Fraud: a ‘national security threat’…why?

In March, a bakery owner in South West England received a curious SMS from her bike courier. 

The baker, whose canelés are famous in her city, supplies pastries to nearby cafes and other bakeries. She relies on couriers to get fresh pastries to those businesses early in the morning, and the bakery and the courier service have a years-old partnership. 

So, it wasn’t surprising that she received an SMS from the courier asking for shipment details. It was surprising, however, when the courier asked for her banking details. That’s when a red flag went up, and the baker called the courier service. 

It turns out scammers had spoofed the courier’s phone number and had been requesting bank details from all of their customers. This is known as an authorized push payment scam, and it is one of many types of fraud on the rise in the UK. 

In September, UK Finance released their 2021 Half Year Fraud Report, which put numbers to this trend: 

• Authorized push payment fraud saw a 71 per cent increase compared to the same period last year. 
• Remote banking fraud saw a 67 per cent increase. 

While financial institutions understood that these types of scams were on the rise, the actual figures shocked some people in the industry.  

Every day, scammers defraud business owners, mobile banking customers, remote employees and even dating app users out of their money. These scams prey upon a combination of factors: 

• Speed at which industry regulations are enforced.  
• People’s uneven tech savviness.  
• Personal and financial anxieties that have emerged during the pandemic. 

These are universal vulnerabilities, which means anyone could potentially be a scammer’s target. That’s why UK Finance describes fraud as a matter of national security. 

In this article, Steve Goddard from Featurespace’s team of financial crime Subject Matter Experts explores common types of scams, the methods scammers use and how financial institutions can reduce this threat. 

Why has there been such a big rise in financial fraud? 

According to UK Finance, criminals stole more than £750 million in the first half of 2021; the same amount granted by the UK’s Chancellor of the Exchequer to help UK charities recover from the pandemic. 

The amount stolen represents a 30 per cent increase over the first half of 2020.  

So, where did the uptick come from?  

• Authorized push payment fraud. This describes various tactics in which a criminal tricks someone into authorizing a payment. Criminals can do this by posing as a legitimate business, as a member of a bank’s staff or even as a match on a dating app. In each case, the scammer gains the trust of the victim and convinces that person to authorize a transfer. This represented more than £350 million in losses during the first half of 2021.  
• Unauthorized remote banking fraud. This describes any type of scam in which a criminal gets access to a victim’s bank account, usually by stealing the victim’s password. Remote banking fraud represented more than £130 million in losses during the first half of 2021, up from nearly £80 million in the first half of 2020. UK Finance say this increase reflects the fact that more people are using remote banking today, and criminals are honing in on consumer vulnerabilities. 

How do these scammers exploit their victims? 

Scammers are using new twists on the same tricks they have deployed for generations: 

• They pose as a potential romantic partner, earn the trust of their victims over weeks and months, even send photos and chat on the phone. Then, the scammer begins to ask for money. The asks start out small then get larger and larger as the con goes on. 
• They spoof legitimate phone numbers and email addresses so they can pose as CEOs, business owners or even bank staff. Under that pretense, scammers can convince business partners and consumers to send money to new accounts. 
• They reach out to people with can’t-miss investment opportunities. Right now, the scam is via cryptocurrencies. The victim contributes some small amount of money, sees an initial return, then feels emboldened to make a larger investment. That’s when the scammer disappears with the money. 

Contemporary circumstances shape each scam. The fake romantic partner, for example, is taking advantage of the fact that many, many people have been made to feel lonely during the pandemic. Those people are actively using dating apps because they crave human affection, which is exactly what a scammer will exploit. 

Scams don’t really change. They just adapt to new technologies and gravitate toward new opportunities as those opportunities emerge. Scammers seek the most cutting-edge vectors for their crime. The more confusing the technology or the circumstances are for the victim, the better the scammer’s advantage. 

How do financial institutions fight scams? 

By understanding what genuine customer behavior looks like, and by being able to distinguish that from fraudulent behavior in real time. 

To illustrate, imagine a bank customer who gets paid a salary at the end of every month. Rent, utilities and student loan payments go out shortly afterward. It’s a predictable pattern month after month.  

All of a sudden, this customer executes a £5,000 transfer at 1 a.m. on a Tuesday in the middle of the month. That’s a red flag, and the bank needs to know in that instance whether this kind of behavior is out of character and appears fraudulent. 

This is a tech challenge. The bank needs a tool that can analyze — at scale, in real time — an evolving set of behaviors among its customers, and among the scammers who would seek to defraud those customers. 

That’s why Featurespace ​​developed Adaptive Behavioral Analytics and Automated Deep Behavioral Networks for fraud prevention. By understanding people’s behaviors, financial institutions can outsmart a scammer’s ability to exploit customers’ vulnerabilities or lack of tech savvy. 

When COVID-19 pushed the country toward work-from-home arrangements and online shopping, our Adaptive Behavioral Analytics recognized this as a global shift in behaviors. That’s why our technology didn’t flag the sudden rush of online grocery purchases in March 2020 as out of character or as fraudulent behaviors.  

That made for happier banking customers — who weren’t getting their accounts needlessly flagged — and it provided better visibility into actual instances of fraud while other security tools were crying wolf. 

By continually deploying the most advanced innovations in fraud-prevention, financial institutions will make digital adoption safer for their customers and mitigate the threat that financial scams pose to society.