How to Prevent Fraud Before it Happens

Listen to How to Prevent Fraud Before it Happens (10 min):

The Anatomy of Fraud Lifecycle

Before we delve into how to prevent fraud before it can happen, we should first have a refresher on how a fraud attack works. As I’ve discussed before, there are three distinct stages to each fraud attack: Customer (or fraudster) access, execution, and monetization.

For fraudsters, the customer access stage is when bad actors research potential targets for their scams. During this stage, fraudsters collect sensitive data such as account information or login credentials. Depending on how much information they have access to, some fraudsters will monitor their victims’ accounts for long periods. This enables them to learn important information, such as when a potential victim receives their salary, and prepare their next move accordingly.

The execution stage is when fraud actually occurs. Fraudsters might attempt to defraud targets using tactics like authorized push payments, in which they manipulate their victims into sending them money in real-time. They could also breach their victims’ bank accounts using an account takeover attack and then transfer money to mule accounts or synthetic accounts they control. 

In the final stage of monetization, the fraudster pockets their ill-gotten gains. Fraudsters operate with a for-profit mindset. They will look to reap the profits of their scams either by withdrawing money transferred to their account as cash, converting it to a digital wallet or currency, or using it to buy goods or legitimate services.

How Fraudsters Fake Good Behavior

Financial institutions – and often their customers – tend to view fraud primarily through the lens of the execution stage. However, this is a narrow lens through which to view fraud. Execution, or when FIs and consumers discover fraud, is the middle stage – not the beginning – of an attack. 

Fraudsters do their research during the customer access stage, and work hard to bypass an FI’s fraud prevention systems and study their targets’ habits. This period is critical to the fraudster’s goals because, in all likelihood, they realize they will only have one shot to defraud their victim. This means they will commit account takeovers but hold off on transferring funds until they understand when the account reaches its maximum value and their target’s typical patterns. 

In the meantime, fraudsters ensure the devices and digital footprint they use are trusted by the account holder’s bank or FI. In pursuit of this effort, fraudsters perform smaller activities to build up a baseline of normal behavior. This could include checking the account balance or reviewing old statements. By taking these seemingly harmless steps, the fraudster might be able to give the false impression to FIs that their device is trustworthy.

In another scenario, fraudsters use money mule accounts for both monetization and preparation. To establish trust with their banks, they might move small sums of money between their mule accounts. Moving these funds around establishes connections to the accounts, so it’s less suspicious when they transfer a larger amount of money.

How to Stop Fraud Before it Happens

By the time FIs and customers realize a fraud attack has occurred, it’s most likely too late to do anything about it. It’s like trying to unring a bell or unbreak a broken glass; it’s an ineffective response to fraud after the fact. It can also be confusing for both customers and businesses because if fraud is prevented, how will they know – in other words, where’s the smoking gun?

So what is an effective fraud approach? Prevent fraud from occurring in the first place. This approach requires stopping fraud at the earliest stage. If done correctly, FIs can stop fraud during the customer access stage so fraudsters can’t scam customers in the first place. 

5 tips to stop fraud before it happens

Here’s what banks can do to prevent fraud before it happens.

Apply what you know

Several factors indicate fraud. A specific transaction might be considered low-risk on its surface. However, if the bank has previously seen similar transactions that proved fraudulent or risky downstream, they can flag it as risky. Banks should apply the lessons learned from previous fraudulent activity and prepare themselves to stop new fraud attempts. This knowledge provides banks with early indicators of what fraud looks like in its early stages and a means to stop it before it can occur.

Follow the risk

Let’s say a mobile device is used to access ten bank accounts or credit card accounts in a single day. One of those accounts goes on to suffer from fraud, such as a card-not-present attack. If one account connected to the mobile device is compromised, the odds of the other nine being at risk massively increases. Understanding these connections can help FIs get ahead of fraudulent activity and proactively take steps to keep their customers safe when warning signs of fraud first emerge.

Disrupt the fraudster’s network

The crucial step for a fraudster is to cash out their ill-gotten gains. Some fraudsters use mule accounts to transfer small amounts of money to other accounts they control to establish a relationship between the two accounts. The goal is to build a history of payments between the different accounts to ensure that the transactions are not flagged as fraudulent. Banks can learn if a device connected to a risky transaction is linked to another account that has not yet experienced fraud. Linking these accounts allows banks to understand which accounts are connected to fraudulent activity and disrupt fraudsters’ monetization efforts. 

Use the data tools you have

Detecting fraud and preventing fraud are similar but different concepts. It’s easier to keep records of fraud that is known and detected. However, as FIs embrace and shift to fraud prevention strategies, they need to demonstrate the effectiveness of their solutions with concrete data. Tracking important metrics such as the rate of false positives will gauge how much fraud an FI has prevented and where are opportunities for improvement. Banks need to use the tools they have to demonstrate their effectiveness at preventing fraud.

Communicate (effectively) with your customers

FIs need to build a communication strategy for how and when they will contact customers about their fraud prevention efforts. Banks should find the right communication balance that assures they are actively preventing fraud while not causing unnecessary frustration or anxiety. If a bank’s fraud prevention measures automatically close a user session because it detected suspicious activity, the bank can notify the customer by email, text, or phone. However, if the bank issues multiple alerts, they could undermine customer confidence in their ability to manage fraud prevention. On the other hand, if there is no communication with customers and fraud is discovered later, the customer may resent the bank for not being more transparent. Finding the right balance is critical to building digital trust with customers. At the end of the day, fraud prevention is about building relationships and trust. It’s a moment of truth that can build strong customer ties if done well – but could undermine trust if it’s done poorly.

Stopping fraud before it happens requires FIs and banks to re-think their traditional approach to fraud. Banks need to understand how the fraud lifecycle unfolds, how fraudsters fake good behavior, and then implement strategies and controls that nip fraud in the bud before it happens. 

Digital trust is the foundation of today’s connected economy. Watch 4 Key Elements of Digital Trust to learn how banks can ensure digital trust across the customer journey.