A server room data center

Why categorization is a key component of scam prevention

Authors

  • Arpi Lal

    Partner and New York Office Leader, Forensic & Integrity Services, Ernst & Young LLP

  • Clay H Roberts

    Senior Manager, Forensic & Integrity Services, Ernst & Young LLP

2 minute read 30 Aug 2024
Related topics
Forensic & Integrity Services

By categorizing scams by specific typologies, industry leaders are mitigating risk and improving the fight against financial losses.

Part 2 of 4 in a series focusing on scam insights and points of view

In Part 1 the significance of categorizing scams was emphasized as a critical component in the fraud prevention process.

The most recently published Federal Bureau of Investigation (FBI) Internet Crime Report1 revealed that investment scams, confidence/romance scams and technology support/government impersonation scams led to customer losses exceeding $6.5 billion last year. The EY Forensics team observed that institutions primarily categorize scams into two specific groups: account takeover (ATO) or new account fraud (NAF), with many scams not squarely fitting into either classification. The unintended consequence of this limited classification is that institutions focusing solely on ATO and NAF prevention and detection miss the root cause of various other scams and their associated red flags.

Download the full article

PDF (289 KB)

How EY can help

Industry leaders are tracking fraud typologies on a more granular level, which has enabled greater insight into areas of exposure, and a better understanding of what is driving losses for themselves and their customers. Benefits to categorizing scams include the ability to bolster preventative controls, customer education, and employee education related to the institution’s unique exposure, which will aid in identifying scams before financial loss occurs.

 

Investment scams promote false success stories to lure investors into transferring funds to fraudulent opportunities. Similarly, pig butchering scammers, a commonly used industry term, build nonfinancial relationships with their victims before introducing a fraudulent investment plan for them to invest in. In these instances, it is generally the authorized user of an existing account sending funds willingly to the fraudster while still maintaining control of their accounts. Neither of these is an ATO or NAF situation, as they more closely resemble a confidence scam.

 

Categorizing the scam as either an ATO or NAF may not provide the institution with sufficient information to effectively identify the vulnerability. A key component of categorizing scam typologies is to determine whether the fraud was a result of coercion, and an authorized user was the one making funds transfers, or a breakdown of the control framework occurred, and a fraudster gained unlawful access to the funds. Industry leaders have taken the process a step further by categorizing scams into specific typologies once they have determined the scam does not fall within the ATO or NAF category.

 

Key typologies industry leaders are tracking include:

Impersonation scams

Romance scams

Investment scams
  • Use of anonymous payment methods
  • Inconsistent contact information
  • New and unknown beneficiaries added
  • Foreign transactions with no apparent business reasons
  • Large investment transactions inconsistent with historical account activity
  • Beneficiaries with little online presence

Key takeaways

The EY Forensics team helps clients identify and educate customers.

  • Institutions should alert their customers to red flags like forceful sales, unknown requesters, emotional pressure and demands for sensitive information.
  • Adding additional controls such as text confirmations, daily limits, extra verification and additional friction for atypical payment requests can further shield customers from potential losses.
  • When institutions face customer losses, a mature, well-bolstered categorization process can aid in streamlining and fostering consistency and accuracy in the investigation process.

Nick Spinella and Casey Fitzgerald also contributed to this article.


Summary 

Industry leaders are improving fraud prevention by categorizing scams in detail, enhancing their understanding of the risks impacting their business and allowing for better allocation of resources when designing control measures to prevent losses. This approach includes educating stakeholders and recognizing nontraditional scams like investment fraud and pig butchering, where victims willingly transfer funds. Categorization helps institutions identify specific vulnerabilities and manage fraud more effectively by distinguishing between scams involving coercion and those due to control failures.

About this article

Authors

  • Arpi Lal
    Partner and New York Office Leader, Forensic & Integrity Services, Ernst & Young LLP
  • Clay H Roberts
    Senior Manager, Forensic & Integrity Services, Ernst & Young LLP
Related topics
Forensic & Integrity Services

Related articles

How the rise in scams is driving regulatory action

The recent increase in scams has forced institutions to reassess control framework components to better mitigate losses and avoid litigation. Learn more.

Arpi Lal + 1

How to enhance your fraud SAR filing process

With fraud on the rise, some actions can help promote a culture of compliance at your organization. Learn how to enhance your fraud SAR filing process.

Walid Raad + 1

Wealth and asset management fraud insights point of view 2024

Firms should continue to improve how they track specific fraud typologies to better allocate resources and address their fraud risk exposure. Learn more.

Walid Raad + 3

    EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.