Skip to main content

Looking for Valuant? You are in the right place!

Valuant is now Abrigo, giving you a single source to Manage Risk and Drive Growth

Make yourself at home – we hope you enjoy your new web experience.

Looking for DiCOM? You are in the right place!

DiCOM Software is now part of Abrigo, giving you a single source to Manage Risk and Drive Growth. Make yourself at home – we hope you enjoy your new web experience.

AI fraud challenges: How to guard against losses

Joann Millard, CAMS
July 10, 2023
Read Time: 0 min

Stay up-to-date on AI fraud trends to protect your clientele

Emerging AI fraud schemes reveal holes in financial institution's defenses. Here are several suggestions for tightening security.

Get more tips for managing the AML program from this webinar: "Conquering BSA challenges: Best practices for managing a successful AML program"


The rise of AI

Understanding AI fraud schemes

Integrating artificial intelligence (AI) presents promising opportunities and daunting challenges in today's ever-evolving world of financial transactions and digital advancements. As we harness the power of AI to enhance operational efficiency, detect patterns, and optimize decision-making processes, financial institutions must remain vigilant. Nefarious actors can also use AI for illicit purposes, so it is essential that your fraud and AML/CFT program guard against AI fraud. 

An example of a rising AI fraud scheme is using voice-to-text technology, such as Microsoft’s new Vall-E Text-to-Speech System. This technology can convert written words into speech that sounds like a recorded person using only three seconds of a voice recording. AI fraud perpetrators can purchase someone’s personal information (name, address, phone number, and social security number) on the dark web, then call the unsuspecting victim, perhaps pretending to be a salesperson to get the victim talking. 

Best practices

Addressing AI fraud in your policies

AI fraud can be particularly tricky because it impacts how financial institutions verify customers’ identities. In combating AI fraud, it is imperative to consider that successful phishing or smishing expeditions, or illicit dark web transactions, often result in criminals gaining access to unsuspecting individuals’ online banking credentials. Perpetrators who access the victim's online banking profile can alter crucial details such as their address and phone number and take over the victim’s account, obtaining complete control.  

If an institution’s fraud department detects a distinct IP address accessing the compromised online banking information, the following procedural questions should be addressed in its fraud prevention program: 

  • How should you contact the client to ask if they made a change to the account?  
  • Do you call the client with the last phone number on file or the new phone number in online banking? 
  • Do you send a secure message to the client through the online banking profile?  
  • How do you know you are speaking with your client, not the fraudster?  
  • What security questions do you ask?  

Improved security

How the right security questions can guard against AI fraud

Security questions should be easy enough for legitimate clients to authenticate but difficult for fraudsters to guess, research, or obtain. Public social media sources have made it easier for fraudsters to obtain information by looking at what people post online. Many viral social media posts encourage users to share answers to “get to know me” questions, revealing the model of their first car, their favorite colors and foods, or the name of their best friend. These games might seem innocent, but they can provide easy access to answers that financial institutions use to identify clients.  

Thanks to AI fraud perpetrated with voice-to-text technology, you may not always be able to trust the voice you hear on the phone. However, you should be able to trust the answers to specific security questions. Some financial institutions set up unique passwords to verify their clients’ identities. On top of a unique password, here are some other security questions that can help tighten security: 

  • Which branch do you frequent? Staff can easily verify this; an identity thief is unlikely to know the answer if you have multiple branches in one geographic area.  
  • What is the amount of your most recent deposit? This question can be helpful, but remember that if someone else has access to the client’s online banking account, they may be able to see recent deposit amounts. Don’t rely solely on this response. 
  • Are there other signers or beneficiaries on your account? A fraudster might be able to guess a signer but is unlikely to know of any beneficiaries. 
  • Who is your assigned representative or loan officer? Depending on the size of your financial institution, asking for the name of one of your staff members can help identify clients. 

Just as important are the security questions set up for your clients. Keeping these specific can help prevent fraud. Some suggested questions include: 

  • What was your phone number as a child?  
  • What was the first concert you attended? 
  • What was the name of your childhood best friend? 
  • What was your favorite childhood toy? 
  • Who is your favorite sports player? 

AI fraud resources for customers

Protecting your clientele from AI fraud

AI fraud is not top of mind for most bank and credit union customers. Your financial institution can help build awareness and encourage best practices for protecting personal information by providing educational materials to your community. The FDIC offers resources tailored toward older individuals, and you can order free brochures from the Consumer Financial Protection Bureau to hand out to your clients.  

As technological advancements progress, the need for heightened vigilance and security measures within your financial institution becomes increasingly paramount. Staying current with AI fraud will help safeguard your organization and clientele. Ensure all personnel in contact with clients are trained to ask the right questions, not just the easy ones. Consider collaborating with experts to identify malicious applications and get the latest information and best practices to stop fraudulent activity. You can also proactively prevent fraud losses and protect your community with fraud detection software. By collectively striving to deter bad actors, we create a more secure environment for all stakeholders. 

Help your team plan for the unexpected with this webinar: "Building a strong future: Succession planning strategies for your AML program."

keep me informed Watch Webinar/
About the Author

Joann Millard, CAMS

Senior Financial Crimes Investigator
Joann Millard is a Certified Anti-Money Laundering Specialist and a member of ACAMS. She has been with Abrigo since June 2020 when she worked as a contractor and became an employee in March 2021. Prior to that, she spent 25 years in the banking industry working in Jefferson City, MO

Full Bio

About Abrigo

Abrigo enables U.S. financial institutions to support their communities through technology that fights financial crime, grows loans and deposits, and optimizes risk. Abrigo's platform centralizes the institution's data, creates a digital user experience, ensures compliance, and delivers efficiency for scale and profitable growth.

Make Big Things Happen.