All types of banking fraud, including online banking fraud, refer to the act of using illegal means to obtain money or other assets held by a financial institution.
A recent study from Lloyds Bank found that millennials are most likely to be conned by bank account fraud while over 55s lose the most money per scam. The study shows that 18-34-year-olds lose an average of £2630 to fraud, generally conducted by scammers impersonating bank staff, police, or HMRC personnel. With online banking fraud on the rise, more fraudsters are becoming implicated in scams. But what are the differences between these types of banking fraud and how do you know if you’ve been caught up in one, either as a victim or perpetrator?
Types of Online Banking Fraud
Online banking fraud can come in many guises.
Popular with fraudsters, phishing is a type of online banking fraud. The perpetrator sends a forged, realistic email that impersonates an online bank or payment site and redirects the recipient to a fake website that mimics the login page of the legitimate banking site.
The page then asks the user to update their personal information and steals it to hack the user’s accounts or steal their identity. With so much banking done online, especially by millennials, it’s not surprising that this is a common type of bank fraud. Fraudsters are becoming highly skilled at creating convincing emails and websites, which makes it difficult for victims to protect themselves from online banking fraud. They might even ask you to transfer money to another account by posing as bank staff telling you your account has been compromised. This is a common form of bank fraud.
Signs of phishing
Phishing scams share common red flags such as:
- Incorrect URLs that pose as the legitimate site but have slight, easily-missed discrepancies.
- Requests for information. These are usually made for sensitive information online.
- Unofficial email addresses. Phishers will not be emailing from your bank so there will be something ‘off’ about their email address.
- Impersonal emails. Your bank will address you by name, whereas phishers generally use a generic title such as ‘sir’ or ‘madam.’
- Spelling mistakes. Errors within the email are another sign that something isn’t right. Legitimate emails will always be meticulously written.
An Example of Phishing
Dubbed Operation Phish Phry by the FBI in 2009, hundreds of debit and credit card customers were targeted by fraudsters through official-looking emails directing them to fake financial websites. The websites hosted forms where victims entered their account numbers and passwords, handing their private data over to the phishing fraudsters.
CEO fraud is also known as Business Email Compromise (BEC) or whale phishing and occurs when a fraudster impersonates a senior manager or CEO to pressure an employee into making a payment.
The way CEO fraud works is usually via an email to the accounts team of a company that appears to be from a senior member of staff. The email requests an urgent payment to a partner or supplier.
Signs of CEO Fraud
Some key indicators of CEO fraud include:
- A display name spoofing an internal email address.
- A domain name impersonating the recipient’s domain name with subtle differences.
- A newly registered domain may indicate that the message is suspicious.
- Words such as “bank transfer” or “wire transfer” in the body of the email.
An Example of CEO Fraud
The Scoular Company were victims of CEO fraud and lost more than $17 million after fraudsters, claiming to be the company’s CEO, sent emails to an employee instructing them to transfer funds to what appeared to be the company’s accounting firm. However, this was a fake request and the funds were sent to a scam artist.
This method targets businesses by impersonating a supplier, usually via email, asking to update the bank details invoices are paid into. This might look entirely innocent if the fraudster has hacked the supplier’s info, as the request will appear to be authentic.
Signs of invoice fraud:
- An email that looks legitimate but asks you to start paying into a new account.
- A blurry logo that looks like it might have been scanned.
- Account numbers that look different from the rest of the font on the invoice.
- Invoices in even amounts and the same numbers across invoices that go against Benford’s Law (also known at the first-digit law). Benford’s Law states that invoice data generally follow these rules: 1 should appear 30% of the time, 2 should appear 17% of the time, and 9 should appear 4.5% of the time.
An Example of Invoice Fraud
A notable example of invoice fraud dates back to 2013-2015 when Facebook and Google were victims of fraud that cost them more than $100 million. In this particular case of online banking fraud, a Lithuanian hacker impersonated an Asian manufacturer and sent fake invoices to the tech giants.
Forms of Offline Bank Fraud
Credit or Debit Card Fraud
Skimming is the illegal process of duplicating the information found on the magnetic strip of a credit card. This usually happens when a credit or debit card is lost or stolen as the fraudster can skim the data located in the magnetic strip or use the card online by using the card details. While scammers can’t withdraw cash without the card pin, they can use the card to pay via contactless if this feature is enabled on the card. It is also possible to scan cards contactlessly through bags using an RFID reader which is more likely to happen in busy areas such as cities and public transport. Additionally, some retailers and merchants have been known to abuse customer bank information by stealing copies of the credentials while using the card during a purchase.
Signs of credit card fraud:
– If you haven’t lost your card, anything on your statement that doesn’t match your spending habits could be a sign of financial fraud.
– If your card is missing, you might have been a victim of credit card theft or, if you lost the card, you might fall victim to fraud if the card is recovered by someone dishonest.
For more information on banking and insurance fraud and the other types of banking fraud, such as investment fraud please visit our fraud page. If you believe you are being suspected of online banking fraud or think you have been implicated or are being investigated for a scam, please contact our team of specialist fraud barristers today.