CSCU Answers Frequently Asked Fraud Questions
July 12, 2012
July 12, 2012
CSCU and FIS recently hosted a webcast “Ask the Experts” to discuss strategies to prevent, detect and recover from fraud attacks. Featuring insights from a panel comprised of industry experts, plus a credit union that’s winning the fight against fraud, the response was overwhelming.
Lots of great information was shared, including answers to the questions that concern you most. Below is a transcript of some of the highlights from the Q&A session. To view the on-demand version of this event, go to www.cscu.net/fraud.
- What are current fraud trends?
E-commerce fraud, foreign fraud, domestic fraud in stores, vishing and SMiShing, mobile fraud, and ATM fraud.
- What are some best practices for detecting fraud?
For ATM fraud, visually check ATMs for skimming devices and review data for unusual activity.
For card-not-present, lost, stolen, mail theft, and account takeover fraud, establish the following best practices: CVV /CVC matching, 24/7 Neural Network monitoring, real-time decision making, address verification, authorization name match and daily parameter controls.
For protection against Web site phishing schemes, implement good anti-virus software.
To detect wire fraud, monitor transactions and when unusual transactions have been identified block and investigate the transaction.
For additional best practices, read Fraud Prevention Issuers Best Practice Guide at www.cscu.net/fraud.
- What are best practices for determining if you’re under “attack”?
An increase in the case detail report.
An increase in fraud alerts may indicate a fraud or breach incident that may impact your cardholders.
- How do we minimize risk?
Establish daily parameter controls such as daily limits, country code blocks and merchant code blocks.
- How do we educate our members about fraud?
CSCU fraud kits (available at www.cscu.net/marketing), tips posted on your Web site, newsletter articles and take-one flyers in the lobby.
- What risk management tools are available?
Internal tools, such as daily report monitoring and reviewing the incident report for all fraud, chargebacks and disputes can help credit unions minimize risk.
- What are best practices for recovery strategies?
Establish procedures of what to do once a loss has occurred and involve law enforcement.
- How do we reduce fraud loss and avoid costly write-offs?
FIS Secured for Debit and Credit cards can protect credit unions against unrecoverable fraud losses over $50 per occurrence. Click here to learn more.
- What are best practices for blocking foreign transactions?
Use daily parameter controls and country code blocks. If you do not want to block a whole country, credit unions can allow certain merchant category codes (MCC ) and block others.
- Once a breach or compromise has been announced, what steps should we take to determine an appropriate course of action?
COM PROMI SE MANAGE R™ is a secure browser-based tool used to help credit unions to effectively and efficiently manage compromised credit card accounts for both Visa® alerts and MasterCard® events. This tool helps to evaluate risk, selectively block accounts, reissue plastics, notify affected cardholders, and enable targeted fraud monitoring.
- Will U.S. be moving toward chip cards anytime soon and do chip cards help prevent fraud?
Yes, eventually, chip cards will be required for all transactions. Click here to learn more.
- What is the best way to review data to look for test transactions and to determine if there is a fraud pattern that may hit the CU before it hits?
Many fraudsters are moving away from using test transactions to commit fraud. Monitor the daily reports and look for recent fraud accounts and use that data to cross reference test transactions.
Read more at www.cscu.net/fraud.
Strategic Link is the NWCUA’s wholly-owned service corporation, providing the Association’s member credit unions with exclusive high-quality, competitively-priced products and discounted services. Questions? Contact Sales & Marketing Associate Craig Reed: 206.340.4789, firstname.lastname@example.org.
Posted in Advocacy News.