Industry Thoughts

4 fraud risks to know for 2024 (according to experts from Bill.com & BHG Financial)

minute read

In our October 2023 State of the Industry Survey, 76% of fraud and risk leaders across both fintechs and financial institutions reported an increase in fraud attempts this year.

This begs the question: Are the remaining companies doing something differently to prevent such attacks — or have fraudsters gotten even better at slipping by their defenses undetected?

The answer is both: As fraudsters launch more sophisticated attacks and rely on an increasing repertoire of techniques, most organizations should expect and experience an uptick in fraud attempts. At the same time, there are some clear and compelling ways to reduce risk, especially when using the latest digital technologies to augment traditional fraud detection capabilities.

In our recent webinar, “Fraud predictions for 2024,” I was joined by leading fraud and risk experts Maria Pukhovskaya, Senior Manager, Threat Intelligence, Bill.com and Michael Coomer, Manager, Fraud Management, BHG. We discussed the trends that companies should be on the lookout for in the coming year, as well as steps they can take to safeguard against risk of all kinds.

Trend 1: The risk of first-party fraud continues to rise. 

When the economy falters, fraud rises.

High interest rates, mounting credit card debt and increasing loan delinquencies in the U.S. and around the world, are clear signals that many people are struggling to make ends meet, which is often linked to an uptick in first-party fraud.

Here’s what I shared: “The urgency, the uncertainty that people are feeling right now makes it easier for them to rationalize making little changes to documentation, such as pay stubs and bank statements, to make their profile look a little better. People may have every intention of paying those loans or lines of credit off, but the fact remains that they are committing first-party fraud.” 

So just how big is this issue? In our 2023 Document Fraud Report, Inscribe found that 42% of fraudulent documents received during underwriting included manipulations to financial details like bank balances, transaction amounts, and transaction descriptions, but no manipulations to identity details.

This type of fraud is particularly challenging for banks and financial institutions because it is so hard for human analysts to detect minute manipulations within otherwise real documents. In the coming year, we expect this issue to increase as people leverage advanced digital tools and even turn to generative AI to manipulate or forge documents.  

 

Trend 2: Card compromise takes on a social engineering element.

Card compromise has always been a fraudster favorite — but in 2024 it may look a little different as bad actors get more resourceful.

 “We're seeing a lot more creativity with fraudsters who purchase partial card data cheaply on the dark web,” confirms Maria. “This information isn’t entirely useful on its own, but when combined with social engineering, such as posing as a fraud investigator from the financial institution and reaching out to the card owner, fraudsters are able to gather the information they need to advance an attack.” 

This trend extends beyond card-related scams, as we see evidence of fraudsters using public information to plot their next move. For example, in September, Telegram users created a new group targeting a specific bank on the same day that the organization announced its plans to conduct a service upgrade. This underscores the idea that fraudsters are using any and all snippets of information to begin an attack — and may potentially turn to individual targets themselves to continue the path.

 

Trend 3: Crypto-related scams are targeting high-value customers (and their banks). 

Pig butchering scams — 2024’s version of the romance scam — sounds as awful as it is. In these attacks, fraudsters build digital relationships with relatively affluent individuals with the goal of convincing them to invest in bogus cryptocurrency platforms. 

What makes pig butchering scams particularly concerning to financial institutions, is that most people are goaded into taking out a loan to meet the supposed investment requirement, increasing losses for both individuals and institutions.

“This type of crime is very hard for traditional systems to identify because the people taking out the loans are real individuals, often with a great customer profile and established history,” says Michael. “Oftentimes, these people are being coached by the fraudsters to help ensure they are approved.” 

As these scams become more common, it's important for banks and financial institutions to examine the secondary and tertiary levels of the profile and look for similar patterns across applications that could indicate the customer is being used as part of a scheme.

 

Trend 4: The role of business email compromise (BEC) expands.

In keeping with our theme of evolution and expansion, business email compromise (BEC) is another area within the fraud landscape that is reaching new heights.

 Whereas previously the most common form of BEC fraud involved diverting funds that were being sent between two parties, now fraudsters are using compromised emails to open accounts. Information or documents contained with these emails, coupled with other details they may have about the person or business, are enabling more sophisticated identity theft attacks that prove challenging for financial institutions to detect.

“Fraudsters are learning how to use existing assets, like compromised emails, in new ways,” says Maria. “Oftentimes there's a lot of really great information that fraudsters can glean from those messages — ID numbers, bank statements, personal information, even passwords. We’re seeing an uptick in sophisticated cases of identity theft that can be traced back to something as simple as a compromised email.”

 

Create a stronger fraud detection and prevention function in 2024

To safeguard against these rising trends as well as a whole range of fraud techniques, organizations must adapt and modernize their fraud strategy and tooling. Here are some quick tips from our expert panel on how to reduce risk:

#1 Continuously assess and adjust existing controls and tools to address the evolving threats within the current landscape. 

#2 When a fraud event occurs, explore how the fraudster was able to circumvent existing protocols and update weaknesses accordingly.

#3 Leverage the latest digital technologies to identify trends more quickly, as well as augment the capabilities of human risk analysts with “superhuman” powers.

#4 Collaborate with industry counterparts through various forums and consortiums to stay on top of the latest developments, as well as share best practices and successful strategies.

If there is one thing that our panelists and almost every industry expert can agree on, it’s that fraud occurrences will increase and likely become more complex in the coming year. For fraud teams to fulfill their primary function of reducing risk, as well as help the organization identify the clients that will fuel healthy, responsible growth, they need to develop the strategies, build the skills, and adopt the solutions that will help them stop all matters of fraud — from the trendy to traditional.

If you’re ready to take your first step to reduce risk and grow revenue with an end-to-end Risk Intelligence solution, speak with a member of our team. Or, you can test drive Inscribe yourself with our interactive product tour.

  • About the author

    Andy Bernard is a Senior Product Manager at Inscribe AI. He has previously served as the product lead for financial crime compliance at Checkout.com, in addition to roles with Hotels.com and HSBC. Andy has his Bachelors from University of Warwick and has a professional degree in banking practice and management from IFS School of Finance. He currently resides in London, England.

Deploy an AI Risk Agent today

Book a demo to see how Inscribe can help you unlock superhuman performance with AI Risk Agents and Risk Models.