“Credit unions across the country are on high alert for scammers looking to take advantage of members during the pandemic and are stepping up fraud prevention efforts as a result,” according to PYMNTS’ April Credit Union Tracker® done in collaboration with PSCU.
Detailing warnings recently issued by New York's Sidney Federal Credit Union and the City of Boston Credit Union, among many others, credit union (CU) members are the target of cyberattackers posing as the Centers for Disease Control (CDC), the World Health Organization (WHO) and other legitimate organizations publicly associated with the pandemic response.
The fact that fraudsters use tragedy for their own gain is nothing new, of course. But attack vectors and sheer COVID-induced mayhem are ideal conditions for cybertheft, and CUs are in the crosshairs of several familiar scams that have rapidly spread, much like COVID itself.
Analyze and Strategize
CUs have taken heat for not following tech trends or digitizing fast enough. Ironically, the fact that many CUs have undertaken core systems upgrades can make them a more visible target, although one that has been hardened against just these kinds of cyber raids.
“Advances in payments technologies are making consumer transactions more secure,” the report states. “Fraudsters are finding increasingly sophisticated ways to beat the system to commit financial fraud, however,” including big spikes in phishing attempts. The latest report explores how “…data analytics and advanced learning tools such as machine learning (ML) can help CUs safeguard their platforms and customers against potential threats.”
According to Jack Lynch, senior vice president and chief risk officer at PSCU and president at CU Recovery, “A focus on data analytics enables credit unions to not only better understand their members and make strategic decisions on product and service offerings to fit their current and future needs, [but] it also provides insight into how they are transacting. This, in turn, helps mitigate fraud.”
Mentioning PSCU’s proprietary fraud prediction and detection using machine learning, anomaly analysis, phone printing technology, data analytics, human intelligence and “a consortium of data to monitor connected events across multiple channels,” Lynch said this “…enables credit unions to meet force with force via shared data against the threats collectively faced by the industry. Financial institutions should leverage data analytics to their benefit. Delivering more robust analytics for predictive modeling as well as [continually investing in and deploying] multilayered fraud mitigation tools helps identify spending trends and fight fraud."
Phishing, Smishing and the Value of Education
It never ceases to amaze how tireless and creative bad actors are about stealing your money. It’s almost as if the entire world was thrown off its game, with the exception of criminals.
The April Credit Union Tracker® details much of this nefarious activity – a most valuable read on those merits alone – and we learn about “…clone phishing, spear phishing, smishing and other specialized types of phishing. The difference between legitimate and phishing emails is thus becoming difficult, which makes it imperative for CUs to educate their customers about the risks and urge them to be mindful about validating email addresses.”
For their part, credit union service organizations (CUSOs) are making advanced threat detection and avoidance tech available to members via unified platforms, as well as application programming interfaces (APIs) that are specialized in the latest attack vectors.