Content Library

Why is it so easy to misidentify fraud?

Correctly distinguishing between fraud methodology and fraud type is of the utmost importance to fraud prevention. However, banks, fintechs, and credit unions still struggle to classify fraud — leading to missed opportunities to stop it.

Misidentify fraud header

If a fraudster opens several different bank accounts with a fake identity, uses those accounts to deposit a fraudulent check, and then withdraws $250,000 in funds by wire, is that classified as transactional fraud or synthetic identity fraud? Or both? And, if the bank chooses to classify it by the methodology (transactional), do they also put measures in place to protect against the fraud type (synthetic identity fraud)?

On the other hand, since the fraudster wired money out of the account, is there a chance that the whole incident could be reported as wire fraud? If so, then the bank completely misses important details about the transactional and synthetic identity fraud in favor of focusing on the channel where the fraud took place.

When an organization cannot or does not correctly identify both fraud methodology and fraud type, it creates gaps in fraud reporting. These gaps allow bad actors to move across channels, using similar tactics, without being caught. It also negatively impacts fraud analytics and the subsequent creation of new fraud prevention strategies.

Even though fraud classification is so important to prevention and mitigation, this example highlights why it is still a struggle for most organizations. Fraud is multi-faceted, complex, and ever-changing. However, organizations can adapt — starting with a shift in mindset — to become better, smarter, and more proactive when it comes to fighting fraud.

Download Alloy’s free Annual State of Fraud Benchmark Report.

Fraud prevention teams still focus on transactions as opposed to identity.

Simply put, in traditional fraud prevention models, organizations monitor customer transactions and activity to spot abnormal behavior. If this indicates fraud, the organization puts a stop to it, and hopefully applies those learnings to future fraud prevention measures. While that all makes good sense, it leaves the most critical factor out of the equation: identity.

Identity is at the center of all fraud. Behind every fraud incident is a real person or group of people who want to steal money. Understanding the action, but not the person’s identity, is only half the information. It would be like a detective proving a crime was an elaborate grand theft, but then never attempting to find the thief. When banks, fintechs, and credit unions only view fraud in terms of funds being stolen, instead of people stealing money, that is an incomplete picture of fraud that weakens fraud prevention strategies.

If your fraud model is only focusing on transactions, then your fraud model is broken.

Focusing on transactions does not always prevent fraud; it just moves to a different channel.

An example: a business account is opened in a branch at a financial institution, but the individuals — who claim to be the ultimate beneficial owners (UBOs) — are not screened for fraud during origination because the bank does not have an in-branch fraud prevention strategy in place.

After the account is opened, the bad actors make fraudulent mobile deposits. These mobile deposits are detected, and the fraud is stopped, but the financial institution does not identify their in-branch account opening process as an entry point for the fraud, or confirm that the “UBOs” used synthetic identities from the start. So, although multiple channels were impacted, the bank still only relies on mobile deposit controls for fraud detection. This leaves the branch's new account opening process vulnerable to the possibility of additional fraud.

Focusing on transactions could also cause more customer friction.

Focusing on transactions, as opposed to identity, also makes it more difficult to strike the right balance between fraud protection and customer experience. Let’s say that a customer always uses the same device in a similar geographical location.

But suddenly, there is a new login on a different device — an action that is not aligned with the customer’s historical behavior. Then, there are several high-dollar external transfers. The customer has never performed external transfers before, let alone to these payees. The bank notices this inconsistency and freezes the account, but only after the funds are already gone.

Because the bank did not focus on the inconsistencies during login, they were not able to freeze the account in real-time before the funds were transferred. The funds were extracted, so the customer needed to report the fraudulent transfer and wait to be reimbursed, which impacted their ability to pay important bills like their mortgage. As a result, they no longer felt secure, closed their account, and moved on to a different bank.

While this is a very simplified example, it shows that without the fraud prevention strategies receiving real-time information about the customer’s identity, caused unnecessary friction, ultimately leading to a loss of business.

Gaps in fraud reporting

Difficulties distinguishing between fraud methodology and fraud type

In Alloy’s Annual State of Fraud Benchmark Report, bust-out fraud was identified as one of the most common occurrences of fraud in both the US and the UK (18%). However, both identity theft and synthetic identity fraud appeared to have lower prevalence. According to respondents, identity theft accounted for 13% of fraud, while synthetic identity fraud only accounted for 6%.

While a fraudster can use their own identity to exploit existing accounts and commit bust-out fraud, they can also commit bust-out fraud using stolen or synthetic identities. However, when fraud reporting is focused on transactions, organizations are more likely to classify and report an event according to its methodology, like bust-out fraud, without reporting the associated fraud type, like identity theft or synthetic identity fraud.

Without these deeper insights, fraud prevention teams cannot create the most targeted, proactive, and adaptive strategies. Fraudsters are more likely to continue targeting these organizations, knowing that they can use the same underlying tactics successfully on a different channel if they happen to be caught on another.

Read more about the top themes in Alloy’s Annual State of Fraud Benchmark Report.

The channel of execution vs. the entry point

These gaps in fraud reporting also make it much more difficult to track fraud incidents across different channels. Take this example of identity theft and account takeover fraud: a bad actor obtains a customer’s personally identifying information (PII) on the dark web, contacts their bank’s call center, provides answers to the security questions, and manages to change the account password. Then, they use an ACH transfer to move funds, drain the account, and disappear.

In this instance, the fraud was executed on an online channel, but its entry point was actually a human touchpoint via the call center. However, if the bank’s fraud reporting focused on transactions, then it is likely that they will lead with the channel of execution and fail to report the entry point.

Checklist misidentifying fraud inline 1

What are the consequences of these gaps in fraud reporting?

When gaps in fraud reporting occur, organizations are much more likely to get stuck in a cycle of reactively preventing fraud after transactions take place instead of proactively preventing fraud as soon as possible. Using the example of account takeover above, let’s walk through how this cycle potentially plays out:

  • The bank classifies the incident as an account takeover, but does not take the entry point of the call center into account.
  • The bank loses a chance to tighten up the call center’s security measures and stop more fraud in the call center channel.
  • The call center remains a point of vulnerability. In other words, it is still an available channel for bad actors to exploit and commit more fraud.
  • If the bank classifies the incident as an account takeover, but does not indicate either the digital channel where the fraud occurred or the ACH transfer as the method of extraction, those remain points of vulnerability as well.
  • Now, the bank might suffer higher financial losses in addition to loss of trust and damage to its reputation.

Again, the importance of correct and holistic fraud classification is clear. Without properly accounting for all factors — fraud methodology, fraud type, channel of execution, and entry point — fraud risks are likely to remain or even increase.

Do not oversimplify your fraud prevention strategies.

Oversimplifying fraud prevention strategies opens up organizations to a greater amount of risk. To proactively prevent fraud, banks, fintechs, and credit unions should be willing to take the following actions:

  • Acknowledge, invest, and continuously iterate on layered fraud prevention strategies
  • Recognize the importance of identity throughout the customer lifecycle for early detection
  • Take a nuanced approach to fraud prevention and mitigation that does not add customer friction to the workflow

Fraudsters do not stop if their tactics are blocked in one channel. Instead, they just move on to the next one. Unless banks, fintechs, and credit unions begin to use an omnichannel approach to fraud prevention — integrating multiple data sources to detect and mitigate fraudulent activities across various touch points — fraudsters will continue to test vulnerabilities and exploit the ones they find. 

How Alloy’s omnichannel solution can help

In Alloy’s Fraud Report, 75% of organizations said that they plan to invest in an Identity Risk Solution in the next 12 months to combat fraud. An Identity Risk Solution like Alloy provides:

  • More holistic visibility into identity to help prevent fraud from occurring before transactions take place
  • A singular view of data to better identify and track when fraud moves from one channel to another
  • Unified customer profiles that can be continuously reviewed
  • A comprehensive testing hub where the projected outcomes of new policies or changes can be viewed prior to implementation

In short, Alloy helps banks, fintechs, and credit unions better identify fraud not only during onboarding, but throughout the entire customer lifecycle. 

Alloy is an omnichannel solution that integrates seamlessly into your platform to manage identity, fraud, credit, and compliance risks throughout the customer lifecycle.

Related content