The numbers don’t lie: fraud losses are on the rise, with 61% of financial organizations reporting direct losses of over $500,000 in a 12-month period. In addition, 52% of mid-market organizations have pointed to an increase in attempted fraud events.

The key takeaway from these numbers? When you face fraud, you are not alone. It can feel incredibly alienating to experience an attack, but in today’s environment, the unfortunate truth is that we’re all under siege. While it’s not an experience any of us relish, it is one from which we can learn. By sharing our experiences, we strengthen our arsenals and protect against attacks, and the first step is knowing the scams making the rounds right now.

Today’s advanced attacks

Truthfully, today’s fraudsters are getting more sophisticated: More than 70% of attempted fraud events are coming from organized crime rings and professional criminals. Consider the following:

  • Call center targeted scams – These scams attempt to gain access to a customer’s account via the call center, changing contact information and rerouting legitimate accounts to non-legitimate users. And they have done their homework: They pass verification, have the customer’s information, and already know the bank’s security processes.

    To thwart these attacks, you have to build in out-of-band verification to reconfirm your client is requesting the changes.

  • Tokenization fraud with account takeover – In these cases, bad actors are taking over accounts by fraudulently provisioning Apple Pay or Google Pay to their own device(s) with stolen cardholder credentials. These attacks feel particularly personal, because the fraudsters have figured out that the funds often are unrecoverable for the bank.

    To fight against them, make sure your clients know they can contact you, their bank partner, directly when alerted to potential fraud from sources like Apple Pay. In addition, arm them with the latest information on scams. Essentially, help them not to be a victim of social engineering fraud. The FTC provides educational blogs that could help inform your clients in their “Anatomy of an Imposter Scam” series, including an excellent overview of how to identify verification code scams.

  • One-time passcode fraud – We are also seeing a rise in cases where fraudsters are tricking customers into providing their one-time passcode to their banking or card credentials. They pretend to be the bank with an urgent request to verify accounts or resolve issues, and then once they have that passcode, they can take over the account. And again, these scams are personal; banks aren’t eligible for chargebacks in these instances.

    To lessen the potential impact here, continued customer education is key. Reiterate that you won’t ever ask them for a one-time passcode, unless they contacted you directly, and that they should always call the bank directly before sharing any personal information.

These are only a few of the instances we see on a daily basis. Fortunately, whatever the fraud type, having a strong, informed, empowered team can help mitigate its effects. Your tellers and call center are your first line of defense; make sure they are equipped with the information they need to recognize a fraudster, and that they have the authority and confidence to act on it. Emphasize the need to maintain open lines of communication with your fraud team. In short, create a culture of, “If you see something, say something—and take action.”

Working together

Even the strongest team isn’t immune to fraud. Community banks must support one another to stay ahead of potential threats. We need to reframe some traditional cautionary wisdom to: “Fool me once, shame on you. Fool me—or my peers—twice, shame on me.”

So, utilize ICBA Community to connect with colleagues and reveal your experiences or ask questions. Because without a doubt, fraud will continue, but together, we are much stronger than we are apart.

Lean on ICBA Payments when fraud does occur (and it inevitably will) and make sure you are covered by our Fraud Loss Protection Plan (FLPP). Designed specifically for community banks, FLPP offers proven, trusted solutions to safeguard both your institution and your customers. Sign up to learn more at icba.org/flpp.