How to Address Increasingly Sophisticated Phishing and Identity Theft Scams

Internet identity theft on a digital tablet with reflection of hackers hand concept for online digital crime
By Mary Anne Colucci

5 minutes

Is your credit union using these six fraud-preventing measures?

In the 2023 Annual Data Breach Report from Identity Theft Resource Center, there were 3,205 publicly reported data compromises that impacted an estimated 353,027,892 individuals. This report also highlights a 78% increase in events over 2022 and a 16% decrease in victims as fraud attacks become more refined and targeted.

Scammers have become incredibly adept at stealing people’s personal information and using it to commit fraud. At Envisant, our fraud team saw a particular increase in two types of fraud beginning in late 2023 including: external P2P transfers and synthetic identity fraud. Taking a closer look at some of the tactics fraudsters use to gather information, how they use it, and what can be done to address these increasingly prevalent scams can help your credit union defend itself and its members.

Sophisticated Phishing

Often fraudsters will hack into digital devices or online accounts, gain members’ contact information, and then reach out to them to gain financial account information. Pretending to be from the credit union, fraudsters will text about suspicious transactions or notify members that their account has been compromised. The fraudster will then reach out to the member once they respond.  In some cases, these fraudsters claim to have opened police reports for the compromised account (complete with report numbers) to convince even fraud-savvy members to share account access information.

Fraudsters then go into members’ accounts and change login and/or contact information. They may even warn members that their account will be unavailable for a few days so members don’t log in and immediately notice the fraud.

Once account access is gained, fraudsters use it to steal funds in several ways. Being aware of these tactics can help your credit union and members deal with them more effectively.

External P2P and Balance Transfers

At Envisant, our credit unions noted a particular rise in this type of fraud attack in the last quarter of 2023, utilizing mostly ACH external transfers. After gaining member login information, fraudsters attempt to connect a member’s account to an external account and steal funds. They may also take advantage of single sign-on to make balance transfers from one credit card to another.

Fortunately, the following six preventative measures can help.

Fill out the form below to receive the full article via email. By downloading the content, you may be contacted by the provider.


Compass Subscription