Financial fraud: Common trends and how to protect yourself

What are some of the most common fraud typologies nowadays?

“These include any type of authorised push payment scams. According to the EU, this currently includes eight modi operandi such as invoice and mandate scams, purchase scams, investment fraud, romance- and advance fee fraud, CEO scams and impersonation scams, among others. In 2022 in the the UK alone, the financial losses related to authorised push payment scams amounted to close to GBP 500 million.

Additionally, the industry is still confronted with a lot of business email compromise. This involves the use of fake or compromised email accounts to impersonate a company’s executives or employees and trick others into transferring funds or disclosing confidential information. It is therefore still crucial to conduct call backs in case of unusual transactions.”

Could you explain in more detail what authorised push payment scams are?

“Authorised push payment scams happen when a person or business is tricked into sending money to a fraudster posing as a genuine payee. In most cases, the fraudster hacks the email account of a client, vendor, or supplier and checks out the current correspondence and sends, for example, a forged invoice to the victim, who happens to be expecting one. Such scenarios can only be detected if clients and staff are attentive, or with sophisticated unusual transaction monitoring capabilities. In addition, most of these scams start with a phishing, smishing, or social engineering attacks. These are still the key drivers for further fraud.”

Have there been any developments with regard to investment scams?

“One that comes to mind is a phenomenon known as ‘pig butchering’. This is a combination of a romance scam and investment fraud. With this modus operandi, criminals build a trusted relationship with the victim and convince them to invest savings in fraudulent cryptocurrency trading platforms. The scam is perpetrated over time, resulting in the loss of large amounts of money.”

How can individuals and organisations protect themselves from these types of fraud?

“Be wary of unsolicited emails or phone calls, avoid clicking on links or attachments from unknown sources, use strong and unique passwords, regularly monitor bank and credit card statements for suspicious activity, and keep software and security systems up to date. It is also important for organisations to have appropriate policies and procedures in place to detect and respond to fraud, and to provide regular training and education to employees to help them recognise and prevent these types of scams.

Fraudsters are constantly adapting and evolving their tactics to exploit new vulnerabilities. They go with the tide and use news stories to get their victims involved. A good story still sells. And it is not just banks that are utilising AI technology: fraudsters are already starting to adopt AI to amplify their attack sophistication, with the use of generative AI like ChatGTP and voice cloning to make scams even more convincing. Voice as a single criterion for client identification is no longer enough.

Ultimately, financial intermediaries should address the topic of fraud as a standard agenda item or assess fraud cases as published in the news to find their own gaps in their framework. Inviting an expert to provide more insights into relevant topics can also be effective. And they should always be prepared to react to fraud cases – plan for the worst and hope for the best.