ABA Banking Journal
No Result
View All Result
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive
SUBSCRIBE
ABA Banking Journal
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive
No Result
View All Result
No Result
View All Result
Home Cybersecurity

Five Top Fraud Risks for Banks

September 20, 2018
Reading Time: 5 mins read

By Julie Knudson 

They say the one constant is change, and the fraud landscape proves it to be true nearly every day. The cat-and-mouse game between criminals and banks is one of continuous evolution. Security teams deploy new technologies to prevent fraud, and soon after the fraudsters find new ways to carry out their schemes. Fraud continues to become more digitally oriented—and more targeted. 

Business e-mail compromise a right-now problem 

Traditional fraud still happens, but the immediate nature of our cyber-everything world is upping the stakes. Business e-mail compromise, through which a fraudster poses as an executive or even a customer in an attempt to get a bank employee to inadvertently release money or something else of value, is one scheme that relies heavily on today’s instant communications. “Click on this link right away, I need this,” says Sepideh Behram, CAFP, principal VP and Bank Secrecy Act and sanctions officer at Burke and Herbert Bank in Alexandria, Va., describing one of the most common BEC approaches. “It’s that sense of urgency that gets built up in communications.”  

Complicating matters is that criminals are becoming more adept at conducting due diligence on bank executives and employees. Senior leaders are often quick to announce important business trips—potentially involving multiple high-ranking team members or travel outside the country—on social media. “Someone is mining that data somewhere,” Behram warns. Something as seemingly innocuous as posting photos from a conference can give criminals enough information to quickly research the bank’s operations, fill in a few blanks, and compose a BEC attack that leverages professional connections or business-related events. 

Phishers get savvier 

TOOLKIT >

Learn more about protection your bank and customers from fraud at the ABA/ABA Financial Crimes Enforcement Conference, Dec. 2-4 in National Harbor, Md. Register at aba.com/fce.

Akin to BEC scams, phishing scams continue to be popular—tried, true and still successful. “Their end target hasn’t changed much,” says Ian Breeze, director of strategy development at Cyxtera Technologies, which ABA endorses for anti-phishing and digital threat protection. “They’re still going after money or some other kind of reward.” But these schemes are no longer run by the “Nigerian prince” you might have heard from in the 1990s. Today’s phishers have better grammar, enviable attention to detail and a sophisticated network of phony websites to make them harder to catch. 

With more consumers navigating the Internet on a mobile device, Breeze says, “the phishers are using this and changing their attacks.” Because their pursuers—security teams from banks and law enforcement agencies—typically use laptops or desktop computers to hunt them down, phishers can easily distinguish between prey and predator. “They’ll set up the phishing website to only register on mobile phones so it’s harder to find,” Breeze explains. Or the site may only show up the first time a potential victim visits, or appear only to visitors whose geolocation data matches the scammer’s preference. “As a phisher I can play with how to best market my websites to get a higher proportion of victims,” Breeze says. Just as banks use online marketing tools to connect with customers, fraudsters now use them to find victims. 

Fraudsters target vulnerable populations 

Technology can also be an effective tool in the hands of a fraudster intent on victimizing society’s more vulnerable demographics. “We have an aging population and people are living much longer, so elder abuse is on the rise,” says Tanweer Ansari, CRCM, who is SVP, chief compliance officer and BSA/Community Reinvestment Act officer at First National Bank of Long Island in Glen Head, N.Y. Between strangers looking to make a quick buck and caregivers—whether they’re family members or paid providers—a wide variety of attackers are preying on the elderly. “That population is very vulnerable, so we need to look out for that,” Ansari says. 

Human trafficking is another fraud area Ansari says is on the rise. Though typically thought of as a decidedly non-U.S. problem, human traffickers are everywhere and they’re running rampant under the radar. “It’s the exploitation of individuals for monetary gain,” Ansari says, adding it could be anything from escort services to child labor to forced enslavement. “That whole area is on the rise and I think there’s a lot of fraud that’s tied with it.”  

Card compromise: Skipping the chip 

When it comes to fraud, “you plug one hole and it pops up somewhere else,” says Canh Tran, co-founder and CEO of Rippleshot, which ABA endorses for its automated card compromise detection platform. So goes the story of card compromise, where the shift to EMV strengthened the security picture at the point of sale but made card-not-present transactions a nearly irresistible fallback for crooks. The result? “Online fraud has gone up,” Tran says. Additionally, staggered compliance dates in the EMV liability shift schedule gave fraudsters some less secure avenues to exploit and extra time to find the weakest links. 

The implementation of EMV technology made point-of-sale terminals problematic for skimmers and other card compromise schemes, so most of them went somewhere else. “A lot of merchants were pressured to go to chip readers, but gas stations had a reprieve from the networks until 2020,” Tran explains. The issue quickly became so concentrated that banks and media outlets now routinely remind customers to be mindful about where they gas up and to pick a pump that’s in the clerk’s line of site. Though card compromise isn’t a new problem, fraudsters are getting better at aggregating all the consumer information they steal, and Tran says banks need to have more holistic systems to stop them. “Right now they’re segregated, but they need to find a fraud solution platform that’s somewhat integrated and works across AML, card compromise, and other fraud areas in a way that makes it more efficient.” 

Synthetic identities are more than the sum of their parts 

The rise of synthetic identities is another risk that’s rising. “There have been data breaches where they’re taking massive amounts of personally identifiable information from banks, and criminals are able to piece together pieces of information from different parties,” explains Ryan Rasske, CERP, CAFP, ABA’s SVP responsible for serving bankers in risk and compliance areas. One victim’s name and social security number may be paired with someone else’s address and another person’s phone number, for example. “All of it is real data and all of it will potentially check out when scanned against systems, but the real person won’t really know it’s happening because they’re only a third of the identity that’s created,” Rasske says. 

What’s particularly worrisome about this new method of compromising the systems used to validate identities at account opening is that it’s working. Technology, though potentially able to spot these jumbles of authentic data, may actually be making fraudsters’ jobs easier when it comes to using synthetic identities to set up new accounts or conduct account takeovers. “Financial institutions are finding better, faster ways of doing things but sometimes the operational piece lags behind,” Rasske says.  

Simply put, customers prioritize convenience. Any friction could push them to look elsewhere for products and services. Rasske says that payments and other transactions “happen so fast today that by the time you realize there are operational deficiencies, who knows how many transactions were processed.” If other banks have the same operational weaknesses—and the same internal silos that hamper information sharing across departments—the lack of effective controls against synthetic identities will continue to be magnified across the industry. 

JULIE KNUDSON is a frequent ABA Banking Journal contributor. 

Tags: Cyber crimeCybersecurityFraudIdentity fraudRisk management
ShareTweetPin

Author

Julie Knudson

Julie Knudson

A freelance writer in the Pacific Northwest, Julie Knudson is a frequent contributor to the ABA Banking Journal.

Related Posts

Poll: Small business owners optimistic about the future

Bank survey: Small-business growth continues amid economic uncertainty

Economy
July 9, 2026

Many small businesses are still expanding despite ongoing economic pressures and rising costs, according to a new survey by U.S. Bank.

ABA, BPI support proposed process to create drone no-fly zones

ABA, BPI support proposed process to create drone no-fly zones

Compliance and Risk
July 7, 2026

In a joint letter to the FAA, ABA and BPI said that unauthorized unmanned aircraft activity near financial institution sites can create “obvious and legitimate risk” to physical security as well as cybersecurity, as the technology can be...

How to Talk About Your Bank’s Fintech Collaborations

The trust dividend

Technology
July 7, 2026

How regulatory and consumer expectations are shifting how partner banks compete for fintech deposits.

FCC grants ABA-requested extension of ‘revoke all’ rule’s effective date

ABA joins with consumer rights group to protect fraud alerts

Compliance and Risk
July 1, 2026

ABA joined with the National Consumer Law Center and ACA International in proposing to the FCC a rewrite of the “revoke all” rule. The rule is set to take effect on January 31, 2027, but the FCC is...

FDIC’s Hill: Standards-setting organization could spur bank-fintech partnerships

Lawmakers seek study of bank-fintech partnerships

Community Banking
June 26, 2026

Lawmakers in the House and Senate have introduced legislation to require banking agencies to study partnerships between financial technology companies and small- to medium-sized banks and credit unions to see how such arrangements could improve communities.

The Clearing House to launch tokenized deposits system for banks

ABA raises concerns about proposed ACH return timeframe revisions

Newsbytes
June 26, 2026

ABA said it opposes a proposal by Nacha to modify Automated Clearing House return timeframes, pointing to the high costs that would be imposed on financial institutions, particularly smaller banks.

NEWSBYTES

ROAD to Housing Act becomes law

July 11, 2026

ABA DataBank: Rates and oil diverge

July 10, 2026

Regulators close Indiana’s Kentland Federal Savings and Loan

July 10, 2026

SPONSORED CONTENT

Why Your Systems Keep Slowing Down — and What to Do About It

Examiners Are Now Looking at Your Non-Core Systems

June 11, 2026
Your Floorplan Audit and Your Credit Decision Are Weeks Apart. That Gap Has a Price.

Your Floorplan Audit and Your Credit Decision Are Weeks Apart. That Gap Has a Price.

June 1, 2026
A Modern Blueprint for Serving High-Net-Worth Families

A Modern Blueprint for Serving High-Net-Worth Families

May 28, 2026
Why Your Systems Keep Slowing Down — and What to Do About It

AI Is in Your Bank. Is Your Cloud Contract Governing It?

May 20, 2026

PODCASTS

Podcast: Understanding the 2025 Home Mortgage Disclosure Act data

July 8, 2026

Podcast: Financing America’s independence

June 29, 2026

Podcast: Talent and innovation in community banking

June 18, 2026

American Bankers Association
1333 New Hampshire Ave NW
Washington, DC 20036
1-800-BANKERS (800-226-5377)
www.aba.com
About ABA
Privacy Policy
Contact ABA

ABA Banking Journal
About ABA Banking Journal
Media Kit
Advertising
Subscribe

© 2026 American Bankers Association. All rights reserved.

No Result
View All Result
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive

© 2026 American Bankers Association. All rights reserved.