How the Navy Federal Credit Union Blunted an Unprecedented Fraudulent Attack

Source: Shutterstock.

Fraudulent attacks on credit unions and banks have increased dramatically, and no one knows it better than Garin Danielian, assistant vice president of fraud analysis at the $151 billion Navy Federal Credit Union in Vienna, Virginia.

“In the fall of 2020, we were hit by an unprecedented attack from our perspective. We had a 7-10 day period where we received up to 2,000 fraudulent claims in an hour,” Danielian said during a SentiLink-sponsored credit union fraud roundtable last week. “We have received, during this week, an entire year’s worth of fraudulent requests compressed into seven days. As you can imagine, this put enormous pressure on the detection analysts, but also on everyone working on the investigative cases and on the people who then had to clean up 100,000 applications.

Max Blumenfeld, co-founder and COO of SentiLink in San Francisco, which specializes in identity theft and synthetic fraud solutions, also participated in the roundtable. Moderator of the discussion was Susan Ehrlich, board member of the $30.1 billion BECU in Tukwila, Wash., who most recently served as CEO of fintech lender, Earnest.

As this unprecedented attack was happening in 2020, Navy Federal was doing a proof of concept project with SentiLink and Danielian asked for their help.

“They basically jumped in with us and started going through the data on our behalf and sharing information,” he recalls. “And together we were able to blunt the attack. But it opened our eyes because we had never seen anything so automated.

Garin Danielian Garin Danielian

Danielian said automated attacks have become more common because fraudsters have improved their computer scripting and algorithmic capabilities.

“We don’t know if it was a very advanced and sophisticated (fraud) network. The techniques were certainly extremely sophisticated, or if we were hit by a nation-state actor, we don’t know. don’t know,” he noted. “But, if it happened once, I think it’s probably on the horizon for others.”

According to a recent executive report from Chicago-based BAI Banking Strategies, identity fraud and its various forms increased by 30% to 100% in 2020. These numbers have steadily increased in 2021, and similar trends have occurred in the COVID-19 relief fraud, social networks. engineering, credit fraud and other scams.

“The large influx of government stimulus measures designed to mitigate the impact of COVID-19 has created greater opportunity for crime, while the multi-million newbies to digital banking have created new opportunities for smart and smart scammers. dailies,” the BAI report notes; which looked in depth at how financial institutions can stem the growth of fraud.

Garin pointed out that the old systems of Know Your Customer and CIP (Customer Identification Program) are no longer up to the task. Historically, Navy Federal has looked at multiple points of information to validate if someone is who they say they are. But with so much Personally Identifiable Information (PII) available – both real and synthetic – it has forced the credit union to take advantage of newer, more efficient and more dynamic techniques.

“You have to use the information from each different control gate to make an informed decision in the end,” he explained. “And so we’re really focused on bringing our systems together, using the data to make a holistic decision so that it’s not all a binary choice. By the time you get to this loan application, after you sign up (and) after we’ve cleared you, we want to make sure this is the most important decision we can make.

Fraudsters know that financial institutions typically rely on name, date of birth, social security number, and address to secure accounts.

“That’s the biggest thing we’ve seen — the increase in fraud that specifically checks the exact boxes that institutions have historically searched for,” Blumenfeld said. “There’s a lot more relevant context in phones or email addresses. It’s really a function of how the institution contacts customers. This is where all the valuable fraud data resides.

Max Blumenfeld Max Blumenfeld

Garin agreed, noting that the cell phone is the new wallet.

“Collecting device information, collecting information about the email address used is critical to making an informed decision,” he said. “People aren’t going to branches to join as much, so (there are) a lot more digital-only apps. So you need to be able to assess known data points beyond my PII. What is the reputation of my device? What is the reputation of my email address? Are they both brand new? Have they ever been seen in the ecosystem? These things feed into your decision making and patterns so you have a much stronger pool to draw from when you want to score and make decisions.

Garin said Navy Federal has invested heavily in machine learning capabilities developed by the credit union and through vendors to identify suspicious apps, but it also has a remediation path for members to skip. through the process that was originally flagged as suspicious.

Blumenfeld suggested that credit unions can reduce friction in the process by sending a one-time access code to the member’s phone number, and in high-risk cases asking for government-issued ID seems appropriate. .

“It helps reduce fraud and actually improves the member experience for onboarding where historically things have been cumbersome and don’t need to be cumbersome,” he said.

Over the past 120 days, Navy Federal has seen a rise in fraudsters who cheat and defraud members and expects to see more of these frauds throughout 2022.

“The prototype scheme is a combination of some PII — possibly account takeover and social engineering,” Danielian said. “I’m sure everyone has received messages from their institution saying, ‘Hey, don’t give anyone your password. And we do the same. But we have had quite a significant increase in attempts and some success, unfortunately, of (social) fraudsters tricking our members into approving transfers or transferring money. And it’s new. »

Another scam is when members think they’re talking to someone on the phone from Amazon, Danielian said. But that someone is a scammer who tells the member that there is a problem with their account and they are instructed to take some action to fix it.

“The next thing you know their account with us is running out of money. And so we’re very focused on how we catch these (scams) and that requires a new approach,” he said. requires behavioral analysis. Is the way the fraudster transacts what my members usually do?” Danielian said Navy Federal is working on a solution to help detect this type of fraud.

Blumenfeld said he also expects to see a fairly large increase in ACH fraud.

“It’s all going to be linked to all these DDA accounts that had been linked to the theft of unemployment benefits,” he said. “The government was the victim before, but that tap has turned off, and financial institutions themselves will eventually suffer the consequences as fraudsters still control millions of accounts on behalf of victims.”