially important when COVID-19 accelerated the shift to digital financial transactions. In late September 2020, in a TransUnion commissioned survey, 40% of consumers with a financial account said they were using digital platforms more frequently since the pandemic’s onset. The same survey found 60% of consumers doing the majority of their financial transactions via mobile apps.
“An interesting dynamic is playing out where we are seeing other industries facing far fewer suspected fraud attempts than what has been observed in financial services. In some cases, we are seeing a decline in such fraud attempts,” Melissa Gaddis, senior director of customer success, Global Fraud Solutions at TransUnion, said. She added, fraudsters do not treat every industry equally. They often pick and choose an industry based on the time of year or what businesses are seeing more transactional activity. “At times, fraud attempts are simply conducted at random simply to determine if businesses are prepared to meet their challenges.”
Pandemic Shifted Consumers and Fraudsters
“We have been tracking data and the fraud trends for years but, beginning last year in March (2020), we started looking and tracking how trends were shifting, due to COVID-10, and what happened with the economy and what happened with businesses,” Gaddis explained.
Gaddis observed the challenge to businesses shifting everything to online. “Not all consumers were adept at making that shift depending on their use of technology and comfort level in putting personal information online to access financial information or purchase, et cetera. The fraud shifted to where the businesses were and certainly banking did not shut down during the pandemic. They just had more transactions happening online.”
Not all businesses set up properly for online transactions with all of the fraud mitigation processes in place to help identify suspicious behavior. “Fraudsters are looking at return on investment. They are business and they tend to go for easy access,” Gaddis said. As businesses opened up online transactions for their consumers, fraudsters targeted those with easy access and easy wins, and directed scams such as via phishing attacks in those directions.
“People became more susceptible during the pandemic than they might be in a ‘normal’ situation,” Gaddis suggested. For example, in non-pandemic circumstances an email from the IRS or a financial institution asking for information might seem suspicious. “But in the pandemic with people being laid off, furloughed, stimulus packages going out, you are now expecting, those kinds of communications and fraudsters took advantage of that,” Gaddis said. In addition, when fraudsters gained personally identifiable information (PII), they learned where they can monetize the data, such as with financial institutions, and look for those "easy wins."
Fraud Types and Their Impact on Industries
TransUnion analysis detected a significant trend in fraud hitting all industries during the deepest throes of the pandemic. Gaddis believes there are a few reasons why fraudsters continue to target the financial services industry. One is crooks have the ability to really monetize the fraud within the financial institutions. In the financial services space, identity theft, credit card fraud and first-party application fraud do much of the fraud damage.
“We did see a significant uptick in phishing attacks and attempts on people.” Gaddis pointed out phishing attacks have had varying degrees of success in gaining PII such as name, address, username, passwords, and bank account information. “Now (fraudsters) can start using that (information) to either access accounts in an account takeover or create credit cards with other people's information.” Gaddis explained TransUnion has seen an uptick, in particular, in true identity theft especially within the credit application arena.
TransUnion identifies true identity theft, where a cyber bandit uses a victim's data to open new accounts as the top type of digital fraud in financial services. The second and third most reported type of digital fraud in financial services are first-party application fraud and account takeover, respectively.
First-party application fraud takes place when a consumer refuses to repay legitimately incurred debts and/or falsely claims to be a victim of identity fraud to evade debt. Account takeover occurs when someone other than the account owner hijacks the account for malicious purposes.
Credit Union Validation
The TruValidate suite, fuses traditional data science with machine learning to provide insights about consumer transactions, safeguarding tens of millions of transactions each day.
"We have quite a few credit unions within our customer base,” Gaddis said. She noted how credit unions place significant value in member relationship and providing online services using their credit union app such as allowing account holders to deposit checks, check balances or transfer money. “Whatever those online transactions that each credit union allows their members in a normal course of business; once we are beyond our pandemic, protecting those transactions is key. And our solutions play very nicely with that. we play a strong role with credit unions as well.”
Gaddis explained TruValidate focuses on fraud solutions and helping combat fraud. “We can provide feedback and information and visibility to consumers all the way up through document verification, where their end consumers are scanning their documents.” TransUnion has a range of solutions that allow credit union and other customers to pick the right level of solution, based on the risk level of the transaction. “We encourage consumers, of course, to protect themselves such as making sure they understand what is going on with the accounts they have.”