The modern era of digital innovation is reshaping the global financial landscape and enabling consumers to pursue new avenues to investment, banking, and other financial services. The pace of change has created all kinds of opportunities, but it has also opened up gaps in risk that fraudsters have been quick to exploit.
Cryptocurrencies, originally hailed for their potential to revolutionize finance, have unfortunately become a breeding ground for a variety of scams. The onslaught of fraud attacks has prompted traditional banks to adopt a defensive position, recognizing the potential threats to their established roles as custodians of financial security.
How Banks Are Falling Victim to Crypto Scams
The decentralized and often anonymous or pseudonymous nature of cryptocurrencies poses a significant challenge to traditional banking. Unlike conventional financial transactions that typically involve known and regulated entities, cryptocurrency transactions can occur directly between users, bypassing the need for a trusted intermediary. This lack of intermediation usually means there is little or no verification of the identities of the actual players involved with these transactions. As a result, the rigorous oversight mechanisms that banks have traditionally relied upon to monitor and regulate financial activities do not apply.
For more information about how you can mitigate these types of fraud while enhancing your customer experience, contact us to speak with an expert.
The rising prevalence of scams and fraudulent activities within the cryptocurrency space has raised significant concerns about consumer protection and the potential for reputational damage to the broader financial industry. Instances of cryptocurrency fraud, including Ponzi schemes, phishing attacks, and ransomware, have become all too common, creating a sense of urgency among traditional banks to apply ways to protect their customers from falling victim to these scams.
Banks and other financial institutions are reassessing their strategies and implementing rigorous measures to safeguard their customers and the integrity of the overall financial ecosystem. This defensive approach involves measures such as restricting or blocking transactions related to cryptocurrencies, enhancing customer education on potential risks, advocating for stronger regulatory frameworks, and the application of disciplined and effective identity verification methods to mitigate fraud and scams in the crypto space.
Traditional banks find themselves at a crossroads as they try to balance innovation with security. Their defensive stance reflects a recognition of the transformative potential of cryptocurrencies, but also an acknowledgment of the critical need to address fraud risks. This judicious approach allows banks to navigate this evolving financial environment while prioritizing the protection of their customers and the stability of the financial system.
But cryptocurrencies are likely not going away any time soon, so some banks have been forced to take draconian measures in the meantime, such as completely blocking crypto transactions. The consumer demand for crypto continues to evolve, and more innovative measures are certainly forthcoming. Banks must protect their systems, so for now, the outright disallowing of crypto activity is their most potent counterattack. However, banks will eventually need to identify a usable way to incorporate crypto transactions to meet consumer demand, all without adding any additional risk to their financial systems.
The Impact of Crypto Fraud on the Global Banking System
A recent survey conducted by the Global Anti-Scam Alliance (GASA) in conjunction with Cifas, the UK’s most prominent fraud prevention agency, highlighted not just the rise of crypto-related fraud, but offered insights into the damage it has perpetrated with actual financial loss numbers. Shockingly, 10% of the surveyed British citizens had fallen victim to scams or identity theft in the last 12 months, resulting in substantial losses estimated at a staggering $9.3 billion.
Action Fraud, the central reporting hub for fraud and cybercrime in the U.K., stated in May that losses from crypto fraud surged by 40% compared to the prior year. These losses exceeded £300 million for the first time. Interestingly, the Financial Times reported that over a third of these losses transpired in November 2022, the month following FTX's declaration of bankruptcy.
Mike Haley, CEO of Cifas, explained the enormity of the issue: “Scams have now reached an unprecedented level, with criminals and career fraudsters constantly looking for new opportunities to scam UK citizens and cause significant distress to victims. In 2022, Cifas members recorded over 409,000 cases of fraudulent conduct to our National Fraud Database as criminals took advantage of the ongoing cost-of-living crisis to steal identities and take over customer accounts.”
U.S. financial institutions are also seeing a rise in fraud stemming from crypto activity. Data from blockchain analytics firm Chainalysis revealed a record surge, reaching $14 billion in crypto inflows to wallets associated with known criminal connections last year. In 2022 there were a series of notable hacks and scams targeting crypto investors, underscoring the growing challenges posed by illicit activities in the cryptocurrency sphere.
Erin West, the Deputy District Attorney in Santa Clara County (California), has been alerting crypto law enforcement groups about a fraudulent scheme known as "pig-butchering." This scam preys on trusting individuals, luring them into deceptive crypto investments online. She emphasizes that romance scams, often following a pattern of crypto investment fraud, are eroding an entire generation's wealth. Recent cases have demonstrated losses in the millions of dollars, portraying a distressing picture of the far-reaching consequences of these scams.
Banks Are Fighting Back Against Crypto Fraud
In response to this escalating issue, banks are starting to take a hard line in their attempts to combat fraud. Because crypto is at the root of so many of these scams and other attacks, many are now banning crypto-related transactions for their UK customers. Starting October 16, Chase Bank plans to decline customer attempts to make payments related to crypto assets via debit cards or outgoing bank transfers across the UK.
Mastercard recently introduced "Crypto Secure," a cutting-edge tool designed to aid banks in detecting and terminating transactions originating from crypto exchanges with a history of fraudulent activities. This advanced tool leverages sophisticated artificial intelligence algorithms to assess the risk of criminal involvement linked to crypto exchanges operating within the Mastercard payment network. To achieve this, the system carefully analyzes data derived from the blockchain, which serves as a publicly accessible ledger documenting crypto transactions, along with information from various other sources.
U.S. banks are employing various strategies and methods to combat the growing threat of crypto-related fraud. One of the most important tactics involves strict customer verification processes. Banks are enhancing their Know Your Customer (KYC) protocols, requiring thorough identity verification before allowing customers to engage in cryptocurrency transactions. This helps in mitigating potential risks associated with fraudsters using false identities or stolen personal information.
Banks are also prioritizing efforts to educate customers about potential risks related to cryptocurrencies. They are taking proactive measures to inform their customers about the dangers of scams and fraudulent activities within the crypto space. By raising awareness about common tactics used by scammers, customers are better equipped to identify red flags and exercise caution.
Financial services companies across the globe are closely monitoring transactions involving cryptocurrencies. Unusual or suspicious transactions are flagged for further scrutiny, aiming to detect and prevent potentially fraudulent activities. While some are adopting Chase’s stance of blocking all crypto transactions, others are implementing transaction limits and enhanced monitoring mechanisms, which help in monitoring and controlling the flow of funds related to crypto assets.
Chase's decision in the UK could start a broader trend. The rising levels of fraud and the associated reputational risks are likely to motivate more banks worldwide to adopt similar precautionary measures. The financial sector must evolve in balance with the evolving sophistication of scams, finding innovative ways to safeguard their customers' interests and maintain the integrity of the financial ecosystem.
Banks See Repeated Crypto Fraud Attempts From Known Attack Types
The underlying challenges primarily revolve around identity verification and the proliferation of various scam types. Scammers are becoming increasingly adept at building trust, leading to a surge in victims falling for crypto investment scams once that crucial trust is established. Banks and other financial services companies point to some time-honored ways that fraudsters do their work. As this list of examples shows, there is typically a combination of identity impersonation/theft, exploiting technology security gaps, and behavioral manipulation:
Fake Profiles and Personas
Fraudsters often create elaborate, convincing personas with fictitious names, backgrounds, and images. These fabricated profiles are used to present a trustworthy identity, which may include professional titles, certifications, and even personal narratives that resonate with potential victims.
Phishing through Spoofed Websites and Emails
Anyone intent on defrauding an institution has a wide array of tools at their disposal to support their efforts. By creating fake websites and emails that closely resemble those of reputable organizations, banks, or government agencies, fraudsters can look legitimate. They use these deceptive platforms to request personal information, such as passwords, credit card details, or social security numbers, ultimately leading to identity theft.
False Affiliation with Reputable Institutions
By claiming affiliation with well-known organizations, governmental bodies, or industry regulators, scammers can appear to be getting the implicit endorsement or approval of their services. This false association fosters trust and credibility, tricking victims into believing the scam is legitimate.
Impersonation of Trusted Figures
Fraudsters may impersonate trusted figures within a community, such as community leaders, influencers, or financial experts. By using their likeness and authority, scammers gain the trust of community members, increasing the likelihood of successful scams.
Identity Cloning and Account Takeovers
A common attack type – account takeovers – involves scammers cloning legitimate social media or email accounts of real individuals. They then use these cloned identities to establish trust within a network, enabling them to spread fraudulent messages, solicit investments, or carry out other malicious activities.
Using Stolen Identities for Transactions
In cases of identity theft, scammers acquire and misuse personal information stolen from individuals. They may use these stolen identities to open cryptocurrency accounts, conduct transactions, or even take out loans, all while evading detection due to the victim's compromised identity.
Creating Sympathetic Narratives
Fraudsters fabricate emotional or hardship narratives, claiming to have faced similar challenges or tragedies as their potential victims. By relating to the victim's experiences, scammers build a false sense of empathy, trust, and shared struggle and develop synthetic identities to fortify their narratives.
Manipulating Verification Processes
By submitting forged or manipulated documents to cryptocurrency exchanges or other platforms, scammers can exploit verification processes. This manipulation can enable them to appear as legitimate users, gaining trust within the system.
Why Banks Must Fortify Identity-Proofing to Combat Crypto Fraud
Stopping fraud necessitates tackling it at its core. Initiating digital identity-proofing measures right at the outset of customer engagement is vital to ensure a strong level of certainty regarding the consumer's identity. In simple terms, constructing an efficient user flow that effectively thwarts fraud necessitates a thorough confirmation of the person at the receiving end of the digital interaction. This confirmation level stands as a pivotal element in determining the success of all ensuing interactions.
The effort is not without its challenges. One of the most pressing concerns is the persistent threat of identity theft and fraud. Criminals are continually devising sophisticated methods to steal personal information, which can then be used for fraudulent activities such as account openings, transactions, or loan applications, posing substantial risks for both banks and customers.
A particularly elusive challenge is the rise of synthetic identities, where fraudsters create new identities using a mix of real and fabricated information. These synthetic identities can bypass traditional identity verification processes, making detection more difficult. Moreover, banks must navigate stringent data privacy laws and regulations, such as GDPR and CCPA, while collecting and storing customer data, striking a balance between identity verification and privacy concerns.
The shift in using crypto as part of online banking processes and digital transactions poses another challenge—verifying the identity of remote customers. Designing efficient digital onboarding processes that ensure robust identity verification while maintaining a seamless user experience is an ongoing struggle. Additionally, fraud techniques are continuously evolving, requiring banks to constantly update their identity verification processes to stay ahead of fraudsters.
Addressing these challenges requires a comprehensive approach involving technological advancements, policy improvements, collaboration within the industry, and ongoing adaptation to emerging threats. It's imperative for banks to invest in and innovate identity-proofing measures to enhance security and protect their customers from evolving fraud tactics.
For more information about how to strengthen your identity-proofing and mitigate scams and identity fraud, contact us to speak with an expert.
Keep reading
Developers know identity verification is an essential element of effective digital onboarding and the customer lifecycle. Choosing the right one can feel like navigating a maze of features and complexity.
In an age where our smartphones have become almost like extensions of ourselves, the identity assurance achieved through smartphone possession and data is a natural evolution.
Rodger Desai, CEO of Prove, a leading identity verification solution provider, offers a unique perspective on the rising fraud in the gig economy, advocating for robust digital identity verification as a key defense mechanism.