What we do know, however, is the type of fraud reported most often in Canada: identity fraud. To pull this off, criminals use phishing scams and other ruses to trick Canadians into revealing personal and financial information. Depending on what they find out, scammers could impersonate you, charge purchases to your credit card, apply for a loan and/or mortgage in your name, drain your bank accounts, and more.
It’s also becoming harder to identify scams. Some fraudsters now use artificial intelligence (AI) technology to create highly convincing audio and video “deepfakes” using Canadians’ voices and faces. AI tools are also helping criminals target exponentially more people at once, making scams harder to avoid.
How to protect your identity
To help you protect yourself against ID theft and fraud, we created a series of how-to articles with practical tips on prevention and what to do if you think your identity may have been stolen.
We’ve also launched a column dedicated to helping you protect specific things and people in your life. Check back monthly for new installments.
Videos about fraud and scams
How fraud and scams affect Canadians
Learn more about the various types of scams targeting Canadians today, and what you can do to protect yourself and recover from ID fraud.
Article Continues Below Advertisement
sponsored
Equifax Complete Protection
Go to site
Equifax Complete Protection is a credit and cybersecurity protection service designed to help Canadians spot the signs of identity fraud faster.
Provides daily credit monitoring and alerts
Scans for your personal data on the dark web
Social media monitoring by industry leader ZeroFox
Subscription price: $34.95 per month
Go to site
Get free MoneySense financial tips, news & advice in your inbox.
This article is presented by an advertising partner.
This is an editorially driven article or content package, presented with financial support from an advertiser. The advertiser has no influence on the creation of the content.
MoneySense editors and journalists work closely with leading personal finance experts in Canada. Since 1999, our award-winning magazine has helped Canadians navigate money matters.
The list of newer scams includes AI-powered fraud, where scammers create fake retailer websites, along with phishing emails or deepfake videos to impersonate brands or influencers. Fraudsters can also embed malicious links in QR codes—a method that’s “extremely widespread,” Zelvin said. “When you scan that QR code, there really is a URL or a website link, but people don’t look at it because it’s small,” he said.
Other methods include counterfeit products on the TikTok Shop as well as digital pickpocketing, where criminals use contactless payment devices to skim data from phones—something that’s becoming more common. Zelvin said instances of digital pickpocketing can happen in places like a shopping mall or on transit, where there are crowds. “Where it used to be somebody stealing your wallet or your purse, now they’re stealing what’s on your phone,” he said.
He noted that 2.6% of online transactions in Canada between Thanksgiving and Cyber Monday were flagged as fraudulent last year, a 51% annual increase. He noted that older consumers are disproportionately targeted.
Zelvin said there is a vast increase in people online during the peak buying periods, and fraudsters are “following the opportunity.”
The majority of Canadian consumers are still planning to shop during Black Friday and Cyber Monday this year, despite a slight decline in planned participation, according to a report from Boston Consulting Group.
About 77 % of Canadian consumers indicated they are planning to shop for deals, down six percentage points from the previous year. On average, the report found consumers were planning to spend US$305 on year-end sales events, dipping from last year, reflecting a “cautious but steady sentiment.”
How to avoid scams this season
To help avoid falling victim to a scam while shopping, Zelvin pointed to several measures you can take. This includes not clicking links in emails or texts and instead going directly to retailer websites. Verifying links to websites and looking for relevant HTTPS security indicators can help protect consumers.
He also advises using credit cards rather than debit cards or payment apps because they tend to have stronger fraud protections in place. “Credit cards are a good way to pay just because they are not fast-moving, but instant payment systems, wires, gift cards, some of these payment apps, and cryptocurrency—that money is gone,” Zelvin said.
Banking these days is something that increasingly leaves out the bank. “People don’t go to an ATM or into a bank a lot anymore, instead they mostly log in on our laptops or mobile devices,” says Octavia Howell, vice-president and chief information security officer for Equifax Canada.
Banking from your phone or computer is convenient, but it leaves a lot of the security that used to be undertaken by the bank up to the customer. Financial institutions have whole departments dedicated to protecting customers from theft and fraud, and strong controls to secure online banking. Still, bad personal habits can leave users vulnerable.
“Consumers have to be careful at all times and do their part to protect themselves and their families,” Howell says.
How cyber criminals try to access your bank account
Criminals may try to target individuals and withdraw money from consumers’ accounts, but there’s also a newer, faster-growing pattern of crime, which is trying to access the personal information of large numbers of people in order to commit fraud on a larger scale.
“A lot of bank fraud starts with someone trying to get you to share your information,” Howell says. “What we’re seeing in the industry right now is criminals gaining access to banking information directly from the account owners.”
Here’s how it works: The criminal organization obtains partial information on a group of people through an artificial intelligence assisted internet search. Scammers then call or otherwise contact their targets, often claiming to be representatives from a financial institution. The fraudsters might say there’s been a security issue and they need the last four digits of the customer’s account number or other information relating to a recent transaction in order to “validate” the account. Victims sometimes co-operate under the false impression that the caller is being helpful to them—at least it may seem so.
“No credible bank will ever call you and ask for banking information without you initiating the conversation,” Howell says.
If you receive a call of this sort, say you’ll call back, hang up, then call the organization directly using the customer service number published on its website or on the back of your card.
Article Continues Below Advertisement
Best practices for protecting your bank account
Here are some other things you should do daily to help secure your bank account:
Make sure your account PIN (personal identification number) is not something available online or that can be easily guessed, such as an anniversary or a child’s birthday.
Use a strong password that is unique from your other accounts.
Enable multi-factor authorization (which requires separately texted or emailed codes) or biometric logins that recognize your face or fingerprint. Biometrics is considered state-of-the-art in terms of digital security and can stop scams, says Howell “There’s only one you and scammers can’t easily fake that.”
Avoid accessing your bank account over public Wi-Fi networks, such as those in coffee shops and airport departure lounges where criminals can “sniff” for users entering login credentials or credit card numbers. Use a private network such as your home internet or your wireless provider to access your banking information. If you must use a public network, download a VPN (virtual private network) and use that to access your account.
Don’t share login credentials with anyone and make sure that your information is secure. Conceal credit or debit card codes you punch in at an ATM or a store checkout. “You never know who’s looking over your shoulder,” Howell says.
Make sure you have a way to recover your account should it get compromised. Set up code words and security questions that will enable you to access your account if it gets locked by your financial institution. “It’s important to take the time to set the code words,” says Howell. “Carefully selected security questions can also play an important role in helping to protect your bank account.”
sponsored
Equifax Complete Protection
Go to site
Equifax Complete Protection is a credit and cybersecurity protection service designed to help Canadians spot the signs of identity fraud faster.
Provides daily credit monitoring and alerts
Scans for your personal data on the dark web
Social media monitoring by industry leader ZeroFox
Subscription price: $34.95 per month
Go to site
Extra reassurance from Equifax Complete Protection
Most people know that they need to take extra care around financial transactions, says Howell. It’s the extra precautions they may not have considered that can leave them exposed to fraud and theft.
For a higher level of protection, consider Equifax CompleteTM Protection, a monthly subscription service that helps to keep your personal data and devices safe while alerting you to potential fraudulent credit accounts being opened in your name.
Features of Equifax Complete Protection include:
Daily credit monitoring and alerts to notify you of key changes to your Equifax credit report, such as a new credit card or loan application
WebScan, which monitors the dark web (hidden websites where criminals like to hang out and trade data) to see if your personal information appears there
Social media monitoring provided by industry leader ZeroFox, to alert you to suspicious activity on your social media accounts
Online data encryption by NordVPN and online password generation and storage by NordPass
Parental controls from Bitdefender to restrict which websites and apps your kids can access
Device protection from Bitdefender to help stop phishing attempts and protect devices from viruses and malware.
Support from an Equifax identity restoration specialist, if your identity is stolen
Identity theft insurance up to $1 million for out-of-pocket expenses (not available in Quebec)
Equifax Complete Protection costs $34.95 per month. To learn more, visit the Equifax website.
“What is identity theft, and how is it impacting Canadians?”
Michael is a financial writer and editor in Duncan, B.C. He’s a former managing editor of Canadian Business and editorial director of Canada Wide Media. He also writes for The Globe and Mail and BCBusiness.
What is the game here? What are fraud artists trying to accomplish?
“The premise of social media is that you’re creating and keeping in touch with a circle of trusted contacts,” says Julie Kuzmic, senior compliance officer, consumer advocacy at Equifax Canada. “Your network of contacts is valuable to criminals.”
3 ways fraudsters use social media to steal your identity
Social media fraud typically takes one of three forms:
The fraudster takes over your account, usually by successfully hacking or guessing your account user ID and password. They can then obtain your list of contacts and do a lot of damage in the time it takes for you to alert the platform and regain control over the account.
The fraudster creates a new account in your name, often using a photo of you obtained online, and makes contact with people in your network or even strangers.
The fraudster may play a longer game where they set up an account under a fake persona, then reach out to large numbers of other users in the hope of initiating and nurturing digital relationships, including romance scams.
“I’ve seen situations where somebody starts a conversation as if the recipient already knows them. That person may say, ‘You’ve got the wrong person,’ to which the fraudster responds, ‘Oh, my apologies for making a silly mistake,’” Kuzmic says. That interaction can serve as a foot in the door with an account holder who may be lonely or perceive that they have something in common with the person who initiated the exchange.
“That seemingly harmless interaction can build over time,” Kuzmic says. “It might be a multi-step process that the fraudster will nurture along to build trust.”
The fraud artist may start by sharing legitimate information about a great deal on a product on sale. Only later, once a level of trust has built up, they might suggest going in on an investment together or otherwise creating a scenario where they can separate the target from their money.
Precautions to take on social media
When criminals take over an account or impersonate a social media user, they often try to recruit more victims. They may also reach out to the user’s contacts, who—because they trust their friends—may be more likely to respond. Contacts may also be reassured by the number of other acquaintances they have in common.
“It turns into a kind of higher-percentage phishing scam,” Kuzmic says.
Article Continues Below Advertisement
The doors left unlocked to criminals using social media can include easy-to-guess passwords, open privacy settings, and corroborating personal information obtained from other sources.
For social media users, the best defence against being defrauded includes:
Using strong passwords that are different from the ones you use on other platforms.
Getting to know each platform’s privacy settings. (They’re not all the same.) Try to limit the visibility of posts and images that contain clues to personal information (such as birthdays and groups you belong to) to just your friends and contacts.
Avoiding oversharing even among friends, for example by posting honeymoon photos or naming a pet.
Not accepting invitations from people you don’t know, even if you appear to have connections in common.
Maintaining a sense of skepticism at all times, including when you receive messages from known contacts.
Kuzmic notes that simply accepting an invitation usually won’t, in itself, put you in danger. It’s what happens next—fraudsters may ask for help with a financial shortfall, for example.
“Any time a sense of urgency is attached to the request, that’s a red flag,” she says. “Remember, you can always verify whether a request is genuine; for example, contact the person by phone, via email, or on another social network.”
sponsored
Equifax Complete Protection
Go to site
Equifax Complete Protection is a credit and cybersecurity protection service designed to help Canadians spot the signs of identity fraud faster.
Provides daily credit monitoring and alerts
Scans for your personal data on the dark web
Social media monitoring by industry leader ZeroFox
Subscription price: $34.95 per month
Go to site
Further lines of defence: Fraud protection from Equifax
If you think your account has been compromised, contact the social network and follow its recovery protocol. Also alert people on your contact list, preferably through other media, to warn them against approaches by people who claim to be you.
For an extra level of protection, Canadians can subscribe to Equifax CompleteTM Protection. This credit monitoring and ID protection service is $34.95/month and includes a wide range of features, including social media monitoring that can potentially spot suspicious activity before you do. It uses AI to scan your social media accounts for account impersonation, scams, and malicious or inappropriate content.
This is a paid post that is informative but also may feature a client’s product or service. These posts are written, edited and produced by MoneySense with assigned freelancers.
Read more about fraud and scams:
Get free MoneySense financial tips, news & advice in your inbox.
Michael is a financial writer and editor in Duncan, B.C. He’s a former managing editor of Canadian Business and editorial director of Canada Wide Media. He also writes for The Globe and Mail and BCBusiness.
63% of U.S. companies faced wire fraud in 2024, costing billions
Prevention steps: verify wiring instructions and train employees
Response plan: contact banks, file IC3 report, secure IT systems
Insurance & legal support: notify carriers, assess data exposure
Wire fraud is one of the fastest growing types of cyber threats – a 2024 ABA Banking Journal survey found 63% of U.S. companies have experienced at least one incident, with billions of dollars in estimated loss.
Criminals often impersonate a company executive—or a known vendor—to deceive someone into sending money to a fraudulent account. Because wire transfers are fast and may be difficult (if not impossible) to reverse, victims often cannot recover the lost funds.
Protection starts with prevention. Educate employees about the different types of wire-transfer fraud and require them to verify critical information through a different communication channel, as well as a phone number or email account you know is correct, before sending money or changing any established wiring instructions. But, should your organization fall victim to wire-transfer fraud, it is extremely important to have a response plan in place to act quickly. Here are some recommended steps to include in the plan:
Attempt to recover the funds
Notify your financial institution immediately. Be prepared to provide:
Account holder information: Full name, address, account number and contact details.
Transaction details: Date, amount, recipient name and account number.
Statement of non-authorization: A sworn declaration that the transfer was not authorized.
Police report information: Case number, officer name and department (if applicable).
Signatures and notarization: The affidavit must be signed and typically notarized.
File a export with authorities
File a report with IC3.gov at the Internet Crime Complaint Center (IC3) to report the incident. Be prepared to provide details about where the wires were sent and received, the date, time and amount transferred and information about the fraudulent email that triggered the transaction.
Secure the organization’s IT environment
Reset all passwords, especially for affected accounts. Revoke all tokens. Preserve system logs for forensic analysis, including authentication logs and email access logs. Enable Multi-Factor Authentication (MFA) if it is not already in place. Consider having your attorney retain a vendor or forensic investigator to help if you can’t do it with existing resources.
Notify your insurance carrier and broker
Contact your cyber and crime insurance providers. Your coverage may fall under multiple policies. The incident may not qualify as a cybercrime, but rather traditional fraud via email. Your broker can help determine coverage.
Assess broader risk and potential data exposure
In addition to accessing and reviewing individual messages, the attacker may have acquired a copy of your mailbox. You may be able to determine this through your logging records, or you may need to research via the connection method used by the attacker. If there is a reason to conclude sensitive information was accessed or acquired, review the exposed data for information that is protected under state laws, including Personally Identifiable Information (PII). If PII was exposed, evaluate whether affected individuals must be notified and consider offering fraud and identity theft protection services.
As with any type of fraud or cybersecurity breach, it is optimal to hire an outside attorney with experience in these types of events. This facilitates attorney-client privilege, protecting confidential communication; provides you with access to additional experienced resources, including those in the attorney’s firm or third parties the attorney can access; and legitimizes the response, providing protective distance with regulators and third parties.
Wire-transfer fraud can cripple an organization. Don’t be caught unprepared. Review your organization’s incident response plan and make sure these issues are addressed.
Alan Winchester is the leader of Harris Beach Murtha’s Cybersecurity Protection and Response Practice Group.
They may reach out, develop trust, and ask seemingly innocent questions like, “Oh, you have a dog? What’s your dog’s name?” Using artificial intelligence tools, they then use permutations of this information in attempts to hack the online accounts of other family members.
“A child could be an effective channel for a criminal to gain that information,” warns Julie Kuzmic, senior compliance officer, consumer advocacy with credit bureau Equifax Canada.
A range of harms
As parents know only too well, children’s exposure to the internet comes with a range of benefits, but also lurking dangers. “There are potential harms to children as young as babies and toddlers all the way up to older teenagers—like 18, 19 years old,” Kuzmic says. Over that span they may be exposed to:
Developmental harms. Exposure to screens and to seeing people and hearing voices online affects brain growth from infancy and can crowd out other activities crucial to cognitive development, like unstructured play and human interaction.
Harmful content. Age-inappropriate content, misinformation, disinformation, and modified images can all negatively affect the child’s growth, learning, and judgment.
Nefarious contact and exploitation. Of particular concern for parents is the potential for online predators to contact and develop relationships with their children for their own pernicious purposes.
Privacy breaches and data collection. As in the example described above, criminals might obtain personal information to defraud or assume the identity of adult members of their household or the children themselves.
Mental and emotional illness. Excessive social media use in particular has been linked to anxiety, depression, body image issues, sleep deprivation, low physical activity, and stunted social development.
Don’t assume kids know what they’re doing
Though they often appear technology-savvy, at times serving as IT support for their befuddled parents, “kids don’t have the life experience to know that not everybody is who they say they are,” Kuzmic says. At other times, they may “have a low awareness of the permanence of what they do online. Things they post and share may be available and visible for the rest of time, effectively, so there can be an impact well on later into their lives.”
They can be particularly vulnerable in their early teens as they begin to question their parents’ authority, push boundaries, and engage in higher-risk behaviour online. This coincides with the age when they might have their first bank and social media accounts and mobile phone.
“In an age-appropriate way, it’s important to have an ongoing conversation with your children about guidelines and expectations,” Kuzmic says. “At any age, think of protection as a layered and evolving situation. It’s not something that you talk about once and then it’s fine.”
Measures to protect kids from online harms
Safeguarding your offspring online requires a hands-on approach. “Allowing exposure to online activity maybe should come with training wheels, where parents are a little more involved at the start and are learning together with the kids,” Kuzmic says. Some steps she recommends include:
Setting rules around internet access and the age at which children are allowed to access social media. Some families write it down as a contract that everybody can see and agree to.
Imposing physical limitations, such as no devices after bedtime.
Setting up digital limitations such as blocking platforms that screen out potentially undesirable content or a secure virtual private network (VPN).
Prioritizing online safety. Explain why your kids should be wary of people who approach them online. Advise them to avoid random links, banner ads, or quizzes designed to lure them into unsafe spaces.
Discouraging oversharing of personal information on social media.
Though bad actors target minors for a variety of malevolent reasons, they all zero in on children’s relative weaknesses, such as a desire to be accepted and befriended. Parents need to be there, Kuzmic says, to remind their kids that what might not appear to them to be a dangerous situation “might actually be a dangerous situation.”
Article Continues Below Advertisement
Digital security from Equifax Complete Protection
The hard part for parents—especially as their kids become older and increasingly independent—is they can’t be there all the time. For an additional level of online safety, consider Equifax CompleteTM Protection, a monthly subscription service that includes parental controls from Bitdefender to restrict which websites and apps your kids can access.
Other features of Equifax Complete Protection include:
Daily credit monitoring and alerts to notify you of key changes to your Equifax credit report, such as a new credit card or loan application.
WebScan, which monitors the dark web (hidden websites where criminals buy and sell data) to see if your personal information appears there.
Social media monitoring provided by industry leader ZeroFox, to alert you to suspicious activity on your social media accounts.
Online data encryption by NordVPN and online password generation and storage by NordPass
Device protection from Bitdefender to help stop phishing attempts and protect devices from viruses and malware.
Equifax Complete Protection costs $34.95 per month. To learn more, visit the Equifax website.
Get free MoneySense financial tips, news & advice in your inbox.
Michael is a financial writer and editor in Duncan, B.C. He’s a former managing editor of Canadian Business and editorial director of Canada Wide Media. He also writes for The Globe and Mail and BCBusiness.
It happens every day. People who would never dream of giving out their credit card number after receiving a random call, text, or email give away personal information on social media for free—including birthdates, home addresses, and details often used to answer website security questions.
The consequences can be dire. If fraudsters open a credit card, line of credit, or mortgage in your name, for example, you may be held financially liable. Your credit score may be affected, making it very hard for you to get credit—such as a mortgage or car loan—when you need it.
“Identity theft is not new, but we are seeing more and more of it,” says Octavia Howell, vice-president and chief information security officer at credit bureau Equifax Canada. “We are seeing more and more scams perpetrated that enable identity theft to happen.”
In some cases, identity theft is out of your control. Fraudsters may steal personal information through a cyber-attack on a company or government database, for example, or buy it on the dark web (hidden websites where criminals traffic in stolen data).
What can Canadians do to protect themselves from identity theft—and, if it happens, minimize the damage?
6 safety tips to reduce your risk of identity theft
“You can’t really prevent it,” Howell says, but you can make identity theft more difficult for criminals, causing them to move on to easier targets. Here are some preventative measures:
Get to know your digital profile. Google yourself to get a sense of what information about you is readily available on the internet. Then focus on protecting what is not public, such as usernames, passwords, account numbers, and your social insurance number (SIN). If a company or government department you deal with gets hacked, be especially wary. Change your passwords on sensitive accounts.
Be vigilant about your financial standing. Check credit card statements and credit reports often for unfamiliar charges. One common tactic is the “salami attack,” where criminals test out a credit card or other account number with a small purchase or transfer, perhaps just for $2. If it works, they’ll take a thicker slice next time. “If you don’t catch it, if you don’t shut it down, it’s just going to continue and in larger amounts,” Howell says.
Don’t connect to public wifi, especially when accessing your bank account or inputting credit card information.
Be wary when someone asks for personal information. Don’t respond to requests from unfamiliar people, companies or institutions. If the request appears to come from, say, your bank, a friend, or the Canada Revenue Agency (CRA), contact them using a different line to check the legitimacy of the request. (Also read: How to protect your CRA account from scams.)
Shut down inactive and underused accounts. For example, close a car loan that has been paid off. Untended accounts provide openings for fraudsters.
Enable two-factor or multi-factor authentication to access your accounts wherever you can. That way, even if criminals have some personal information on you, they get stopped at this second level of security. “That is the thing that can sometimes protect you,” Howell says.
Video Social media scams
A convincing new scam to watch out for
One kind of scam that’s become common over the past year is the “bank investigator” scam, Howell says. Victims receive a call or a text message from a 1-800 number where the caller poses as an investigator from a financial institution or credit bureau, or even the police. They claim to have detected fraud on your account and ask for authentication codes to access your devices, or even to collect your cards in person at your home. Sometimes there’s a second call from someone pretending to be a lawyer, and they seem to have corroborating information.
Once they have enough personal details, the fraudsters might use them to take out a car loan or open a cell phone plan, for example, and then never pay for it—and the victim is stuck with the bill.
Article Continues Below Advertisement
What to do if someone has obtained credit in your name
If you discover someone has used your identity to commit fraud, contact your credit card issuer and both of Canada’s credit bureaus to scrub fraudulent charges from your credit history as soon as possible, Howell emphasizes. Try to determine exactly what information has been compromised. Put fraud monitoring and fraud alerts on the account. Notify the Canadian Anti-Fraud Centre (CAFC) and local police, especially if there’s a possibility of a visit to your home.
If the fraud persists, it can ruin your credit rating. “That can be devastating,” Howell says. It can take months or even years to fully restore control over your identity.
But the easiest course is prevention. The risk of identity theft is never zero, but you can reduce the odds it will happen to you.
“You just don’t want to be an easy target,” Howell says. “You want to make it a little bit difficult for fraudsters, because there are easier targets out there.”
Detect fraud earlier with Equifax’s credit monitoring
Equifax CompleteTM Protection is a subscription service that keeps a close on your credit report and can alert you if your identity has been compromised. Features of this service include:
Daily credit monitoring and alerts of key changes to your Equifax credit report, such as a new loan or credit card application
Social media monitoring by ZeroFox, to alert you to suspicious activity on your social media accounts
WebScan, which monitors the dark web for personal information you provide
Online data encryption by NordVPN and password management by NordPass
Parental controls from Bitdefender to restrict kids’ access to websites and apps
Device protection from Bitdefender to help stop phishing attempts and block viruses and malware
Support from an Equifax identity restoration specialist, if your identity is stolen
Identity theft insurance up to $1 million for out-of-pocket expenses (not available in Quebec)
Equifax Complete Protection costs $34.95 per month. To learn more, visit the Equifax website.
sponsored
Equifax Complete Protection
Go to site
Equifax Complete Protection is a credit and cybersecurity protection service designed to help Canadians spot the signs of identity fraud faster.
Provides daily credit monitoring and alerts
Scans for your personal data on the dark web
Social media monitoring by industry leader ZeroFox
Subscription price: $34.95 per month
Go to site
This article is sponsored.
This is a paid post that is informative but also may feature a client’s product or service. These posts are written, edited and produced by MoneySense with assigned freelancers.
Michael is a financial writer and editor in Duncan, B.C. He’s a former managing editor of Canadian Business and editorial director of Canada Wide Media. He also writes for The Globe and Mail and BCBusiness.
At least until we are a completely passwordless society, however, usernames and passwords and an additional authentication factor are the best defense we have against the spread of digital fraud and identity theft. It’s worth putting in the effort to come up with and keep track of different passwords for each of our accounts.
“Enabling strong authentication methods is one thing that I fight with even my own family members about,” says Octavia Howell, vice-president and chief information security officer for credit bureau Equifax Canada.
Think of usernames, passwords, and multi-factor authentication as more lines of defense for your identity online, she advises. Multi-factor authentication adds an extra layer of protection by combining different authentication factors, such as something you know, something you have, or something you are. If one of the organizations you deal with suffers a data breach, enabling this extra layer of protection for your online identity can help contain the damage and prevent it from spreading to the other sites and accounts you use. They may help keep you from becoming a victim of identity theft.
“It’s not a matter of if, it’s a matter of when your information will be compromised. Most of your information is likely already compromised,” Howell says.
Good authentication practices make it harder for fraudsters to obtain more information about you and assume your identity for the purposes of fraud. Here are Howell’s tips and dos and don’ts.
Password practices to avoid
Too many users simply reuse the same username and password across multiple accounts, Howell says. Say criminals gain access to your streaming service account. If you use the same password for an email account, it’s as good as compromised. That may expose more information on you, your friends and your associates.
Another mistake is to use passwords that are easy to guess, such as your children’s name plus “123” and an exclamation point for a special character. Don’t include a pet’s name or a street address, either. Remember, hackers now get help from artificial intelligence (AI) to try thousands of combinations of these clues to gain access to your accounts. (Learn more about AI and identity theft.)
Best password practices
Howell recommends using multiple usernames and different passwords for all your online accounts. Here are some more tips to improve your password hygiene:
Article Continues Below Advertisement
Google yourself to get a sense of what information about you is readily available online—and don’t use any of it in your passwords.
Use phrases that are meaningful to you but no one else—for example, places, dates, or special numbers and activities that stick in your mind. Rearrange the words and numbers in ways that don’t repeat key phrases found online.
Consider using strong passwords provided by the platform, but only if you always access the site from the same device or if you use a password safe, also known as a password manager.
Use the strongest passwords for the sites containing the most sensitive information. An optometrist’s portal that just contains your eyeglass prescription need not be as complicated, but your online banking is a different matter. “You want to put the right level of security based on the information on each site,” Howell says.
If multi-factor authentication is available, take the time to enable it. This provides the extra layer of protection and can even serve as an early warning sign that your credentials have been compromised.
sponsored
Equifax Complete Protection
Go to site
Equifax Complete Protection is a credit and cybersecurity protection service designed to help Canadians spot the signs of identity fraud faster.
Provides daily credit monitoring and alerts
Scans for your personal data on the dark web
Social media monitoring by industry leader ZeroFox
Subscription price: $34.95 per month
Go to site
For extra password protection
For added protection, consider subscribing to a broader suite of fraud prevention tools that includes a password manager. Equifax Complete™Protection is a comprehensive identity protection service that includes credit monitoring, social media monitoring, device protection, and a password manager, among other features.
Equifax Complete Protection’s password manager keeps track of your usernames and passwords in a safe place not tied to your email or browser. Each time you register a new account or change your password, simply load the keys into the password manager for future reference.
This is a paid post that is informative but also may feature a client’s product or service. These posts are written, edited and produced by MoneySense with assigned freelancers.
Michael is a financial writer and editor in Duncan, B.C. He’s a former managing editor of Canadian Business and editorial director of Canada Wide Media. He also writes for The Globe and Mail and BCBusiness.
Last year, Jeff Brown, head of commercial solutions at Equifax Canada, saw a surge in digitally enabled scams in the construction industry. Criminals claiming to be a legitimate contractor would order supplies that could not be easily identified, such as lumber or plumbing parts, for delivery to a supposed job site — only there was no job site, and the orders were a scam. By the time the real contractor knew what was happening, the materials had been sold on the black market and the fraudsters had cleared out.
“Business-to-business relationships tend to operate on net payment terms. What that means is you can have products delivered to a non-standard location and those products don’t have to be paid to the supplier for 30 days,” says Brown. “That buffer can operate as a getaway window for scammers.”
Having worked a few times, the scam spreads. “When scammers see something they’re able to take advantage of, they double down and it becomes a trend that eventually can become a systemic issue,” says Brown.
Why small companies are attractive targets for fraud
Small businesses like contractors have particular attributes that can make them appealing targets for fraudsters, including:
They deal in bigger numbers than most consumers do. “The average working capital loan for a small business is around $40,000,” says Brown.
Small business owners are often unaware of their credit standing and may not be keeping track of their company’s credit reporting.
Business credit information is more readily available than personal credit information because it is less subject to privacy laws and businesses often want to demonstrate greater transparency to encourage others to work with them. “Businesses have to be spending money to make money. There needs to be an open network for businesses to be able to function,” Brown says. By looking at a company’s credit reports, fraudsters can find a company’s typical bank balance and who their largest suppliers are, for example.
Businesses usually have more points of egress than consumer accounts for criminals to attack. They can go through or impersonate not just the owner(s) but employees, too. “Businesses have a larger net of potential liabilities,” Brown says.
Red flags for Canadian businesses to watch out for
It’s hard to predict what form the next wave of small-business scams will take. Fraud constantly evolves and the tools that fraudsters use change often. Artificial intelligence (AI) has made the rapid collection and analysis of company information more accessible, while spoofing (creating fake) company images and videos can make it harder to spot what is real versus what is fake. Still, there are red flags for company owners and employees to watch out for:
Emails from organizations you don’t normally do business with, or emails that use unfamiliar or misspelled domain names.
Communications demanding quick approvals.
Callers saying they spoke to a named boss or colleague who approved a transaction that needs to be finalized. “A fraudster can easily obtain company managers’ names and titles online,” Brown notes.
Any offer that sounds too good to be true, and those with suspicious attachments, should be approached with caution.
Larger businesses include anti-fraud protocols in their onboarding and ongoing training, something that small businesses can’t always offer. But it helps if employees are trusted and empowered to use their own common sense around potential threats.
sponsored
Equifax Complete Protection
Go to site
Equifax Complete Protection is a credit and cybersecurity protection service designed to help Canadians spot the signs of identity fraud faster.
Provides daily credit monitoring and alerts
Scans for your personal data on the dark web
Social media monitoring by industry leader ZeroFox
Subscription price: $34.95 per month
Go to site
Keep an eye on your credit reports
One line of defence is to frequently check your company’s credit profile. It’s not as simple as a consumer credit report; it isn’t boiled down to a single score. Instead, it includes a business failure risk score that tells suppliers and financial institutions whether or not a company is a viable partner. It also has a delinquency score that relates to the company’s history of paying bills on time, in full, or not at all.
Business credit reports will also enumerate a company’s financial obligations. “If you see a transaction you do not recognize on your company’s credit report, you can investigate and potentially dispute it. Conversely, if there are any long-time business relationships not indicated on the report, it may be in your interest to add them,” says Brown. “If you’ve had a relationship with a business for 10 years, having that history of good payments is going to help get you the best rates possible and the best products,” Brown says.
Article Continues Below Advertisement
What if your business has been defrauded?
From the fraudster’s perspective, the beauty of the construction scam is that it’s not readily apparent who is liable: the company whose name was used, the supplier, or the financial institution conducting the transaction. While the parties sort that out, the criminals get away.
That’s why it’s important to take steps as soon as possible if you think your business may have been defrauded, including:
Checking your company’s credit report to see if an unauthorized transaction has taken place
Contacting the other parties to the transaction as soon as you notice anything strange
This is a paid post that is informative but also may feature a client’s product or service. These posts are written, edited and produced by MoneySense with assigned freelancers.
Get free MoneySense financial tips, news & advice in your inbox.
Michael is a financial writer and editor in Duncan, B.C. He’s a former managing editor of Canadian Business and editorial director of Canada Wide Media. He also writes for The Globe and Mail and BCBusiness.
“You can make them the way you want instead of trying to fit into the box that the app has given you,” she said.
Are budgeting apps secure?
Meanwhile, Fry says she doesn’t often recommend her clients use budgeting apps because of security reasons and instead encourages them to record expenses manually.
Cybersecurity needs to be a top priority when choosing a financial app that uses, links to and even stores sensitive banking and credit card data.
Traditionally, when people sought financial help, people would go see an adviser and talk money in private and would know that information is safe with the professional, said Robert Falzon, head of engineering at cybersecurity firm Check Point Software Technologies, Ltd.
“With using apps online, we’re doing the same thing but there is no expectation of safety,” he added.
Data theft often tops the list of concerns among budgeting app users, but Falzon said there are ways to work with these apps safely.
Using strong passwords and multi-factor authentication can help prevent breaches right from the start, he said. Using bank-provided budgeting apps that are local to Canada, or tools from reputable organizations, can also help avoid vulnerabilities.
Other safety tips include using apps that have encryption and a robust security protocol, Falzon said. Making sure there’s security software on mobile devices and that people are not using public Wi-Fi to access their banks or financial apps.
According to the Pew Research Center, 13% of people who have ever used PayPal, Venmo, Zelle or Cash App say they have sent someone money and later realized it was a scam, while 11% report they have had their account hacked.
Daniel Wolfe
Just after 8:00 a.m. on Monday, April 24, Margaret Menotti was writing a report for a client.
“I heard my phone ding, and I got a text from Bank of America saying there was suspicious fraud activity on my account,” said Menotti, a freelance media relations professional who works from her home in Venice, Florida.
Immediately after that, she got a phone call from someone who said they worked in Bank of America’s fraud department and they had seen suspicious activity on her account. The caller asked if she had made two Zelle transactions: a $109 payment for sporting event tickets and a one-cent transaction. Menotti doesn’t use Zelle.
“I closed out what I was doing, got into my bank account and said, yeah, I didn’t make these,” Menotti said in an interview. “She said, don’t worry about it, we’re here to help you, we can immediately reverse these.” The caller also asked Menotti if she knew someone named Doug Bland who lives in Denver. Menotti said no. Bland was trying to put through two Zelle transactions from Menotti’s accounts, one from her savings account, the other from her checking account, the woman said.
“I said, well, that’s not authorized, I don’t know anybody by that name,” Menotti said.
“Don’t worry about it,” the woman said. “We have fraud specialists here. Alejandro Lopez specializes for Bank of America in Zelle fraud.”
The rep gave Menotti a claim number, which she wrote down, and started walking Menotti through the steps she needed to take to reverse the Zelle transactions. Menotti started noticing that the screens she was seeing did not exactly match what the rep was describing. The rep told Menotti she needed to use her mobile app, then they would be looking at the same things. She opened the Bank of America mobile app and walked into her husband’s office (he’s a project manager at Dell who also works remotely) and asked if it all seemed legit to him. He thought it seemed real. She went through the steps the rep told her to take.
Menotti then went back to online banking from her laptop and saw that $3,500 had been withdrawn from her account and sent to Alejandro Lopez. She hung up the phone.
“It was already too late,” Menotti said. “I realized my mistake.”
For several weeks after that, Menotti spent many hours making dozens of calls to Bank of America and Zelle, trying to get her money back.
Menotti’s story is not uncommon. About 120 million consumers and small businesses used Zelle in 2023 to send 2.9 billion transactions totaling $806 billion, according to Early Warning, the bank consortium-owned company that operates Zelle. In 2024, the volume of Zelle transactions is expected to surpass $1 trillion. According to the Pew Research Center, 13% of people who have ever used PayPal, Venmo, Zelle or Cash App say they have sent someone money and later realized it was a scam, while 11% report they have had their account hacked. (Early Warning says 99.95% of the payments it processed in 2023 had no reports of fraud or scam.)
A report put out by Senator Elizabeth Warren in October 2022 stated that four banks reported 192,878 cases of scams — cases where customers reported being fraudulently induced into making payments on Zelle — involving over $213.8 million of payments in 2021 and the first half of 2022.
“In the vast majority of these cases, the banks did not repay the customers that were defrauded,” the report said. “Overall the three banks that provided full data sets reported repaying customers in only 3,473 cases (representing 9.6% of scam claims) and repaid only $2.9 million (representing 11% of payments).”
When consumers lose money due to Zelle scams, “Zelle and the big banks have said they couldn’t help,” Blumenthal said during the hearing. “What they mean is they wouldn’t help, and their attitude has been, ‘not our problem.’ Well, to the banks of America, particularly the seven that own and operate Zelle, it is your problem. You own it just as you own Zelle and you have the expertise, the resources, and the obligation to make sure that you do better.” (The seven banks that own the Zelle network are Bank of America, Truist, Capital One, JPMorgan Chase, PNC Bank, U.S. Bank and Wells Fargo. American Banker reached out to all for comment. Wells Fargo declined; only Bank of America responded with an interview by press time.)
In June 2023, Early Warning implemented a rule that requires its 2,100 member banks to refund customers that are victims of “qualifying” impersonation scams where crooks pose as a bank or government agency to trick customers into giving up money and/or account information. The company does not share what it takes for a scam case to qualify for the refund. “Each case is closely reviewed by the customer’s financial institution,” a spokeswoman said.
After listening to many customer stories, including those of Margaret Menotti and the consumers who testified at the Senate hearing, and talking to experts, a picture emerges of a problem that has outgrown large banks’ capacity to handle the ensuing fraud investigation and customer service work, even if the overall rate of Zelle fraud is low.
“How many workers are hired per capita to address Zelle?” said John Buzzard, a fraud expert who until recently was lead fraud and security analyst at Javelin Strategy and Research. “You have to pounce quickly and have world-class authentication. I’m not sure that’s a constant universally speaking but more of an aspiration.”
Bank of America has 37 billion active digital users and at least half of them actively use Zelle, according to the bank.
“Zelle is our customers’ number one choice for money movement,” said Mark Monaco, head of global payment solutions for Bank of America. “They choose Zelle more often to access their accounts than they write checks or withdraw cash from ATMs or our financial centers. The adoption continues to grow.”
Bank of America declined to say how many customer service reps are trained to handle Zelle fraud and scam cases. (Banks make a distinction between the two: if a fraudster takes over a customer’s account and makes a Zelle transaction, banks call that fraud; if a customer is tricked into making a payment through Zelle, banks call that a scam.)
Trying to get a refund
When Margaret Menotti realized she had fallen for a scam, she immediately called Bank of America’s fraud department and spoke with a bank fraud rep — a real one, this time — about what had just happened. The bank reversed the $109 transaction and she was told the claim number she had been given earlier by the woman claiming to be a Bank of America fraud specialist was not a bank claim number but a phone number.
Menotti dialed that number. A man picked up.
“I said, is this Alejandro? And he said, yes,” Menotti recalled. “I said, I want to know why you scammed me out of $3,500. He hung up.”
When she recalls the call she thought was from Bank of America, Menotti says the background music was the same as the bank’s and there was a message about this being a recorded line that was the same as the bank’s.
“It’s embarrassing to have fallen for it, but it really sounded like them,” she said.
She called the bank again. Bank fraud specialists told Menotti to file a claim with Zelle. They told her that both Zelle transactions went to another Bank of America customer.
She called Zelle’s customer complaint number, but got a recording saying she had to call her bank.
In an interview, an Early Warning representative said that Zelle customers who call about scams are redirected to their bank, which has their account data and history, while Early Warning does not store any customer data.
Menotti went back to Bank of America and filed a formal claim to get her money back. She was told it could take 45 business days to process. Two days later it was denied. She called the bank to ask why. In the meantime, she had read about federal Regulation E, which protects consumers who fall victim to scams. She asked the bank to dig deeper and was told it would reopen the claim. It was denied again.
When she asked why the claim was denied, she was told, “‘You authorized it.” Menotti said she did not authorize it; she thought she was speaking to someone at the bank and therefore Reg E applied. She was again told the claim was not approved.
She went to her local bank branch and spoke with the branch manager. He said it was a corporate decision he couldn’t override.
She moved her money to a different bank and reported the episode to the Consumer Financial Protection Bureau and the Florida Attorney General. She also wrote to Warren’s office and a few journalists.
She didn’t hear anything from Bank of America for two weeks, but on May 14, one working day after American Banker reached out to the bank to ask about her case and about 10 days after a journalist from a different publication called the bank with similar questions, a woman named Ashley from the bank’s claims department called Menotti to say that Bank of America’s leadership team had decided that she would be reimbursed for the $3,500 Zelle fraud that night or the next day. Ashley said the fraud team had called the number associated with the Zelle transaction, the voice did not sound like Menotti’s and the person said it was for rent payments. (Menotti and her husband own their home and they don’t own any rental property.)
The next day, Menotti saw a credit for $2.63 to her savings account and correspondence from Bank of America saying that was her refund because that was all that they could recover. When she went grocery shopping that day, her debit card and her husband’s debit card were declined. She called the bank again, spoke with more than eight people and was told her checking account was closed in error, that Bank of America would send her a check for the amounts in the accounts and that she could not use her debit cards anymore. The rep told Menotti that when she opened the account 40 years ago, she agreed to the terms that the account could be closed at any time.
After demanding to speak with somebody with full visibility to this case, Menotti eventually reached a woman at the bank named Jessica who confirmed that the accounts were closed in error.
While they were talking, Menotti saw a credit come into her savings account for $1,797.37. Jessica told Menotti she would work with an investigator to process the remaining $1,700 to her checking account and transferred her to a representative to reactivate her debit cards.
“I was transferred three times, nobody seemed able to handle this,” Menotti said. She was told that it could take 24 to 48 hours for the $1,700 to appear in her checking account.
A different representative told Menotti the bank was reopening Menotti’s and her husband’s cards, but that she experienced another glitch and couldn’t do it. The bank would be sending her new cards.
“What a nightmare this has been,” Menotti said. “I am convinced that without pressure from somebody like [American Banker], Bank of America would ignore requests like this. My sense is that they just keep rejecting claims and don’t aggressively investigate them until a customer makes a big fuss.”
A Bank of America spokesman said the decision to reimburse Menotti was made after considering additional information during a review. He declined to say what that additional information was. He also pointed out that the bank will never ask a client to send money to anyone, and that when sending money using Zelle, clients sometimes receive messages alerting them to red flags that indicate a scam. Clients also receive alerts they are required to review and approve before the transaction can be sent.
Menotti said she never received a message about Zelle and scams before sending either of the transactions, but that she did immediately call customer service when she realized she had been tricked.
The bank spokesman further said that if a customer has questions after they receive calls or texts that appear to be from their bank, they should call the customer service number on their debit or credit card or review their transactions online to confirm any questionable inquiries.
Stopping a scam
In hindsight, there’s one thing Menotti wishes she had done differently.
“I think you’re so panicked when you think money’s coming out of your account,” she said. “But once I walked into my husband’s office and said, do you think this is legit, I should have just hung up.”
Ben Chance, chief fraud and risk management officer at Zelle, backs this up.
“There’s an endless barrage of email, text, phone calls, social media messaging that’s doing this type of impersonation or otherwise attempting to scam consumers,” he said.
The first thing customers should do if they receive a text or phone call that appears to be from their bank is not answer, Chance said.
“The safest course of action is to not respond to that, to pull up their wallet, look at the number on the back of their debit card and contact the bank directly,” he said.
Zelle also reminds users to only send payments to people they know and to be on the lookout for scams. It provides “risk insights” to the banks on its network that flag transactions that seem fishy. Zelle representatives were not able to comment on whether a risk insight flagged the transactions on Menotti’s account.
Congress is watching this space closely. In January of this year, Senators Elizabeth Warren, Sherrod Brown and Jack Reed wrote a letter to CFPB Director Rohit Chopra, urging him to come up with rules regarding what counts as an authorized or an unauthorized transfer under Regulation E. People interviewed for this article said that when Early Warning created its rule requiring banks to reimburse victims of impersonation scams last June, the CFPB held off on setting its own rule. If consumer complaints keep coming in, the CFPB may reverse this position.
Menotti eventually got her $3,500 back and she is pleased with that.
“I am disappointed with the terrible customer service and passing the buck back to consumers when federal Regulation E is supposed to protect them,” she said.
Financial institutions are looking to data-sharing consortiums to defend against financial crime as consumer fraud losses reached nearly $9 billion in 2022 and generative AI is enabling fraudsters to scale their operations exponentially. Consortiums new to market, including Plaid’s Beacon and Sardine’s SardineX, aggregate vast amounts of user information into databases that enable them to […]
In one week in April, Metro Credit Union received more than 450 fraudulent account opening applications.
Using manual processes, fraud and digital teams at the Boston-based, $3 billion credit union worked overtime to fend off a series of attacks that Chief Operating Officer Traci Michel believed was enabled by generative AI tools.
Photo by CanStock
“We’re getting it from all sides,” Michel told Bank Automation News. “When you see that type of volume coming into a platform, you have to imagine that there’s some type of computer-generated frequency that’s happening behind the scenes.”
Through informal conversations with colleagues at other financial institutions, Michel discovered that her peers were falling victim to the same attacks.Seventy percent of financial institutions reported losses of over $500,000 to fraud in 2022, according toAlloy’s State of Fraud Benchmark Report.
“The pattern was extremely similar,” she said. “[But] we didn’t have a tool that would help us try to interface and understand whether we were the only financial institution.”
Solutions for smaller FIs
Facing scaling fraud operations, Metro Credit Union turned to anti-fraud platform FiVerity, one of several companies using data collected from a group of member institutions to build records of blacklisted accounts and concerning patterns.
FiVerity opened its Digital Fraud Network in June to more than 100 small and medium-sized businesses for free, according to a release. Other clients include Grasshopper Bank, BHG Financial, and Digital Federal Credit Union.
“Some of the other vendors are going after the larger institutions,” FiVerity Chief Executive Greg Woolf told BAN. “Our focus has really been on the community banks and credit unions, and some of the smaller fintechs… who typically don’t get access to this level of technology.”
FiVerity also launched its Anti-Fraud Collaboration Platform in June, building on its existing network to offer new features to members, according to a release.
The Boston-based company, which raised $4 million in seed funding in April, uses machine learning and data from its members to draw insights and identify fraudulent users in real time, according to its website. Features of its Anti-Fraud Collaboration Platform include an explanation of its risk scoring system that enables customers to see why specific accounts were flagged, Woolf said.
It’s “providing a fraud score, but also providing transparency,” he said. It could be that “the Social [Security number] was used by somebody else, or another institution reported this address was linked to a crime rate… or other elements that could come off the dark web.”
FiVerity has worked with federal regulators, including the Federal Reserve and the Financial Crimes Enforcement Network, that have supported collaboration and promoted equity by encouraging service offerings to smaller FIs, Woolf said.
But bringing together FIs of a similar size and in the same region is also practical, as these institutions often face similar fraud threats, according to Woolf, who referenced an incident in which fraudsters in Maine targeted every financial institution with a branch on the main street of a single town.
“There’s a natural clustering, and that actually helps our models be more effective,” Woolf said, noting a 45% improvement over previous models by focusing on a specific demographic of FIs.
Metro Credit Union hopes that as more FIs join FiVerity’s consortium, the collaboration will help every member fight fraud.
“We’re very excited about the expansion on the client side, because it’s strength in numbers for us,” Metro’s Michel said. “The more financial institutions that are participating into the network and feeding their fraudulent application information, the more we can all benefit.”
A crowded market
Meanwhile, other fintechs have recently announced their own consortiums catering to larger clients.
Anti-fraud fintech Sardine announced its coalition, SardineX, in June to bring together major players from multiple verticals in a similar data-sharing arrangement.
“The way we are going to solve fraud in financial services is to share it across financial services,” SardineX President RaviLoganathan told BAN,adding that the company believes the industry should“not have the silos for fraud data sharing only for banks, and fraud data sharing only for fintechs.”
SardineX’s founding members include card issuer Visa, Williamsburg, Va.-based Chesapeake Bank and cryptocurrency platform Blockchain.com, according to its website.
The week before the Sardine announcement, data transfer fintech Plaid announced its consortium, Plaid Beacon, which focuses on building an after-the-fact fraud database rather than providing real-time insights. Founding members include credit card payment company Tally, buy-now, pay-later provider Uplift and Veridian Credit Union.
With more players entering the market, Metro’s Michel believes competing consortiums may need to work together to offer the best results for members.
“Competition just bears out that there will be multiple providers in the market,” she said, adding that she hopes to see “common data frameworks” used by Fis in the future.
What if a bank’s compliance software could relay messaging in natural language? That’s the question anti-money laundering fintech Lucinity is hoping to answer with Luci, its new generative AI-powered co–pilot for financial institutions. The tool was built in collaboration with Microsoft Azure’s OpenAI and uses natural language understanding to turn data into easy-to-understand insights and […]
Banks are exploring use cases for large language models to fight fraud as the technology’s ability to detect patterns in data and natural language is rapidly improving. JPMorgan is introducing large language models (LLM) into its cybersecurity infrastructure, adding the models to existing AI techniques used for fraud detection, JPMorgan Head of Payments, Trust and […]
Regulatory technology and fraud prevention are two areas that financial institutions should be investing in now to reduce losses and overhead costs. As state and federal regulators increase the number of regulations that financial institutions need to keep track of, lenders can reduce overhead by implementing regulatory technology (RegTech), Rilla Delorier, a board member at Coastal Community […]
Payments technology and the ability to facilitate real-time payments is top of mind for many financial institutions as the U.S. government’s real-time payments service FedNow is set to launch in July. Consumer adoption of digital payments proves that clients are ready for more advanced payments technology, and financial institutions are investing in tech to catch […]
Credit unions and community banks are looking to digital communications platform Eltropy to strengthen call center authentication and ultimately reduce fraud as voice-cloning tools and advanced AI present more opportunities for fraudsters within financial services. In the third quarter of 2022, email scams increased 217% year over year, especially following digitization that skyrocketed amid the […]
Synthetic identity fraud remains a constant challenge for banks, with a growing number of fraudsters attacking demand deposit accounts since the onset of the COVID-19 pandemic. In fact, one in three accounts within fintech and retail banking are synthetic, Mike Cook, vice president of commercialization – fraud solutions at identify verification fintech Socure, tells Bank […]
Financial fraud is big business for cybercriminals, with the Federal Trade Commission (FTC) estimating that $5.8 billion was lost to scams in 2021, a 70% increase from 2020. To fight the threat and help maintain compliance, several banks have turned to bots and robotic process automation (RPA). Ally Financial, for example, has partnered with […]
