NAFCU Services Blog

Nov 03, 2021

Don’t Be Spooked by Fraud!

By Ann Davidson, Vice President of Risk Consulting, Allied Solutions

Creating a web of prevention, detection, and prediction is the best defense against fraud. In some cases, it will require slight tweaks to an existing fraud strategy to prevent massive losses. In other cases, a risk mitigation strategy may need to be built or overhauled to keep up with current trends. Taking steps to proactively protect your credit union and its members can safeguard against today’s scariest fraud crimes. These best practices can aid you in stopping fraud before it happens, detecting fraud when it happens, and predicting where the bad guys will strike next.

Prevent Fraud: The Importance of Authentication

Thoroughly authenticating information and users of information is a first-line defense against fraud. Authentication should touch every area of the business from employee access to member online banking.

GraphicSome best authentication practices include:

  • Ensure that your credit union is on the latest version of 3D Secure
  • Report merchants that allow card fallback
  • Utilize dynamic authentication, biometrics, and tokenization
  • Set strong password requirements for online banking and encourage members to safeguard their information
  • Use positive pay for business checks
  • Only allow EMV at point-of-sale merchants and ATMs
  • Perform tests to determine if synthetic information can break through current systems
  • Report merchants that permit card fallback

Detect Fraud: Deep Diving into the Causes of Fraud

If fraud wasn’t prevented and it hits your credit union, pause and ask, “What caused this fraud? What hole in our data security needs to be plugged?” Answering these questions will help your risk management team dive deep into detecting the cause of fraud and taking steps toward preventing the same type of attack again.

For example, if your credit union experiences a card BIN attack, research to find out if your cards are issued in sequential or random order. If they have historically been issued in sequential order, immediately request that your card provider switch your issuance to random.

Additional fraud detection best practices include reviewing daily dollar limits internally, as well as with vendors and third-party product providers. 

Predict Fraud: Best Practices for Staying One Step Ahead

Among fraud prevention, detection, and prediction--prediction is the most challenging. However, with some stringent best practices, credit unions can stay ahead of the bad guys. Leveraging reports as well as education are key tactics to predict fraud.

  • Reports – Be on the lookout for suspicious MCC 4829 (Money Orders - Wire Transfers) codes. This is considered a high-risk code and is used for payment app transactions such as Zelle, PayPal, and Venmo.
  • Education – Communicate all current scams, both locally and nationally, with employees (especially front line) and accounting staff. Encourage members to check their accounts often for suspicious activity. Frequently remind members that your institution will never ask for certain information to validate identity.  Lastly, stay up to date with the latest industry insights and education.

For more information and fraud-fighting tips, listen to our webinar, Steps to Prevent Cyber Attacks and Digital Fraud.

About the Author