As consumer demand for more online banking services grows, fraudsters are finding more and more ways to exploit these services. While not a new scheme, online account origination fraud has grown in part because of the prevalence and ease of use of online banking services, and in part because of the number and scope of data breaches allowing bad actors access to a large amount of consumer data.
In this blog post, we’ll discuss common tactics used in online account origination (OAO) fraud, and controls that can help prevent losses.
Often, fraudsters use stolen identities and banking information to perpetrate fraud when opening new accounts online. The use of real information can make this type of fraud much more difficult to detect, especially because of the relative anonymity associated with online banking.
Related Reading: Transaction Laundering in the Payments Landscape
Detection and controls
Ensuring your institution has adequate controls and methods of detection for online account origination fraud can help prevent financial loss. Here are some ways you can identify this scheme and prevent possible losses:
Heuristic email filtering can help spot email addresses likely associated with scams
IP geolocation can help you determine if the origin of a web-based payment makes sense based on member information
Day/time of transactions submitted can indicate inherent risk—transactions submitted overnight or on weekends are typically subject to less immediate oversight, potentially allowing bad actors a larger window of time to make fraudulent payments and extract funds
Multiple users with the same source account can indicate the use of stolen or fake payment information
Sudden (unexplained) increase in online account origination activity (especially when coupled with an increase in returns) may point to a targeted attack
Holding funds from new account deposits for a period of time can help prevent losses from fraudsters attempting to withdraw funds before fraudulent payments are returned
SWBC Payments monitors all transactions processed through our system and keeps a list of fraudulent customer and account information. This list is integrated into our monitoring software to detect fraud from known bad accounts/bad actors across all of our client base. Our monitoring software also employs multiple rules that scan our payment application for many scenarios, including transactions between liquid accounts that exceed certain values (especially if one or both accounts are new), and deviation from historical activity for existing accounts and members.