66e06ecd-f855-4119-b784-193811937ddc.svg?Status=Master&sfvrsn=448913a7_3/
ABAIS-Logo-1-(1)66e06ecd-f855-4119-b784-193811937ddc
.svg){kind=logo}
Compromised Credential Fraud Causing Spike in Counterfeit HELOC Checks
We have seen a spike in counterfeit HELOC check loss arising out of compromised credential fraud, where criminals enroll a current customer in online banking using stolen credentials without their authorization or knowledge. This type of fraud is a sister to "new account fraud," where a fraudster opens a brand-new account based on a fraudulent identity.
How it works:
Fraudsters obtain personal information such as names, birth dates, Social Security numbers, addresses, and phone numbers, through various means like data breaches, phishing scams, or the dark web. |  | This information is often combined with counterfeit identification documents and used to enroll in online banking using the victim's name without their knowledge or consent | | Once the imposter has full access to the victim’s account, fraudulent HELOC checks are requested and issued. |
This method circumvents the many controls banks have put in place surrounding wire transfers.
How can a bank reduce the risk of falling victim to this scam?
Consider adopting the following strategies:
- Implement a customer call back using core system contact information for each newly established online banking enrollment.
- Add a system authentication procedure for each new online banking enrollment.
- Implement a customer callback for checking verification on large HELOC checks (signature comparisons are inadequate because signatures are electronically lifted so they look almost identical).
- Utilize fraud detection software and flag for unusual customer behavior as well as increase in online banking registrations.