84% of consumers have used peer-to-peer payment services (P2P)—and 15% have been scammed. People use P2P payments for convenience. Then, fraudsters scam them by simply leveraging the ease of moving money without writing checks. Both consumers and lenders are at risk for fraud due to wildly popular payments systems such as Venmo, Zelle, ApplePay and PayPal. The two most common examples of P2P fraud are evolutions to age-old scams: posing as a legitimate transaction and masquerading as a bank to take over an account.
Fraudsters will contact a consumer and promise a product or service and ask for payment. They will even inauthentically ask for help, especially during the holiday season. But they will not deliver on any commitment. Once the fraudster convinces the consumer to pay, the consumer initiates a transaction through a P2P system to the fraudster and shortly thereafter the money leaves the account. By the time the consumer realized they have been victimized, there is no way to recover the funds.
The fraudster will contact the consumer, often posing as the fraud department of the consumer’s bank both through conversation and caller ID, stating that there is an issue with their account. The imposter tricks the consumer and then requests items like their SSN, account number confirmation or asks the victim to reply to a One-Time-Password request. The fraudster will use this information to gain access to online banking and either initiate a P2P transaction immediately or setup P2P and then initiate a transaction. This is a classic example of Account Take Over (ATO) that uses the bank’s fraud defenses for legitimacy.
These scams have been creeping in like waves during high tide. As a fraud detection and prevention expert, my banking customers have reported that these loss types account for 30-40% of fraud loss, making P2P scams one of the biggest drivers of overall loss.
Banks have historically tried to get money back, which is largely unsuccessful. They end up either taking the loss or holding the consumer responsible for the loss. This leaves consumers feeling victimized from both the fraudster and the bank. Consequently, it has driven many CFPB complaints.
On October 26, 2022, Senator Elizabeth Warren alerted the CFPB Director of this fraud mechanism and asked the CFPB to “update and strengthen regulations governing the obligations of banks to repay customers who are defrauded on Zelle and other peer-to-peer payment platforms.” Senator Warren has specifically addressed Zelle and its parent company Early Warning Services, LLC(EWS).
The most popular question about emerging or existing fraud trends is “How do I defend against this?” Like most fraud attacks there is not one simple answer because fraudsters are constantly evolving their tactics. But when the following list of defenses are used collectively, fraud attacks can be mitigated.
I recommend that my clients use each of the following to help defend against P2P, but they work for all types of fraud.
We have delivered customized assessments and prioritized enhancement plans so that our clients begin improving their fraud operations immediately. Our strength lies in our ability to see the bigger picture in macro trends and show our clients their risk. We have subject matter knowledge to identify weakness and advise you on real-world solutions to help you adjust how you conduct your business. We’ve balanced new strategies with customer experience, and then developed—and implemented—roadmaps that protect our clients and their customers now and in the future.
To begin your fraud P2P health check, contact us today.
[Editor’s note: this article was written by Dave Sanders, former Fraud Senior Program Manager at Bridgeforce]