Identity Thieves are Opening More Fraudulent Accounts Online

NWCUA experts advise credit unions to be on the lookout, check for inconsistencies in information provided by fraudsters.

9/11/18

Hooded man hacking into a computer.

Katie Clark, Northwest Credit Union Association Director of Regulatory Compliance and Risk Management, advises credit unions how they can spot and stop fraudulent online account creation.

Opening new accounts for new and existing members is a member service that credit unions are happy to provide. It allows an individual to open a new account from the comfort of their own home, but this also provides opportunities for identity thieves to open accounts using someone else’s information.

Fraudsters are skilled at determining some way that they qualify for the credit union’s field of membership. They might work for a select employer group (SEG), be related to a member, or live within a specified community within the field of membership. They avoid coming into a branch in person to open the account.

The fraudster has a lot of information about the individual they are impersonating. They will generally have the victim’s personal data and any information that can be gleaned from mail theft, credit reports, and other methods of identity theft. This means that the individual, when pressed, can answer a lot of out-of-wallet questions to help convince the credit union that they are truly the individual.

Once the fraudster opens the account, they have a few standard patterns. They will ask for a debit card and/or credit card right away. They will deposit fraudulent checks via the debit card and withdraw the funds before the checks are returned. If they ask for and receive a credit card, they will make large purchases or cash advances immediately upon receiving the card. By the time the credit union catches on, the fraudster is in the wind.

So how do credit unions spot these accounts? Over the years, there have been a few patterns that have become apparent.

First, if the credit union pulls a ChexSystems report, it is likely that the report will indicate multiple inquiries with multiple financial institutions over a large geographic region (meaning the FOM sited might not make sense).

If a credit report is pulled, the credit union might notice minor or major differences in the address supplied by the individual. This could include varying apartment numbers in the same complex or addresses in different cities or states. In almost every case, the fraudster will indicate that they recently moved and that is the reason for the variance in addresses. If you ask for a recent piece of mail to substantiate the address discrepancy, they can normally provide it (They have either changed the victim’s address, stolen the mail, or created a fake piece of mail.).

In some cases, where the fraudster claims to belong to a SEG, they might create a fake paystub. The fake paystub might look similar to others provided by other individuals attempting to open online accounts. Other times, the name of the relative that qualifies the fraudster for membership might be very generic.

A few other indicators can be the ID received during the online process (It may look outdated, fake, or the photo looks like a high school year book photo.).

One credit union was able to identify a pattern of fraudulent account opening through similar IP address, similarly configured email addresses, and similar phone numbers used by a group of individuals trying to open fraudulent accounts.

To guard against fraudulent account creation, credit unions should guard against the list of possible red flags listed above, know and follow their ID Theft Red Flags Program, and ask additional questions if any of the information supplied doesn’t match or doesn’t feel right. As with all fraud, it is important for credit union employees to trust their gut and conduct due diligence when something feels wrong.