Banking and financial institutions have a responsibility to help protect their consumers from electronic fraud and identity theft. These ever-present threats are only becoming more complex and sophisticated as time passes. Read on for some tips to help you safeguard your consumers from these types of crime.
What are electronic fraud and identity theft?
According to the Federal Bureau of Investigation, electronic fraud—also known as Internet fraud—is “the use of Internet services or software with Internet access to defraud victims or to otherwise take advantage of them.” The most common methods of perpetrating electronic fraud are personal or business email compromises, data breaches, malware, phishing, and ransomware.
Oftentimes, criminals commit electronic fraud to carry out identity theft. The U.S. Government defines identity theft as what happens “when someone steals your personal information to commit fraud.” Criminals who perform this type of crime use the stolen information for a variety of purposes. The most common uses include applying for credit, filing fraudulent tax returns, and getting medical services.
How can you protect your consumers from these threats?
There are several strategies that banks and financial institutions can use to protect their consumers from falling victim to these threats.
Be vigilant - Learn about common types of scams and pay attention to new and popular methods as they develop. Keep your team and consumers apprised of what they might encounter.
Keep your systems updated – Always perform any system updates in a timely fashion to ensure that your consumers’ data remains protected.
Train your staff to detect scams – On top of making sure your team remains aware of the possible risks they might encounter, you should train them in using policies that support good security. Here are some best practices in this area:
• Emphasize a “think before you click” policy. Encourage your team to double-check for suspicious email content (e.g., odd email addresses, unexpected typos, weird requests) before clicking on any embedded links or downloading any attachments.
• Educate your team about the marks of a typical phishing email. For example, phishing emails often appear to be sent from a high-level executive and generally ask for sensitive information to be emailed or uploaded.
• Encourage the practice of seeking verbal confirmation for any requests involving sensitive information. Teach them to verify the authenticity of email requests via phone calls or in-person conversations.
Inform your customers about potential scams – Though you cannot require customers to adhere to strict security policies like you can your team members, you can still give them access to information regarding scam tactics and best practices. Make the information available and encourage them to reach out with any questions.
Immediately refer any suspicious behavior to the proper authorities – If you, a team member, or one of your clients detects a suspicious email or falls victim to identity theft, immediately report the incident to the proper authorities. Visit usa.gov/stop-scams-frauds for information making a report.