How banking scams have evolved 

From suspicious SMS messages to malware that looks nearly as good as the real thing: banking scammers will do anything to get your details. While it’s important to stop customers from giving up their personal information in the first place, the real fight against scams lies in what comes next. 

If you are the person with the job of handling customer complaints, you know only too well that scamming cases are costly, time-consuming, and often incredibly complex. Consumers are preyed on daily in the scammers’ quest to get us to give up our personal details. 

U.S. financial services firms saw $4.00 in costs, for every dollar of fraud lost in 2021. This number is up from $3.64 in 2020 before the pandemic. 

The true cost of scams offers a great discussion around the liability (or otherwise) that banks should have in protecting their customers. For now, we’ll go back to basics: 

The evolution of banking scams 

Cybercriminals attack banks and financial services providers at an organizational level as well as the individual accounts of the people that use their services. Using ever-sophisticated technology, criminals can hack into enterprise systems and carry out heists that hit headlines. In return, banks are fighting back against single-point failures, adding multiple layers with the use of biometrics within app authentication procedures as an example. 

And yet, the cost of fraud continues to rise in the US, as scammers continue to go after individuals at scale. For example, the rise of authorized push payments – where victims are duped into sending cash to scam accounts – has seen a 40 per cent increase year on year in the UK. Learn how to protect yourself from APP scams 

What are the common types of bank scams? 

Here’s a quick rundown of the most common scams in banking today: 

Bank scams – in person: 

  • Check cashing – the fraudster asks unsuspecting passers-by to cash a check in-branch. The excuse? They don’t have their ID on them. The target takes pity, giving the fraudster cash from the ATM in exchange for the check. The check doesn’t clear, leaving the target out of pocket and likely with a negative balance in their account. 

In the mail: 

  • Fake checks for ‘free’ money’ – a check arrives in the post with a surprise notification that you’ve earned some money e.g. for overpayment on a bill. Closer inspection reveals that cashing the check results in a legally binding contract for a long-term payment loan.  

Over the phone: 

  • Auto debit – scammers call you over the phone to announce you’ve won a prize. To receive it, you must first verify your bank account information. You read out your details and bingo. The scammer has all they need to set up a debit every month without your approval. To avoid detection, scammers often lie low for a while before acting.
  • Impersonation scams – fraudsters call up pretending to be from an official agency such as the Federal Trade Commission (FTC) to chase a ‘debt’ such as a speeding ticket. They demand your bank details in order to remedy the debt.  

Email/social media/websites: 

  • Phishing emails and SMS – highly popular with scammers, phishing attacks can be distributed as email blasts to thousands of targets in one send. They arrive in official looking branding, often with a mildly alarming message about the payment status of a bank’s product or service. The aim is to get targets to click on a link and then visit a webpage where it ‘phishes’ for your sensitive information.  
  • Overpayment scams – an email or voice call will say you’ve overpaid on a service or bill. To rectify the mistake, the scammer offers a cash refund and a discount on your future bills. If you’re tempted, then all you have to do is supply your bank details…you’re getting the picture. 

How do you become a victim of a bank scam? 

Banks are under increasing pressure to guard their digital assets to keep customer information secure. Yet attacks on customers continue to rise, as the scammers continue to take advantage of our online behavior.  

Here are just a few of the ways that people inadvertently ‘leak’ their details to scammers: 

  • Falling victim to a fraudster pretending to be a bank 
  • Trying to access banking via Malware 
  • Fake text messages with a link or login 
  • Donating to a fake charity 
  • Competitions/ cash prize calls/ lottery ‘wins’ 

What does a banking scam look like? 

Here are some common examples to look out for: 

Fake text messages with a link or login.

 

 

 

 

 

Falling victim to a phishing email. In this case, the fraudster pretends to be someone known to the victim – the boss.

Malware disguised as banking apps. SOVA, an Android banking malware that targets banking apps to steal personal information. It has specially designed layers to make it look like the real thing. Once downloaded, it sends all data related to the current users’ downloaded apps to the SOVA server.

  1. SMS sent to victim’s mobile prompting them to download the ‘updated payment app’
  2. The fake application is installed on the victim’s phone
  3. The app sends a list of all applications installed on the device to the malware’s control server
  4. The malware can now access all information passed between the user’s apps and the control server. (Gmail, Facebook, etc)

How to avoid a banking scam

Here’s a quick-fire guide to protecting your accounts.

Never:

  • cash checks for others.
  • accept payments from people that you don’t know.
  • click on a link in an email or SMS unless you know and trust the sender.
  • make upfront payments or fee demands for things like jobs, prizes, or special offers.

Always:

  • secure your accounts with strong passwords and 2FA – a password manager can also add an extra layer by warning you if you’re about to be ‘phished.’
  • monitor your bank accounts regularly – a scammer will often start small and leave long gaps between transactions to avoid detection.
  • be on the lookout for ID theft by checking in for transactions that you don’t recognize.
  • Check for an encryption certificate (lock icon) in the browser when sharing any sensitive information.

Using technology to combat banking scams.

As technology evolves, scammers and fraudsters will continue to look for opportunities to manipulate these innovations to their benefit.  The reality is we can only ever offer customers advice on ways to safeguard their accounts. The bad actors are increasingly expert at convincing us to click, to tap and swipe. The real impact is preventing what happens next. Featurespace’s mission to make the world a safer place to transact has led us to developing a scam prevention solution that:

  • Provides the best scams control in the world, for inbound and outbound requests
  • Can do this with or without historical data (cold start)
  • Has the most accurate risk scoring on payments
  • The models are adaptive and remains accurate over time by adapting to emerging trends, with no manual retraining or degradation
  • The solution is designed for simplicity with minimal integration effort required

To learn more about how ARIC™ Risk Hub can help with to prevent scams and fraud, contact us or request a demo today.