By Sheryl S. Jackson

The increase in e-commerce and online financial transactions throughout the pandemic has called for enhanced monitoring to identify potential fraud in debit and credit card transactions, but credit unions are also reporting an overall increase in fraudulent activity — some of it not commonly seen before 2020.

As people worked from home and connected with others through social media and even video game chat rooms, there was an increase in the number of members who acted as “money mules” for others — depositing fraudulent checks into their accounts, keeping part of the money as their commission or payment, then transferring funds to another account or person.

Fraud Takes on New Forms

“Sometimes it begins as a romance scam with our member thinking they are helping a new romantic partner by depositing what appears to be a payroll check,” says Jennifer Akes, compliance specialist at Service First Federal Credit Union. “People have been more susceptible to these romance scams due to the isolation of working from home and inability to be with friends and family.”

“Some of the checks are real, but they are unemployment checks that were obtained with fraudulent applications to the state,” says Erica Hoover, assistant vice president of deposit and branch operations for Service First and the credit union’s Bank Secrecy Act (BSA) officer. Credit union members will deposit the check because they are told that their new friend does not have a checking account. “The majority of the time, our members do not realize that they are part of the fraud — and liable for illegal activity.”

“We almost never dealt with this type of fraud before 2020, but there has been a significant increase,” says Brian Munsterteiger, vice president of enterprise fraud at Randolph-Brooks Federal Credit Union. Although there are some members who are tricked into believing that they are helping a newly-acquired friend or romantic partner, there are also some members who are interested in the money they receive for participation. “Members will get a message via social media that if they have an account at a particular financial institution, they should tap a link, then they receive a direct message with more specific guidance,” he says. “The criminals are very knowledgeable about our system and can direct the members on how to use our ATM for deposits or how to make an e-deposit to put the check into their account.”

There has also been a rise in smishing — the text message version of email phishing, says Darla Huff, vice president and chief risk officer for Visions Federal Credit Union. “A member will get a text message purportedly from Visions asking for verification of login or other personal information, which we would never do,” she explains. Although people are more aware of the risk of fraudulent email messages, they are not as skeptical of text messages, especially if the message names their credit union.

Enhanced Fraud Detection

To fight the increase in fraud, credit unions are enhancing their ability to identify and prevent fraud.

“Our member-facing employees are our first line of defense,” explains Hoover. “We conduct ongoing training with employees so they know how to recognize potential fraudulent transactions and escalate their concerns to a BSA employee.” While the front-line employee may gather information by asking questions, they do not confront the member, she says. If a member comes in to make a deposit and makes an immediate wire transfer, the front-line staff’s notification enables the BSA staff to review the transaction before approving it or wiring the funds, she explains.

“We’ve also edited the reports we monitor to broaden the range of transactions to include unemployment and stimulus payment deposits,” says Akes. “When we see new trends and new types of fraud, we share that information with employees at monthly training sessions.”

Increasing the review and validation of unemployment checks is another step that Visions has taken, says Amie Reilly, risk mitigation manager for the credit union. In addition to reviewing ACH payments, checks that are deposited remotely — via mobile apps or ATMs — are also reviewed for legitimacy, she adds.

“We also reduced the limit to deposit, so members would not have access to deposited funds immediately,” says Munsterteiger. He does point out that holds are limited on deposits made via e-deposit. “We focus on money leaving the account and look for patterns.”

One limitation of many fraud detection programs is the lack of integration of debit and e-deposit transactions, but Randolph-Brooks uses a “homegrown” online banking platform that they can easily tweak, says Munsterteiger. The most critical change made in the last year was to solve the problem of siloed debit and e-deposit transactions. “We can now segment debit card holders following an e-deposit by placing the account into a segment for a short time to monitor transactions — looking for a quick peer-to-peer withdrawal through platforms such as Venmo,” he explains. “One of our analysts will call the member to ask about the transaction.”

Conversations with members can be tricky because they may be willingly participating in the scam, points out Munsterteiger. “They usually say that their debit card was lost or stolen and they forgot to report it,” he says. “Unfortunately, some members may have been scammed and do not realize it until we call.”

Keeping Employees and Members Alert

Communicating the threat of scammers and fraudulent transactions is a mix of signage in the branch, website notices, newsletters to members and social media posts, says Munsterteiger. “We’ve had some nice social media campaigns that remind members not to give out information if they did not initiate the call,” he says. This message is important because spoofing software enables the fraudsters to make it look like the call is coming from the credit union, he says. “We make sure members know we will never ask them for account information such as full account numbers, social security numbers or other personal information.”

Staying on top of trends is an important component of fraud prevention, and one way that Visions learns about emerging trends in their area is involvement in security groups, says Reilly. “We chair or are members of several security groups that include police, Secret Service, FBI and other local financial institutions, and we meet periodically to discuss what trends we are seeing,” she says. Not only does this involvement maintain relationships with law enforcement and other financial institutions, but the ability to hear about potential new scams helps the team at Visions be more proactive, she adds.

“It is important to realize that fraud is always changing with new variations of old frauds reappearing,” says Akes. “Reaching out to other credit unions through NAFCU [Networks] can also provide valuable information.”