June 2015 Issue

Our 'Newsletter on Financial Fraud' is your monthly insight into the various new fraud types and methods used by fraudsters globally in the banking space. 

In this issue, we bring to light the effect of banking fraud creeping in and making banks lose millions to this plaguing menace.

Reserve Bank of India looks to set up Central Fraud Registry


Mindful of the impact of frauds on banks' financials, the Reserve Bank of India (RBI) will soon set up a Central Fraud Registry as part of an early warning system. The idea is to set up a structure for quick sharing of information about unscrupulous borrowers and help banks fight bad loans.

"It will come up soon. Work is under way to set up the Central Fraud Registry," a top RBI official told PTI.

The Registry will work under the supervision of the RBI, the official added. Currently, there is no single database that lenders can access for all relevant details of previously reported frauds.

The structure, which is in the works, will make available more information to banks at the time of starting a banking relationship, extension of credit facilities or at any time during operation of an account.

For instance, at the time of sanctioning of a loan, banks can make use of the registry by checking the credentials of a borrower.

For good measure, the CBI and the Central Economic Intelligence Bureau (CEIB) have shown interest in sharing their databases with banks which in turn can be fed into this centralized searchable database that can be accessed by banks.

According to RBI data, gross NPAs (non-performing assets) of PSU banks stood at Rs 2,60,531 crore as of December 2014. And the top 30 defaulters are sitting on bad loans amounting to a huge Rs 95,122 crore, which is more than one-third of the entire NPAs of public sector banks.

The total number of borrowers having defaulted on Rs 10 crore and above at the end of September 2014 read 2,897, with an outstanding of Rs 1.60 lakh crore.

The RBI has issued necessary instructions, including those on creating a framework for revitalizing distress assets, to improve asset quality of banks and prevent slippages.

The law stipulates that each bank should have a board-approved loan recovery policy. It has also been mandated that NPA accounts of Rs 1 crore and above need to be vetted by the board.

Source: DNA

Biz Email Fraud Could Hit $1 Billion


Wire fraud perpetrated via business email compromises has quickly become a top concern for banking institutions. David Pollino, bank fraud prevention officer at Bank of the West, now predicts wire fraud losses in the U.S. linked to such "masquerading" schemes could exceed $1 billion this year. In fact, the losses from these emerging schemes could be higher than any wire and ACH losses linked to account takeovers, he says.

"Traditionally, whether it was phishing or malware, you saw the criminals getting the username and password and then executing the transaction or takeover of the victim's computer to wage the attack," Pollino says. "With these new attacks, we see the actual compromise of the business. The victims are fooled into the legitimacy of the wire transfer."

Masquerading schemes do not involve malware or an account takeover. Instead, attackers use socially engineered schemes that are designed to fool a business's accounting or administrative staff into scheduling an urgent wire transfer they believe has been requested by the CEO or other corporate executive, Pollino explains.

These attacks, waged against a banking institution's commercial customers, may involve a spear-phishing attack to take over a corporate executive's legitimate email account, or the creation of a similar domain so that fraudulent emails sent appear, at a glance, to be legitimate, he says.

In January, the FBI issued an update, noting that business email compromises had been reported in every U.S. state, as well as 45 countries. The FBI estimated fraud losses tied to business email compromises totaled $214 million globally from October 2013 through November 2014.

This is why businesses need to have tools in place to ensure they can review and authenticate these transactions before they submit the wire transfer request to their bank or credit union, he adds. What's more, banking institutions need to have additional measures in place, such as a multi-person approval process, to ensure wire-transfer requests are legitimate before they are approved, he adds.

"Financial institutions should be educating their customers, and they should do callbacks and modify their [callback] scripts to ensure that they are pointing out the current fraud trends, such as red flags that go up when an urgent or quick transaction is requested," Pollino says.

Source: Bank Info Security

Fraudsters steal £84,000 in bank scam


Fraudsters using a complicated bank phone scam have stolen £84,000 from a handful of people in just one week in the UK.

An investigation has been launched after five individuals fell victim to the fraud over the past few days, with the majority living in Inverness. "A total of £84,000 has been taken, which we are trying to trace," said the inspector, who is leading the inquiry. "These are just normal folk who have been talked into handing details over to someone who says they are phoning on behalf of the bank. It is a very short space of time in which this has happened and we are currently talking to banks."

The victim receives a call from someone claiming to be from a financial fraud investigation team who states there has been suspicious activity on their bank account.

Some people have been told a secure safe deposit account has been specifically created for them, into which they can transfer money. However, once money is moved into the account it is taken by the criminals. In an additional twist, victims are instructed not to contact their bank because individuals in the branch are under investigation. The idea behind this is to cast doubt and prevent the victim from visiting their bank to notify them of the call.

A similar scheme was used to defraud people in the Highlands two years ago and police are warning the public to be on their guard.

Source: Iverness Courier

Cybercrime increased by 300% compared to last year


Cybercrime in India has increased by 300% since 2013 as the research by thepaypers.com indicates. Cybercrime in India has been on rise for last couple of years.

According to Mumbai police hacking, phishing and Nigerian fraud have risen to 36 in 2014 until October since 2014 from 9 registered in October 2013. 136 cases of cyber offences were registered in 2013 October compared to 418 in 2014 October.

The e-commerce in India has grown by leaps and bounds until recently. This has not only made online shopping a pleasurable experience but also made e-portals vulnerable to various cyber threats. Storage of various customer information have painted them as the next high priority target. Recent incidents of Cybercrime in United States are the clear indication of incoming danger.

In cases of Nigerian fraud, the victim receives an e-mail or SMS stating the mobile number or e-mail of the selected lucky draw in millions of United States dollars or British pounds. These e-mails or SMSs contain the contact number for claiming the money. The fraudsters also ask for meagre amount of money for clearing customs and for domestic money conversions. The fraudsters provide the account number where the specific amount has to be deposited.

In cases of phishing where the fraudsters sends an e-mail to a user falsely claiming to be an established legitimate enterprise. This fraudulent enterprise in attempts to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords, and credit card, and bank account numbers, Cybercrime is truly a menace.

Source: CustomerXPs

Related Blogs and Posts

Subscribe to Our Monthly Newsletter

Get insights & updates from the world of financial crime management in your inbox. Be on our newsletter mail list.

Subscribe Newsletter


©2017. CustomerXPs® Software