fight back

5 Layered Actions for Consumers to Fight Fraud

Are you a crime fighter? Most financial institutions hope so – and they are actively trying to hone your skills and habits. These days, there are few instances when logging on to a financial or medical account (or any account that contains sensitive information) when you are not asked to take extra steps to verify your identity or displayed a warning message about fraud – and how to avoid it.

These companies and institutions are investing in these educational initiatives for the welfare of their customers – and for themselves. This is because to successfully mitigate against increasingly sophisticated fraud tactics requires the tight partnership of companies and customers. As companies get better at detecting and defending against fraud and scams, fraudsters have shifted their sights onto the weakest link: us.

However, with just the following 5 Layered Actions for Consumers to Fight Fraud gained through my experience as a fraud prevention practitioner, we can transform ourselves from a potential victim to a crime fighter.

1. Updating our “Common Sense”

While common sense may feel like age-old wisdom, you may be surprised to hear that it must be continually updated. In practice, “common sense” can widely vary – by generation, geography, and social norms. I was reminded of this during my recent visit to India, when I suggested to my father that he enroll in a UPI (online P2P or P2B banking within India) or online banking.  His response was, “I am eighty-four years old and want to keep things simple and manageable!” What seemed to be common sense to me (i.e. taking advantage of the ease and convenience of online banking) was not common sense to my father (i.e. keep it simple by keeping to what one knows well).

Our increasingly digitally connected universe opens floodgates for new products and services. But this access to breadth of choice, speed and convenience also exposes our vulnerabilities by providing fraudsters new opportunities to exploit. As we buy more and do more, we expand our access and, consequently, our data footprint – a magnet for fraud. Therefore, in this brave new digital world, the new common sense probably falls somewhere between mine and my father’s.

The new common sense takes into consideration the benefits and security that new technology can offer, while ensuring that we have the ability to keep constant vigilance on the scope of our exposure – whether it’s our money, property, or personal information. We can start off by limiting our risk by curtailing the products and services that we use. Do we really need to maintain a Zelle, Venmo and a PayPal account? Do we need the boxes of extra checks that we probably won’t use? Should we sign up for this new product that we haven’t had time to learn more about? The new common sense is about mindful exposure.

2. Becoming More Aware

Becoming aware of and staying informed on current scam and fraud tactics can go a long way to helping prevent fraud. Most financial institutions now offer customers ongoing reminders of basic dos and don’ts, such as how to identify red flags and strong habits to practice. However, it is important to note that fraudsters are also learning from these educational initiatives, and exploiting new security measures by combining technology with social engineering tactics.

For example, many banks now require entry of an OTP (one-time passcode) as part of account login in addition to username and password. However, fraudsters can bypass this security feature by logging on to our bank account using usernames and passwords obtained from a data breach, then calling us under the pretense that they are from the bank calling us about an issue. The fraudster will then ask for the OTP sent to our phone (as a result of their login attempt) claiming that it is part of the “authentication process”. Once we tell them the OTP, they will successfully be able to sign in from their side. This scenario can be easily avoided if we are aware of basic dos and don’ts, which advises to never share an OTP sent to us.

Unfortunately, those who are not aware (especially vulnerable populations such as the elderly), will often fall prey to these tactics. As fraudsters continue to evolve their approaches, one simple habit will be helpful: when in doubt, do not provide the requested information until you have validated the source by contacting your financial institution directly. I usually just politely hang up and then call the number on the back of my bank card. We can begin by being an active consumer by being aware of fraud schemes to protect ourselves against exploitations by fraudsters.

3. Practicing Basic Hygiene

Just as we wash our hands to protect us against germs, we should have similar hygienic practices to protect our personal information and assets. This includes securing our digital devices and their content with strong passwords (and not using the same password for everything!) and leveraging new technology such as biometrics to provide an additional layer of security to make it harder for fraudsters to impersonate us.

Convenience and ease of access is what makes technology enticing to us, but what makes things easier for us also makes it easier for fraudsters. Where possible, avoid keeping sensitive information on your digital devices, and if you do, strive to password-protect or encrypt sensitive files. Additionally, do not store all your eggs in the same proverbial basket – just as you diversify your stock portfolio to alleviate risk, you should also diversify your passwords and where you store highly sensitive data.

4. Securing Digital Transactions

While the list of dos and don’ts for securing your financial and data transactions can be extensive, the primary purpose is to encourage consumers to actively ponder the potential implications and consequences of seemingly innocent actions. Every digital or financial transaction should be considered as a real risk of losing money or sensitive information. And this real risk can be greatly reduced by adopting the same cautious habits that you already employ in daily life, such as verifying who is knocking on the door before opening it, or only giving cash or information to people or institutions that we trust.

Just because something is digital and not physical, does not make it less vulnerable to loss or theft – the fact that it is digital can make it easier to steal. Fraudsters no longer need to expose themselves to the risk of stealing a physical object; they can now steal numerous digital assets from the comfort of their computers. Practice digital security by only using official banking apps, setting text alerts for when transactions occur (e.g. I receive a text every time my credit card is used), and not clicking on links from unfamiliar email or text senders, or sharing information with unverified callers. More dos and don’ts and secure and safe practices can be found in your bank’s educational materials on fraud and scam prevention.

5. Layering Security

While multifactor authentication has been the norm in most countries outside of the United States, the approach in the U.S. has often traded security for ease of usage. Any additional verification steps are viewed as cumbersome and a bad customer experience, discouraging financial institutions from implementing more robust fraud detection and safety protocols.

As banks and businesses have strengthened foundational security and fraud detection capabilities, fraudsters are targeting the weaker links (businesses or customers practicing weak security protocols) while continuing to evolve to more complex fraud schemes, making fraud detection even harder. As a result, effective security requires a layered approach, often combining digital and analog verification methods to combat these fraud tactics. We can strengthen banks or retailers’ fraud controls by proactively signing up for two (or multi)-factor-authentication for identity verification or customer notifications to keep ourselves informed in the event fraudsters breach certain authorization thresholds. Customers by encouraging more robust protection can avoid being a “weak link” target for fraud.

As technology continues to evolve at a faster pace and more advanced artificial intelligence is employed in how we live and do business, this will open new avenues for fraudsters to exploit.  By adopting these 5 steps and continuing to evolve our common sense and awareness as well as practicing strong habits, we can help ensure that we do not fall victim to fraud. In this digital world, even the strongest bank vault can no longer protect our personal and financial information – not when we ourselves are unknowingly giving away the key.

Tagged with: ,
Author: Virag Masuraha

With his 24+ years of experience in the Financial Industry Virag holds thorough knowledge of Financial Crime & Fraud data, analytics, modeling, and related intelligence across the customer and fraud lifecycle. He has extensive experience driving data and analytics strategy, analytical programs, advanced analytics (big data & AI-ML, entity linkages, network, and Machine Learning capabilities), and cyber & digital fraud strategies across Consumer and Commercial portfolios. Virag holds an MBA from the Kellogg School of Management, Evanston, IL and a Masters in Engineering from Vanderbilt University, Nashville, TN. On a personal note, Virag lives with his wife and two children in West Chester, Pennsylvania. He collaborates with other cofounders to run “Banda Unnayan Foundation”, a Non-Profit organization in his hometown in India to help financially challenged young promising students in achieving their full potential.