Reviewing the wide variety of scam techniques and ways to stay ahead

Raj Dasgupta, Senior Director, Global Advisory, BioCatch

Below is an insight into what can be expected from Raj’s session at Financial Crime 2024

The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.

What are the various types of financial scams in today’s world? How can financial institutions identify and stay ahead of these?

There are many different types of scams that fraudsters carry out these days. Although the modus operandi in each of these scam types may be slightly different, the end goal in all of these scams is to dupe an unsuspecting victim into sending money to the scammer. A very common type of scam is an impersonation scam where the fraudster impersonates themselves as belonging to an institution like the IRS or a bank or a utility company or even a tech company which sells some consumer software, often an anti-virus software. The fraudster can pretend to belong to one of these types of institutions and call the victim to narrate a story of some dire financial situation that requires the victim to make a payment urgently. The payment is then received by the scammer. Although impersonation scams are common, there are many other scams that are prevalent today. Romance scams, investment scams or pig-butchering scams and Business Email Compromise (BEC) scams are not that uncommon.

Financial institutions have to harness different kinds of data ranging from user accounts, transactions, user devices to, most importantly, user behavior to get a comprehensive assessment of the risk of a user being scammed in order to stay ahead.

How can customer education and awareness play a role in preventing financial losses to scams?

Customer education campaigns are vital in raising awareness of the different types of scams. However, customer education often reach a point of saturation after which user fatigue sets in and the campaigns become less effective. Thus, in spite of customer education being a key tool in preventing users from falling for scammers, it needs to be used in conjunction with technology and risk policies, which together can build the best possible defense against scams.

What are the main implications if financial institutions fall behind in preventing these scams?

The implications are many. Firstly, when financial institutions reimburse victims of scams, that is a direct financial loss to them. In certain jurisdictions, there can be regulatory implications as well. Secondly, there can be erosion of consumer trust when victims feel that their financial institution could not adequately protect them against scammers. This can lead to attrition which is not a desirable outcome for any financial institution. Lastly, there can be reputational damage for the FI when they are the subject of negative press when victims take their stories to news agencies.

What tools can be leveraged to help prevent customer manipulation?

Tools that are common are account and payment level restrictions. However, the use of advanced behavioral biometrics is new frontier in technology that can be very effective in detecting anomalous behaviors of a user, thus assessing if an outbound payment resulted from a scam. Every online user has unique behaviors when they conduct online banking. During an active scam, their behaviors will differ subtly from how they normally behave. User behavior based machine learning models can pick up these subtle behaviors and assess if a scam is taking place in real-time. If the risk of a scam is deemed to be high, then the financial institution can deter the user from making the payment or even hold the payment to establish contact with the user and investigate the circumstances around the payment(s) and assess if the user was indeed scammed.

What are some of the best practices to deter customers from falling victim to financial scams?

Some of the best practices include:

  • Running user awareness campaigns. Not responding to phone calls or text messages that appear to inform the user of dire financial loss. Best practice would be for the user to call the bank or the company like the software provider or utility company if they are ever in doubt. Everyone should remember that the IRS never calls asking for unpaid taxes to be paid immediately. If there is unusual urgency presented by the caller, user should hang up, speak to a trusted individual about it. Best option would again be calling the bank to make sure everything is ok with the user’s account.
  • Providing warning messages at the point of adding a payee to make a payment.
  • Placing payment and account level restrictions are oft-used tools. FIs can choose to hold payments to provide fraud agents time to establish contact with the user to determine if the outbound payment was for genuine reasons.
  • If unusually high financial returns are promised, then it is best to take a pause and discuss it with a trusted individual.
  • Lonely senior citizens are often vulnerable to romance or investment scams. A combination of customer education and use of technology to detect these scams would constitute different layers of defense against these scams