The PSR conduct research to discover which banks were subject to the most fraud as well as the rate at which reimbursement was provided to customers.

UK Finance has found that APP fraud in the first half of 2023 came to a total of £239.3m and there was £152.8m returned to the victims.

APP fraud

This is when a customer is tricked into authorising a payment to an account controlled by a criminal.

APP stands for authorised push payment.

What is being done about bank fraud?

PSR are introducing mandatory reimbursement for victims of APP scams meaning banks will have to abide by these rules to help their customers further. They rules will be introduced later in 2024.

You bank should help you if you are a victim of fraud, if they don't you have the right to push for it.

Keeping your money safe is a top priority and customers expect their accounts to be secure. This is why when picking your savings account you may want to consider the banks which have a reimbursement policy.

The banks with the highest fraud rates

• 94% of financial services providers think fraud prevention should be taught as part of the National Curriculum to help consumers protect their money from scammers. 
• 72% of firms support the introduction of an official digital identity for each individual aged 16+, funded by the government.
• By 2030 consumers will no longer use passwords to access online services.
• ‘Authentaverse’ era will see the end of entering payment details and personal information during internet transactions such as shopping and banking.

New research from LexisNexis Risk Solutions reveals that 94% of financial services providers think teaching fraud prevention in schools will better protect the UK public against the risks of fraud and financial crime. 

88% of firms also said they believe that teaching online safety and digital literacy skills in school are now as important as maths and English. 

A majority of the 200 senior UK financial services firms polled also expressed concern about online safety in relation to the new generation of immersive online environments – metaverses – which will enable people to connect and transact like never before. Over half (52%) are concerned that the metaverse will lead to a high risk of fraud and financial crime, with a further 40% expecting them to lead to some risks.

The latest figures from UK Finance[1] show almost three million cases of fraud occurred last year alone, with over £1.2billion being stolen. 

Consequently, the research by LexisNexis Risk Solutions also showed strong industry support amongst financial services firms for the introduction of an official digital identity for each individual aged 16+ to be able to complete online transactions such as banking or applying for credit or insurance, with a majority saying the government should cover the costs of such a scheme.

Around half of those in favour of a digital identity scheme would like to see it used to encourage consumers to better manage and protect their personal information.

These survey findings follow the release of a new report from The Future Laboratory and LexisNexis Risk Solutions that predicts people will no longer need to use passwords online by 2030 while entering payment details and personal information during online transactions will also become a thing of the past. 

This new frictionless way to navigate internet services and eCommerce – dubbed an Authentaverse – will see online activities including shopping, banking, applying for loans and insurance policies, and managing subscription services completed in seconds, with no clicks or forms to fill in. Instead, consumers will be automatically recognised and invisibly checked based on their human characteristics, such as how fast they type, the pressure their fingers exert on device screens, the tilt of their phone, and even their heart rate. 

Digital money and identity author and expert, David Birch, explains: “In contrast to the world of the super app in which you share your identity across many different services, an Authentaverse is the world of the ‘smart ID wallet’ where different services each with their own relationship identities share strong authentication. In other words, once you are logged in to the wallet on your phone with your face or fingerprint, your wallet can provide relevant and appropriate information to service providers without bothering you again.”

Survey findings also show that 82% of finance firms think the way people are checked, verified, and authenticated during online transactions needs to improve as the UK moves more towards more immersive, virtual, and augmented ways of using the internet – such as Web3 environments and metaverses. 

Steve Elliot, Managing Director at LexisNexis Risk Solutions, added: “In the next decade, remembering countless passwords, security codes and clicking a boxed image featuring cars, traffic lights or buildings with steps will be confined to history. In an Authentaverse, consumers will enjoy quicker and hassle-free online transactions, but this requires strong, assured, and seamless digital trust to become a reality across the entire online ecosystem.

“People need to be able to trust organisations with their data and organisations need to be able to trust that consumers understand the role they play in protecting themselves, something that will require education. This mutual trust can then create greater knowledge of genuine customers and reduce the chances of criminal exploitation and fraud attacks.

“To achieve these high levels of mutual digital trust and confidence required to enable the next generation of online immersive experiences, businesses must evolve their identity and fraud checks through integrating both physical and digital identity attributes – common digital identifiers, and physical and digital biometrics – into a single, seamless, end-to-end verification and authentication process.”

In the absence of formal fraud prevention education in schools, organisations are prioritising digital trust as a strategically important factor. Survey data found that 76% of financial services firms are focusing on creating and strengthening levels of digital trust amongst customers, while 8-in-10 firms think a lack of knowledge amongst UK consumers impacts their willingness to share personal information that could otherwise help protect them. 

Click here to read the full report, The Future of Digital Trust: The Authentaverse.

About the survey. Senior leaders from 200 UK financial services firms were surveyed by Sapio Research in May 2023. 

About LexisNexis Risk Solutions
LexisNexis® Risk Solutions harnesses the power of data and advanced analytics to provide insights that help businesses and governmental entities reduce risk and improve decisions to benefit people around the globe. We provide data and technology solutions for a wide range of industries including insurance, financial services, healthcare and government. Headquartered in metro Atlanta, Georgia, we have offices throughout the world and are part of RELX (LSE: REL/NYSE: RELX), a global provider of information-based and analytics and decision tools for professional and business customers. For more information, please visit www.risk.lexisnexis.co.uk and www.relx.com.

WHY TACKLING OMNI-CHANNEL FRAUD IS KEY TO ENHANCING CUSTOMER EXPERIENCE

Christen Kirchner

Senior Solutions Expert, Fraud & AML at SAS Northern Europe

Over a decade after it emerged as a concept, providing a ‘good omni-channel experience’ has become a necessity for all customer facing industries.

As the financial service sector has become increasingly digitised, a growing number of customer touch-points have emerged. In fact, banks now interact with customers via online banking apps, SMS messages, email, face-to-face interactions, traditional paper-based methods, ATMs and even social media.

In light of this, many are focusing their attention on creating a seamless omni-channel experience for their customers, using data analytics and artificial intelligence (AI) capabilities to do so.

However, as the industry has seen time and time again, with new innovation comes new opportunities for fraudsters. As such, omni-channel fraud is becoming an increasing problem for banks.

The need to act

Omni-channel fraud is a type of fraud that occurs across multiple channels and can only be detected and prevented with multiple, advanced layers of protection.

A recent report by TransUnion confirmed that fraudsters are using every available digital channel to access consumer accounts. Between September and December 2022, 52% of consumers said they were targeted with online, email, phone call or text messaging fraud attempts.

As we’ve seen, fraudsters are ready to exploit any opportunity to make money from unsuspecting victims. During the COVID-19 pandemic, scammers called home phones and sent text messages pretending to be the government or NHS.

More recently, fraudsters impersonating Royal Mail have targeted unsuspecting shoppers with phoney delivery texts, or have turned to social media to find victims.

With fraudsters’ schemes becoming more sophisticated as customers use a greater number of channels, the onus is on banks to analyse all customer interactions together to stop fraudsters gaining access to their accounts, through detecting the risk of each transaction and flagging any anomalies.

For example, if there is an unsuccessful attempt to access a customer account from a foreign country, this should be immediately considered against any other suspicious transactions and activity, in case the fraudster has more luck through a different channel.

To get a comprehensive overview of fraud risk, banks need to take into consideration non-monetary actions, such as a client changing their address or requesting different cards. One of these activities alone may not be suspicious, however if this occurs after an attempt to access an account, it should set alarm bells ringing.

 Prioritising the customer experience

It may seem obvious, but at the centre of providing an exceptional service to customers is the ability to keep them safe from fraud. If a bank fails to update their systems to protect against the rising instances of omni-channel fraud, they risk losing out to competitors.

Equally important is the ability to detect - and then avoid contacting a customer – where an alert turns out to be a false positive. If an individual cannot complete a purchase after their bank mistakenly flags their legitimate transaction as fraudulent, or they have to spend time out of their day to rectify the issue, they will quickly become frustrated.

Currently, there is a limited ability to adapt business rules as soon as a new type of scam emerges - leading to a high number of false positives and disgruntled customers. Accuracy is key here - and advanced technology is paving the way forward.

Facilitating the solution

It is no longer good enough to view each customer touch-point as an isolated form of interaction. Banks need to focus on uniting their response, rather than leaving valuable data residing in separate silos.

AI and machine learning (ML) can help companies to tackle omni-channel fraud in real-time. This technology can constantly check for red flags and anomalies across multiple sources - providing banks with the means for a speedy, accurate response.

Within this, layered analytic methods can help reduce false positives, avoiding the need to unnecessarily bother the customer. With surges in identity fraud proving a particular concern for banks in the last few years, this technology also grants banks the ability to detect and adapt to new identity fraud trends.

As banks compete for the best clients and aim to consolidate themselves as a leader in customer service, the way forward is to understand developing fraud trends like omni-channel fraud - and act fast to protect customers.

Whether you're writing a check or receiving one, there are several security features you should look for to safeguard against fraudulent activities. 

In this blog post, we will explore five crucial check security features, that help you make informed decisions and protect your financial well-being.

Enhanced Check Printing Technology

Advancements in printing technology have introduced additional security measures to protect against fraud. Checks printed with high-resolution printers using specialized inks, like Carousel business checks, can incorporate intricate designs, patterns, or guilloche backgrounds that are challenging to replicate. 

These features make it harder for counterfeiters to create convincing fake checks and help ensure the integrity of the check's appearance.

Tamper-Evident Features

Checks with tamper-evident features are designed to show visible signs if someone attempts to tamper with or alter the check. Look for features such as "VOID" patterns or words that appear when someone tries to erase or modify information on the check. 

These tamper-evident features serve as a strong deterrent against fraud and provide a clear indication of any tampering attempts.

Watermarks and Security Threads

When examining a check, pay close attention to watermarks and security threads. Watermarks are subtle images or patterns embedded into the paper, visible only when held up to the light. These features are difficult to replicate and serve as an effective deterrent against counterfeit checks. 

Security threads are thin, embedded strips that run vertically through the check. They are visible when holding the check-up to light, providing an extra layer of authenticity.

Microprinting and Holograms

Microprinting is a security feature that involves printing tiny, intricate text or patterns on the check. These minute details are difficult to reproduce accurately, serving as an effective method for detecting counterfeit checks. Look for microprinting in areas such as the signature line or borders. 

Holograms are another advanced security feature to check for. These three-dimensional images or patterns are challenging to duplicate and provide a visible indicator of authenticity.

Chemical Reactivity and Security Inks

Chemical reactivity is an innovative security feature that involves using special ink that reacts when subjected to chemicals such as solvents or bleaches. This reaction typically results in a change of color or a noticeable mark, indicating tampering or alteration attempts. 

Similarly, security inks are designed to be difficult to remove or alter without leaving visible evidence. Ensure that the checks you handle have these advanced ink features to protect against fraud.

Sequential Numbers and MICR Encoding

Checks usually have sequential numbering printed on them, which helps in tracking and identifying each check. Verify that the numbers are printed clearly and are in a consistent order. 

Additionally, Magnetic Ink Character Recognition (MICR) encoding is a specialized printing method that uses magnetic ink for specific numbers and codes on checks. These magnetic characters are highly resistant to tampering and counterfeiting, making them a critical security feature to look for.

Security Padlock Icon and Check Verification Services

Many check designs incorporate a security padlock icon, indicating that the check has undergone additional security measures. This icon serves as a visual reassurance of the check's authenticity and enhances its overall security. 

Furthermore, there are check verification services that provide an added layer of protection against fraud. These services allow banks to verify the authenticity of the check against a pre-registered database, minimizing the risk of accepting fraudulent checks.

Why Protecting Your Check Matters

Protecting your check matters for several important reasons:

Financial Security: Your check contains sensitive information, including your bank account number and personal details. If it falls into the wrong hands, it can lead to unauthorized access to your funds or identity theft. Protecting your check helps safeguard your financial security and prevents potential financial losses.

Fraud Prevention: Checks are a common target for fraudsters who attempt to alter or forge them. By implementing security measures and staying vigilant, you can significantly reduce the risk of falling victim to check fraud. Protecting your check helps maintain the integrity of your financial transactions and prevents fraudulent activities.

Reputation and Trust: Your checks reflect your financial credibility and reputation. If you issue or accept checks that are prone to fraud, it can damage your reputation and erode the trust others have in you. By protecting your checks with robust security features, you demonstrate a commitment to financial integrity and enhance trustworthiness in your financial interactions.

Legal Compliance: Checks are governed by various laws and regulations, and failure to protect them adequately can have legal consequences. For instance, if you issue a check that is later altered or used fraudulently, you may be held responsible for any resulting losses. Protecting your checks helps ensure compliance with legal requirements and mitigates the risk of legal complications.

Peace of Mind: Knowing that your checks are secure provides peace of mind and reduces financial stress. By implementing recommended security measures, you can rest assured that your checks are less vulnerable to fraud attempts. This peace of mind allows you to focus on your financial goals and day-to-day financial activities without unnecessary worry or anxiety.

Trust in the Banking System: Checks are a widely accepted and trusted form of payment. By taking measures to protect your checks, you contribute to maintaining the overall trust and reliability of the banking system. Your efforts to safeguard your checks help ensure the continued viability and effectiveness of this payment method for yourself and others.

Conclusion

Protecting yourself against check fraud requires a keen eye for security features. By paying attention to watermarks, security threads, microprinting, holograms, chemical reactivity, security inks, sequential numbers, MICR encoding, security padlock icons, and check verification services, you can significantly reduce the risk of falling victim to fraudulent activities. 

Always remember to trust your instincts and report any suspicious activity to your bank or relevant authorities promptly. With the right knowledge and diligence, you can confidently write and accept checks while safeguarding your financial well-being.

There’s no doubt that financial organisations in the UK take the threat of financial crime and fraud seriously. The recent True Cost of Compliance report from Oxford Economics and LexisNexis Risk Solutions shows the cost of financial crime compliance for an average UK firm stands at over £194 million per year.

Financial organisations have invested huge amounts in technology, software, and training over recent years to counter criminal attacks. Fraudsters and scammers, however, are relentless in their determination to circumvent these sophisticated security processes and their most recent approach is to weaponize banking customers.

The weaponization of true customers

Effective customer due diligence is often built on a chain of robust checks, knowledge, and understanding. Multi-factor authentication at onboarding and login – relying on layers of knowledge and intelligence drawn from the user themselves, their device, and their patterns of online behaviour – can be extremely effective at keeping criminals out. Realising this, criminals use genuine customers to gain entry. 

Multifaceted fraud attacks

Once in, a fraudster in full control of their victim can instruct them to send money wherever they please – effectively making them complicit in the fraud. Known as automated push payment (APP) fraud, it’s a massive issue for UK banks, costing victims over £600m in the first half of 2022 alone.

Alongside APP scams, application fraud and Account Takeovers (ATO) are two other types of attacks that prey on genuine customers.

Application fraud is a broad term, but the fundamental approach is that a fraudster opens an account with an organisation using identification attributes that are either fake, stolen, or both. The primary objective is usually to abscond with funds or to receive transfers of stolen money to the account. In both instances, the owner of the stolen information is unwittingly weaponized and only suffers the consequences later when the bank pursues them for unpaid debt, fees, or fines. 

ATO fraud sees a fraudster take control of a genuine customer’s account, without the true holder’s knowledge or consent. Personal information, login details, and passwords can be obtained via the dark web or a combination of social media skimming and phishing or smishing attacks, or through manipulation. Once access is gained, the fraudster has free rein to empty accounts, apply for credit, or make high-value purchases, without the victim’s knowledge. 

Consumer expectations for online and mobile services to be quick, convenient, and seamless only add to the challenge for financial services providers in addressing these criminal attacks. This is where behavioural biometrics signals come into their own, as part of a multi-layered fraud solution.

Distinguishing between patterns in human behaviour

Behavioural biometrics offers firms the ability to measure and uniquely distinguish patterns in how people behave. To be clear, these insights are quite distinct from physical biometrics, such as facial and fingerprint recognition. 

Pure behavioural biometrics technology concentrates on the individual traits and habits that make us human. The speed and cadence of our typing, how much pressure we exert on the screen, the typical tilt of our device, and which hand it’s held in – known colloquially as ‘type and swipe’ signals – that every device detects when in use. The unique advantage of leveraging this intelligence is that it can’t be mimicked or stolen by a fraudster.

Sophisticated machine learning analyses a customer’s behaviour to form an expectation of how they act. This intelligence helps build a unique profile of the customer that can be used to authenticate them at subsequent logins, protecting both them and the organisation from fraud attacks. The benefit of this in helping improve the experience for genuine customers and also preventing APP scams is clear – a victim being manipulated by a scammer is likely to display altered behaviours during a transaction. Typing erratically or making errors due to stress, pausing as account information is dictated to them, or switching between typing and holding their phone to their ear – behavioural biometric analysis can flag these anomalies and alert the bank to consider imposing additional layers of security, or pause the transaction altogether.

Of course, no single piece of intelligence – whether digital or physical – is a fool-proof fraud detection measure by itself. But, combined with myriad other layers of data and intelligence, behavioural biometrics form a completely passive layer of user authentication, requiring no additional interaction or effort from the genuine customer.

Click here to learn more about behavioral biometrics.

Fraud is always at its most virulent during economic downturns and crises. In fact, in the first nine months of 2022, over 309,000 cases were recorded to the National Fraud Database, a 17% rise compared to the previous year. This increase was mainly driven by the rise in false application and identity fraud, up by 45% and 34%, respectively.

It’s perhaps no surprise that fraudsters will see new AI-powered technologies, such as ChatGPT, as a golden ticket to exploit vulnerable people. Others may turn to opportunistic fraud if the resources are available to them, highlighting the need for organisations to be investing in both predictive and preventative technology if they are to protect consumers.

How fraudsters are using AI

In the first half of 2022 alone, UK Finance revealed that criminals stole a total of £609.8 million through authorised and unauthorised fraud and scams. The same report shows that these figures were even higher during the pandemic. It’s therefore no surprise that the financial services industry is constantly looking for ways to strengthen security protocols and protect consumers, with tools such as two-factor identification and biometric authentication becoming the norm.

However, professional fraudsters are also seeking to find new ways to exploit consumers - something the finance industry needs to respond to quickly. Just recently, an investigation by Which? revealed that criminals are increasingly intercepting one-time-passcodes delivered via sms - putting customers at risk. They identified further weaknesses as insecure passwords, lax checks on new payees and vulnerable log-in processes.

While fraudsters recognise that they are unable to readily fake an account holder’s fingerprints or face, they are now turning to AI-enabled social engineering tools to generate a brand new or synthetic identity, creating fake bank accounts and then committing fraud.

The aforementioned ChatGPT has taken the internet by storm, with the AI-powered chatbot able to interact with users in a conversational way within a matter of seconds. Experts working in the finance industry have noted that the tool could be used for enhancing banks’ customer service or marketing efforts. Yet experts have also highlighted how ChatGPT can be a gateway to fraud. The chatbot can enable scammers from all over the world to craft emails that are so convincing they can get cash from victims without relying on malware or other unscrupulous techniques.

Unsurprisingly, speculation is rising around what else the tool could enable - especially when developments are moving faster than regulation. The next question for the finance industry is how to proactively get ahead of the game and prevent fraud before it occurs. The answer lies in the same technology - AI.

AI to the rescue

It’s important for organisations to join up their defences. Having a robust, enterprise fraud framework in place will enable fraud to be identified and prevented across all channels. For example, through the deployment of AI, banks can analyse customer-related and behavioural-based data, set up alerts and automate case management. This will help to create a holistic overview of fraud risk, as well as enhance accuracy.

For years, banks tended to rely on rules-based technology to spot fraud risk. However, as fraudsters have got smarter these rules need to be continuously updated and tuned if they are to be effective. AI comes to the rescue here. The implementation of a model development framework will allow a business to import and execute rules via a real-time decision engine.

Through the use of Machine Learning (ML), organisations can also be automatically alerted to any concerning changes in a person’s transaction history or behaviour - catching criminals in the act when masquerading as a customer.

We are already seeing some organisations introduce adaptive machine learning techniques - which build on traditional ML to process large amounts of real-time, rapidly changing data - an approach which certainly needs to become more mainstream across the sector in order to catch fraud before it’s too late.

AI-powered technology can also detect cases of false or synthetic identity in real-time, to ensure fraudulent activity is immediately stopped. For example, should a fraudster apply for a loan or credit, or seek to withdraw funds, using a fake identity this will be flagged and investigated.

Similarly, AI allows organisations to stay one step ahead of fraudsters, producing a comprehensive fraud risk assessment - a targeted fraud landscape review with a focus on identifying current sources of fraud losses, process leaks and other pains.

At SAS, we always test our AI models against challenger models and then optimise them as new data becomes available. When new scams arise, our systems immediately know.

Customers are often left with limited options after falling victim to fraud, particularly if it occurs through a customer authorising a transaction themselves. More regulation could help here, but educating the public is of equal importance. With tools such as ChatGPT on hand, typos in emails are no longer the first indicator of a scam. The industry should look to invest significantly in both fraud detection and prevention technology if they are to avert a rise in fraud.

This year began with the Royal Mail ransomware case. The malware ceased international shipments for two weeks.

Total financial losses for businesses that relied on the service and the Royal Mail itself

are still uncertain.

Behind this case is the known ransomware group LockBit which tried to extort the company for $80 million.

New variants of ransomware, with even more sinister capabilities than sole file encryption, can completely lock companies out of their networks and obtain sensitive data.

They’re paired with the threats of data theft and leaks as well as other types of attacks to force the victim into paying the ransom.

On average, the cost of ransomware for the affected companies is estimated to be $4.54 million. This number doesn’t even include the price of the ransom itself.

Let’s break down why ransomware cases are so costly and what companies can do today to protect themselves from a possible attack tomorrow.

The Hidden Costs of Ransomware

Some of the factors that contribute to the high cost of ransomware are:

● The ransom itself (if paid) or rebuilding infrastructure/retrieving data

● Falling behind with work (ceased operations and lost revenue)

● Hiring experts to strengthen security

● Investigation of the attack

● Compensating users following the data breach in the case of a class action lawsuit due to data theft

● Damaged reputation

Most ransomware cases are strictly financially motivated. The threat actor targets the business to demand ransom (mostly in crypto since it’s more challenging to trace it back to the criminals).

Whether or not the company pays the ransom will depend on which parts of the systems have been affected, whether the documents are sensitive, and if it can get back access to parts of its critical infrastructure.

It’s advised not to ever pay the ransom (and with that fund and support criminal activity) because there’s no guarantee that hackers will keep their end of the deal.

At the time of speaking, it’s not illegal to pay the ransom in many states. However, new research suggests that the number of companies paying the ransom is decreasing.

What happens when the company doesn’t pay the ransom, though?

The simple truth is that it differs from one case to another. Some might lose files that have been locked while others will have to rebuild their entire infrastructure.

Regardless of how the business handles ransom, they have to go through the expensive remediation phase where the experts remove the malicious software from the system and improve the security.

Recovery also involves the investigation of this criminal case and possible lawsuits if the data of the users has been compromised in the attack.

All of that combined can halt the regular operations of a business and cause major revenue losses for the company.

Even more, the attack can cause reputational harm for the company.  

As customers find out about the case, they take note of how the business handled the crisis. Did they do everything possible to protect user data? Communicated transparently? Refused to falter under the pressures of the criminals’ demands?

While reputation is not something that can be easily gauged, for high-profile cases it’s possible to observe the stocks before and after the attack.

Protecting Business Finances Against Ransomware Attacks

Steps a company can take to protect its network against possible ransomware include:

● Investing in a specialized tool that can uncover malware

● Properly manage data

● Do regular cybersecurity hygiene

● Introduce phishing awareness training

Cybersecurity solutions for ransomware are designed to recognize the patterns (fingerprints) of this file-locking malware and block it before it can infect documents or parts of the infrastructure.

The latest anti-ransomware solution is also automated and works non-stop to detect signs of malware. This is essential because the early discovery of the hacking activity can cut the costs of expensive security incidents, such as data breaches.

Since most versions of ransomware target the data of a company or individual, it’s necessary to take extra steps to enhance data security. Invest in solutions that can catalog and allow visibility into where your data is at all times.

Also, doing regular backups of the files can aid workers to resume their jobs even if the system is infected with malware.

In security, hygiene is maintenance — doing regular updates, patching up flaws, and strengthening the network in its weakest points. Daily improvements remove the vulnerabilities that can be exploited by malicious hackers.

Phishing attacks are gaining popularity, which is why training employees to recognize suspicious emails is a great first step in the line of defense.

Ransomware Brings Unexpected Costs — Be Prepared

Regardless of how you look at it, the cost of ransomware is high. For many companies, it’s challenging to fully recover following such a breach.

Once the files are encrypted, it’s notoriously difficult to decrypt them and get them back.

New strains of ransomware can steal data (not just encrypt them to demand the key) or lock the business out of the network and cease operations completely.

That’s why it’s important to secure infrastructure, prepare employees working in the company, have a solution that can trace the ransomware, and take extra precautions to protect sensitive data.

While you may not think about it every day, it is an ever-present threat, and thousands of Americans have fallen prey. 

In 2019, the Federal Bureau of Investigations (FBI) received an average of 1300 complaints of account fraud per day, resulting in over $3.5 billion in losses. Bank fraud occurs in many ways, from identity theft to cyber-attacks, romance scams, check-cashing, and government imposter scams. 

While there is no way of guaranteeing that your accounts will be 100% safe, the tips highlighted in this post can help protect your accounts against fraud.

#1 - Check Your Accounts Regularly Online

The ability to access your accounts online is a good and bad thing. Good in that it means you can access your funds from any place as long as there is an internet connection, and bad in that it becomes so much easier for hackers to access your account.

But there are other benefits to accessing your accounts online; it allows you to monitor activities on your account regularly, which is critical for fraud prevention and catching fraudulent activity before it causes extensive damage. You can also go further to activate e-notifications of any activity on your accounts. 

#2 - Use Strong Passwords

Unfortunately, most people avoid complicated passwords because they do not want to stress over remembering them. As a result, people tend to use simple-to-crack passwords or one password across all accounts. This means that if a hacker can crack your social media profile password, they have access to all your accounts, including online banking. 

The best approach to passwords is making them as non-obvious as possible and having a unique password for every account. It doesn't have to be overly complex. Only ensure that it is not something anyone can guess. Also, make sure you use a good mix of numbers, symbols, caps, and small letters to make it as non-obvious as possible. If memorizing passwords is too much of a hustle, consider using a password manager. 

#3 - Consider Two-Factor Authentication

Having two layers of defense on your accounts is better than one, so consider adding a layer of protection to your accounts through two-factor authentication. You may have seen two-factor authentication at work when logging in to your Google account from a different device. Often Google will send a prompt to the devices that are already signed in and only allow access on the new device if you answer the prompt on the other devices. 

Two-factor authentication for your bank accounts works in the same way. Every time a person logs in, you receive a code on your phone or email, which you then use to access your account. This approach ensures that only you can access your accounts since only you can access the sent code.

#4 - Beware of Public Wi-Fi

Almost every public place you visit, from your coffee shop to your favorite restaurant to your local, will have free Wi-Fi. The problem with open Wi-Fi is that cybercriminals can use the loopholes in the connection to access sensitive information from your online activity. 

If you are streaming content or reading a blog, there is no harm in using an open network. But if your activity involves logging in to your accounts, public Wi-Fi is not for you unless you have installed VPN on your devices. 

#5 - Update Your Apps Regularly 

Software update notifications can be nagging. But if the updates have anything to do with the apps you use to access your funds, you may want to change your approach towards them. 

The primary purpose of updates is to seal loopholes that hackers may utilize to commit fraud. So failing to update your software exposes you to hackers, which is avoidable by allowing timely updates. So, if you haven't permitted updates in the near past, it's time you go through your apps to ensure that every sensitive app on your device is updated.

The ongoing challenge

Despite the best efforts of financial organisations, they are still losing millions per year because of fraud and financial crime. Figures released last month by UK Finance¹ show that criminals in the first half of this year stole a total of £609.8 million through authorised and unauthorised fraud and scams. And while this figure is down from the record highs seen during the pandemic, the number is still significant.

Cost-of-living crisis set to cause further headaches

New research by global data and analytics company, LexisNexis® Risk Solutions, shows that 43% of financial services organisations expect the cost-of-living crisis to increase the risk of financial crime and fraud over the next 12 months, as scammers target vulnerable consumers struggling with rising bills.

The research also highlighted a concern that criminals are outpacing efforts to protect banks and their customers. A third (30%) of financial services organisations believe anti-fraud and financial crime systems are not developing fast enough to keep up with criminal techniques, whilst a similar number (32%) think fraudsters are spending more time targeting victims.

So, with criminals continuing to look for new ways to exploit potential victims as fraud continues to evolve, it’s more important than ever for financial organisations to advance their risk management solutions.

Helping to prevent fraud

The good news is that the advanced security systems now widely being used by banks prevented just under £584 million from being stolen in the first six months of 2022¹.

And financial organisations continue to play their role in helping to reduce fraud. In fact, the new study revealed that, on average, financial services providers rely on five external vendors for data sources or solutions to prevent fraud and financial crime across their customer onboarding and lifecycle – with half of these firms (49%) highlighting that having multiple solutions in place helps to increase protection.

In addition, UK Finance’s Information and Intelligence Unit² helped protect over 2.1 million compromised card numbers in 2020. The industry is also working closely with the government on measures to strengthen the fight against fraud and economic crime, including through the Economic Crime Strategic Board jointly chaired by the home secretary and chancellor.

However, while financial organisations can only do so much, with social engineering for example an increasingly utilised tactic to trick consumers out of their savings, many banks and the wider finance sector are starting to see risk orchestration as the latest weapon in their armoury to tackle the fraudsters.

The move to risk orchestration

To address rising levels of risk, the independent research indicated that seven out of ten (69%) finance organisations say they will invest more in technology over the next 12 months, with six in ten (59%) prioritising the emerging concept of financial crime and fraud risk orchestration.

Orchestration provides an end-to-end solution for customer onboarding and ongoing monitoring, incorporating anti-money laundering screening, transaction monitoring and case management, all within a single platform. It overcomes silos and manual processes to deliver more informed insights that enable quicker and increasingly accurate assessments of risk. Orchestration can help give businesses the flexibility and choice to deploy as many vendors and data sources as needed in their screening and monitoring, without the usual logistical headaches.

The research also indicated that the move to risk orchestration is well underway. The majority of respondents (74%) surveyed were already aware of risk orchestration platforms, identifying the main benefits as being: the ability to automatically track customer transactional behaviour over time and flag anomalies (48%); being able to bring all customer checks into a single, unified, digital platform (46%); and creating risk-based financial crime and fraud screening bespoke to varying risk appetites (41%).

New research by global data and analytics company, LexisNexis® Risk Solutions, shows that 43% of financial services organisations expect the cost-of-living crisis to increase the risk of financial crime and fraud over the next 12 months, as scammers target vulnerable consumers struggling with rising bills.

Risk orchestration in practice – Ikano Bank

Ikano Bank was founded in 1995 by Ingvar Kamprad – part of the family behind global retailer IKEA. The bank offers direct-to-consumer products including loans and store cards. In the UK, the bank opens hundreds of new interest-free loan accounts per day.

The bank considered the biggest risk it was facing was in ID fraud and document verification. With a view of providing efficient, first-class digital onboarding and fraud risk management, they needed a supplier that would give instantaneous decisions.

LexisNexis® Risk Solutions was able to supply Ikano Bank with the orchestration platform, RiskNarrativeÔ, that integrated with their existing data to grant them the ability to run ID and document verification, address checks and internal and external fraud rules. Along with this, the platform provided increased Cifas screening – before, Ikano Bank would only check an applicant address, whereas now they can match additional information such as email addresses, mobile telephone numbers, and sort codes, reducing their false positive rate.

A year on from going live with the RiskNarrative platform delivering their digital transformation, Ikano Bank have onboarded over 70,000 customers.

The financial crime manager at Ikano Bank commented that the automated decisioning has removed many referrals and freed up time for staff. The solution has made a significant difference to what the bank used to see.

RiskNarrative has enabled the bank to be in charge of the fraud rules the organisation sets, so it only sees the referrals it wants to see, with the ones the bank does not want to see, or the ones it declines, taken care of. This has enabled them to have greater control.

Whilst the RiskNarrative platform is currently only used in the UK, Ikano Bank is also looking to introduce the platform across their Sweden branches and beyond.

The future role of risk orchestration

With banks and the wider financial sector leaving no stone unturned in the ongoing battle to beat the fraudsters and reduce crime, risk orchestration is set to play a significant role in tackling fraud while supporting financial organisations with ongoing compliance requirements and customer acquisition targets.

For further information, visit RiskNarrative™ Platform | LexisNexis Risk Solutions.

References

Half-year fraud update 2022.pdf (ukfinance.org.uk)

Fraud The Facts 2021- FINAL.pdf (ukfinance.org.uk)

This cost-of-living crisis has emerged from a perfect storm of factors, including the fallout from COVID-19, the war in Ukraine, and disruptions to the global supply chain. As a result of all of this, it is thought that fraud could become a bigger issue in the coming months and the Financial Ombudsman has already reported a sharp increase in complaints.

Types of Fraud

There are many different types of fraud to be wary of with cases currently on the rise. These include criminals posing as a customer’s bank and getting them to move money to a “safe” account as well as people buying items online but not receiving the goods that they order. Cryptocurrency scams are also increasingly common, and it is thought that these are mainly driven by social-media-based scams that take advantage of people looking to make money quickly (something many are trying to do during the cost-of-living crisis).

Another type of fraud to be wary of that is not online is MOT fraud. From 2021 to 2022, there were 1324 cases of MOT fraud and this can result in dangerous cars being on the UK roads putting all road users at risk. MOT fraud involves either qualified MOT testers not doing their job by giving certificates to vehicles that should have failed or even cars that have not been tested. In some cases, there are examples of MOT testers taking bribes for certificates. This is why you should always research testing centers ahead of getting your MOT and book MOT online from a trusted tester.

What Can Businesses do?

So, what can businesses do to prevent fraud from being an issue during the cost-of-living crisis? Preventing fraud will involve having robust processes in place, providing staff training, and using high-quality cybersecurity products to prevent cyber-attacks. You can also conduct regular audits to identify any potential vulnerabilities and to ensure that all processes are watertight and secure. Business owners should also pay attention to the news and look out for the latest scams.

The cost-of-living crisis is creating a serious issue for both individuals and businesses in 2022 and it could be a tough period ahead for many. Not only is the cost-of-living crisis stopping people from spending, but it is also having a knock-on effect in terms of fraud and scams. It is important to educate yourself and be wary in the months ahead so that you know what the common scams are and what steps can be taken to protect yourself. 

Workflow digitalization allows banks to reduce operating costs, focus on developing client-oriented solutions, and thus enhance client experiences. Meanwhile, clients can enjoy the speed and simplicity of online financial services such as mobile apps, digital wallets, contactless payment, 24/7 access, etc. That said, the transformation has also been attributed to many new forms of digital bank fraud. 

Nowadays, most bank frauds happen online. According to the Financial Crime Report for the second quarter of 2022, online attack rates increased by 233% overall. Fighting against ever-changing online bank fraud has been more challenging than ever. For banks to remain competitive, seamless digital experiences aren't enough. They also need to implement an effective bank fraud detection and prevention strategy. Otherwise, huge losses await, including both direct and indirect costs.

What Is Digital Bank Fraud?

Digital bank fraud is an online illegal act to steal money or assets from banks and other similar financial organisations. It can be committed by either a single individual or a high-tech crime group. 

What Are Some Common Types Of Digital Banking Fraud?

There are various types of online banking fraud. However, the three types mentioned below are the ones most frequently encountered.

• New Account Fraud can happen during an onboarding process to verify client identity. It is risky for banks or financial groups as this process takes place online. There is no face-to-face interaction between their staff and clients. Chances are identity thieves can use fake or stolen IDs to fool the process and open a new account. Later, they will commit financial crimes. For example, apply for credit cards or loans in a fake or stolen name.
• Account Takeover Attack is another form of identity theft. It happens when a fraudster somehow can log into a legitimate account. Then, begin taking control of it by changing its user name or password. As a result, the victim can no longer access his own account. The fraudster can transfer money to another bank account or make other fraudulent transactions. 
• Fund Transfer Fraud is also known as wire transfer fraud. This type might not be the most popular digital bank fraud. Yet, it is the most destructive for banks and financial groups. In almost all cases, it's nearly impossible to recover the stolen fund. Fraudsters will set up a fake account and use various techniques to launder money. When a bank or an organisation becomes aware of suspicious activities, the money might already be gone. And the fake bank account might already be closed.

Are Digital Users 100% Safe Now?

Of course, bank users cannot be 100% secure. Fraud in the banking sector can be exploited from both sides. Imagine this situation: A client clicked on a malicious link in a fraudulent message he received. Then, his account information was stolen. The question is: Who is responsible for the bank fraud in this case?

Online campaign of Monzo to warn their clients about a phishing scam

That’s why it’s the responsibility of both banks and clients to increase the security level.  Clients should raise their awareness of online security risks themselves. Meanwhile, banks and financial groups should provide ongoing education for their clients. In addition, they need to invest in advanced technologies for fraud detection and prevention.

Along with the industrialisation of digital bank fraud, the revolution of advanced technologies has spread to prevent these illegal acts. Technology-based strategies are considered the most effective ones to fight against internet bank fraud. Today, a wide range of technologies is available in the marketplace to help banks and financial groups identify fraudsters’ attempts and prevent them.

Transaction monitoring software, for instance, can detect and flag suspicious activities, then block them as well as monitor the safety of SSL/TLS certificates required to prevent data loss while issuing payments. Machine learning algorithms and robust risk scoring can identify fraudsters' attempts to enter fake information. A real-time data enrichment tool can help supplement client KYC data with additional information gathered from open-source databases, social networks, and other sources. 

Final Words

Digital bank fraud is an unexpected event for both banks or financial groups and their clients. Both sides are badly suffering from this event. However, the most aggrieved party is usually the former. When it happens, banks and financial groups incur two types of costs:

• Direct costs: compensation for damage to clients, non-compliance fines, etc.
• Indirect costs: broken reputations, time spent handling the situation, customer loyalty, etc.

Obviously, the most terrible consequence for banks and financial groups is the fragile relationship with their clients. In the Great Payments Disruption report, 67% of respondents suffering fraud switched their bank as a result.

The winner in the battle for client loyalty will be the ones that effectively implement bank fraud detection and prevention strategies and provide ongoing education for their clients. 

This type of fraud can lead to financial problems for your child later in life, so it's important to be on the lookout for signs that your child's credit may have been compromised. If they do fall victim to fraud, their name and information can be used to take out the best personal loan or credit cards. 

If you notice unusual activity on your child's credit report, such as inquiries from companies you don't recognise or accounts that you didn't open, fraud may have occurred. You should also monitor your child's mail for bills or collection notices from creditors. If you suspect that your child's credit has been fraudulently used, you should contact the credit reporting agencies and place a fraud alert on your child's file. By taking these steps, you can help protect your child's credit and financial future.

It's important to keep an eye on your child's credit report to make sure that there is no fraud taking place. Here are a few things to look for:

1. Unusual activity. If you see something on your child's credit report that you don't recognise, it could be fraud. This can include new accounts that have been opened, charges made to existing accounts, or even inquiries from creditors.

2. Incorrect information. If any of the information on your child's credit report is incorrect, it could be a sign that someone has fraudulently obtained their personal information. This can include things like a wrong address or date of birth.

3. Poor credit history. If your child doesn't have a long credit history, you might not expect to see much on their credit report. However, if you see that they have a lot of late payments or other negative marks, it could be a sign that someone has been using their information without their knowledge.

Here are the top 10 ways to protect your child’s credit from fraud:

1. Keep your child's Social Security number and other personal information safe.

2. Check your child's credit report regularly.

3. Put fraud alerts and security freezes on your child's credit file.

4. Sign up for a credit monitoring service.

5. Teach your child about good credit habits.

6. Report any suspicious activity immediately.

7. File a police report if you suspect fraud.

8. Protect your own credit to avoid identity theft.

9. Keep tabs on your child's spending habits.

10. Talk to your child about money and credit regularly.

If you suspect that your child's credit is the victim of fraud, you should contact the credit reporting agency and the creditor immediately to dispute the inaccuracies and begin the process of restoring your child's good name.

[ymal]