Beware of fraudulent wire transfer requests

In 2006, we published a bulletin which reported on a large “deposit and wire back” scam that affected a community bank and one of its commercial customers to the tune of almost $1,000,000. In this particular instance—as with these types of tricks in general—consumers are duped by lucrative offers to make money by depositing checks into their account and then wiring a portion of the funds to a third party. It is only a short time after the wire is sent that it is learned the checks deposited were altered or counterfeit.

Fraudulent wire transfers are just as prevalent today despite increased vigilance for fraud on the part of consumers and bankers. While much has been written about these schemes and how to avoid them, bogus wire requests continue to be a source of loss for community banks, even those who follow verification procedures.

Recently, a community bank and several of its customers were targeted in a relatively straight-forward scam. A caller purporting to be a legitimate bank customer contacted the bank, asking that the customer’s home and business phone numbers be changed. The imposter apparently provided satisfactory security information to the bank’s customer service representative, who thereby completed the request.

Several days later, a person posing as the customer called to request a transfer of funds between accounts and a corresponding international wire transfer of over $350,000. The bank representative, following the bank’s standard wire transfer verification procedures, instructed the caller to fax a signed wire transfer request to the bank, which the imposter did immediately. Before the wire was sent, the bank placed a verification phone call to what they believed was the valid phone number of the account holder. They received confirmation and sent the wire.

Days later, a second victim was targeted. Earlier, the victim’s phone and fax numbers were changed as they had been in the first case. A caller claiming to be the valid account holder requested a wire transfer. The bank, again following procedure, faxed a wire transfer request form to the caller. The person called back the next day stating he had not received the form. He provided an alternate fax number and ultimately received the form. It was completed and faxed back to the bank. However, because the request form was apparently faxed to an alternate number, the bank took the additional step of comparing the signature on the form with the signature card used to open the account originally. Noticing the signatures did not match, the bank called the customer using the phone number on the signature card—NOT the number in the bank’s computer system (which had been changed)—and the fraud began to unravel. A similar attempt on a third victim was subsequently thwarted.

It can be difficult to detect fraudulent activity. Sometimes even the most benign event can be the start of a serious problem. Here, the bank followed their verification procedures and still suffered a loss.

While it is impossible to prevent all criminal activity, a bank’s best defense is to educate frontline employees to be on the alert for suspicious or unusual activity and immediately bring it to their supervisor’s attention. For instance, does the transaction follow the pattern of typical account behavior? The victim in this case was a longtime customer of the bank and had never wired money at all during their relationship, let alone internationally.

The old adage “know your customer” continues to be relevant, even in today’s electronic age. Encourage your staff to ask questions and explain the recent scams we have seen.

Certainly not every wire transfer is fraudulent. However, we continue to see large losses associated with bogus transfers and we encourage you to closely scrutinize all requests as part of your normal verification procedures.

Any discussion relating to policy language and/or coverage requirements is non-exhaustive and provided for informational purposes only. For details on coverage provided by your specific policy, please refer to your policy.