Check fraud is rampant: Here’s what you need to know
Decades ago, it seemed like the world was moving away from checks. With new digital payment types emerging—like PayPal, Zelle, and other embedded payment solutions—it was widely believed that checks would eventually phase out. As a result, banks put their time, money, and fraud risk management strategies towards creating what they felt customers needed most: a secure digital experience.
But things didn’t happen exactly as anticipated. While check use is certainly on the decline, people still use them, including three-quarters of retirement-age Americans, especially for higher-price purchases. And even if they are only used in a minority of transactions, the average value of checks has grown in recent years, from $1,908 in 2018 to $2,430 in 2021.
Meanwhile, as the COVID-19 pandemic caused the unemployment rate tosoar to 13%, so did interest in using paper checks to defraud consumers and financial institutions. Fraudsters realized that they could target blue boxes and United States Postal Service (USPS) workers to steal government aid checks, tax refund checks, and personal checks circulating through the mail. Fraud prevention systems were overwhelmed.
But blue-box check theft is just one example of the check fraud threat the financial system faces. In 2022, US consumers experienced $815 million in check fraud losses. The dramatic rise in check fraud reports has led the US government to sound a federal alarm for banks, fintechs, and credit unions. According to a letter from the US Senate, check fraud rose by 84% in 2022. Once thought to be on its way out, check fraud is now being treated as a national priority by the Financial Crimes Enforcement Network (FinCEN). Here’s what your organization needs to know.
Regulations hold banks liable for check fraud
Check fraud protection is bound by the Uniform Commercial Code (UCC), the legal framework that outlines the rules and regulations governing checks, including the timeframe for processing returns. The UCC governs how checks are to be processed, presented, and cleared through the banking system. In other words, it establishes consistent procedures to help ensure that checks are always handled according to the same set of standards.
UCC provisions, which may vary slightly by state, impose strict liability on banks that pay on forged, altered, or improperly endorsed checks. The UCC also defines specific time limits within which legal actions must be taken, which can impact a bank, fintech, or credit union’s ability to prosecute check fraud cases.
How to stay ahead of first-party fraud
How does someone commit check fraud?
To commit check fraud, fraudsters need only three things: account information, a check, and some creativity.
One common way fraudsters obtain checks is by stealing them. Almost any type of check can be stolen and used to commit check fraud, including:
Personal checks
Business checks
Tax refund checks
Social Security checks
Unemployment checks
Disability checks
To acquire a fraudulent check, a fraudster may steal a check themself or purchase a stolen check online, either from a seller on the dark web or—more recently—from instant messaging groups. Between 2022 and 2023, instant messaging groups coordinating the sale of stolen checks have reportedly grown by 500% on apps like Telegram, indicating that this trend shows no sign of slowing down.
Fraudsters can also create fake checks and commit check fraud — without stealing legitimate ones. If they have a routing number and an account number, it is possible to create a fake check and get it cleared. We’ll discuss this in more detail below.
A brief history of the evolution of fraud technology
What are the common types of check fraud?
Check fraud is categorized differently depending on how the check is handled by the fraudster. Most fraudsters will try to commit check fraud using one of the following methods:
Creating a counterfeit check
Altering a preexisting check
Forging a signature or endorsement
Creating a counterfeit check
A counterfeit check is a reproduction of a genuine check issued by a bank or an individual. Fraudsters create these checks with the intent to deceive and are not authorized by the account holder or the financial institution. Counterfeit checks are typically produced using advanced printing techniques or software to replicate the look and feel of real checks.
Altering a preexisting check
Check alteration involves modifying or changing a genuine check to misrepresent its original terms or value. Fraudsters don’t need a computer or high-tech setup to make an alteration. Common and affordable household products like nail polish remover or bleach can be used to alter a legitimate check. Known as “check washing,” the goal is to remove the recipient’s name and the check’s value, and replace it with the highest numerical value the fraudster suspects will clear undetected. Check alteration — which is arrogantly referred to as “glass fraud” by fraudsters because the checks always “clear” — can be challenging for banks and fintechs to detect.
Forging a signature or endorsement
Forgery focuses on creating false signatures to cash a check without the legitimate recipient’s consent. Forgers might use various techniques such as tracing or copying signatures, digitally replicating handwriting, or other means to mimic an authentic signature or endorsement on a check. While the UCC outlines provisions regarding unauthorized signatures, there can be challenges in proving forgery, especially if the signature is convincingly close to the genuine one.
Read our annual state of fraud benchmark report
The devastating end-game behind check fraud
Whatever type or method a fraudster is using, the check fraud endgame is almost always the same — deposit the bad check, withdraw the funds, and then let the inevitable check chargeback occur. Here are some of the ways that fraudsters use check fraud to their advantage:
- To commit new account fraud
A fraudster might open a new account and ask for temporary checks with the sole intention of using these checks to commit theft. They make quick withdrawals and take off with the funds before the checks have cleared and the bank, fintech, or credit union catches on to the scheme. - To commit check kiting (also known as check floating or paper hanging)
In this instance, fraudsters tend to open two or more accounts and make a series of deposits to minimize suspicion. They write checks from one account to another, even though they do not have sufficient funds to cover these deposits.
Fraudsters take advantage of the time it takes a check to clear in one account, by depositing it into another account before it’s been deducted from the first. Then, they repeat the cycle over and over, continuously shifting funds. The circular deposit activity is the fraudster’s key to effectively masking their fraudulent intentions until they profit and vanish. This allows them to commit fraud for a longer period of time and potentially steal more funds. - To trick an established customer
Even seemingly reputable long-standing clients can fall prey to check deposit fraud. A fraudster may pay a legitimate customer with a check that they genuinely believe is valid, only to realize after the fact that it's part of a sophisticated scam.
Fraud startups announce $100B in new funding
Timing is key to committing check fraud
As mentioned in the previous section, timing the withdrawal is everything when it comes to check fraud. Fraudsters must withdraw funds after they appear in the fraudulent account, but before the check bounces or gets flagged as fraudulent. To do so, they might use various channels, such as:
- Person-to-person (P2P) payment apps
Bank transfers or transactions involving payment cards typically take at least a day to clear. But with P2P payment apps, fraudsters can siphon away thousands of dollars in seconds, leaving little-to-no way to retrieve the money. - External account transfers
Shifting ill-gotten gains to another external account is another common tactic employed by fraudsters. This could be a bank account or a cryptocurrency wallet, the latter being especially difficult to trace. - Outgoing wires
US consumers reportedly lose millions of dollars each year to fraudulent outgoing wire transfers. Funds can be sent internationally, making recovery even more challenging. - ATM cash withdrawals
To commit check fraud, many fraudsters will obtain a debit card linked to the account where the fraudulent check is being deposited. With the debit card in hand, they withdraw funds from an ATM before the bank has time to flag the check as fraudulent.
Is fraud just another cost of doing business?
Check fraud is a gateway to other fraudulent activity
Check fraud is not usually a one-and-done crime. Fraudsters are opportunistic and will leverage stolen information in as many ways as possible before getting caught.
Personally identifiable information (PII) acquired from a washed check, for example, can be used for schemes like account takeover, credit card fraud, and money laundering. Recently, technologies like AI have made it easier than ever for fraudsters to create new synthetic identities to cash in on, enabling them to exploit the consumer and the financial institution for as long as possible.
Synthetic identities: Why fraudsters need imaginary friends
How Alloy helps you fight fraud
As check fraud continues to evolve, it’s up to banks to stay one step ahead of fraudsters. To combat check fraud effectively, banks, fintechs, and credit unions must adopt a holistic approach to fraud prevention that covers all entry points, whether in-branch or through remote deposit options.
The key to addressing check fraud effectively is to catch it quickly before it escalates and results in significant financial losses. Alloy’s robust Identity Risk Solution helps prevent and detect fraudulent activity with a focus on early detection through strong onboarding protocols, ongoing monitoring, and comprehensive fraud risk management:
1. Strong onboarding protocols
Alloy helps banks and fintechs establish robust onboarding protocols that verify the identity and financial history of their customers. By accurately verifying customers at origination, banks can prevent fraudsters from gaining access to their services. Alloy’s onboarding solution combines over 190 digital and physical data points for an onboarding experience that is just as strong in-branch as it is online.
2. Ongoing monitoring
Ongoing transaction monitoring can help you automatically flag suspicious check deposits. Alloy monitors changes made to personally identifiable information on any account. Freeze funds until you have time to review. Identify known patterns, like fraudulent checks that have been presented by a client before. Our platform includes real-time data from deny lists, and helps keep your banking customers safe.
3. Full customer lifecycle fraud prevention
Alloy leverages advanced fraud prevention tools to detect anomalies in customer behavior. This includes recognizing deviations from typical patterns in check usage, withdrawal frequency, and other transactional behaviors. Our largest-in-industry network of fraud signals leverages the entire customer lifecycle, including onboarding, transactions, and non-monetary events— to manage fraud risk before significant losses can occur.
Fraudsters work in real-time. Fraud prevention tools should too
Stop check fraud with Alloy
By knowing the importance of proactive prevention and rapid response to any potential fraudulent activity, banks can protect their assets and maintain the trust of their customers.
Learn how Alloy protects banks, fintechs, and credit unions against fraud
Sara Seguin is a principal advisor on fraud and identity risk at Alloy. Sara has over 16 years of experience in financial crimes within enterprise banks, including fraud, payments, risk, and identity.
