Skip to main content

When FinCEN issues advisories, financial institutions need to know what this means for them regarding their suspicious activity monitoring and reporting programs. FinCEN has identified financial red flag indicators of ransomware-related illicit activity. These indicators can be used in training front line staff as well as AML and fraud investigators.

While much of the cybercrime detected comes from simple techniques such as phishing, others are becoming more sophisticated and complex. Malicious software often encrypts data and prevents or limits users from accessing their system until a ransom is paid. This guide provides summarized examples of trends, typologies, and indicators of ransomware that financial institutions should be aware of, as identified by FinCEN.

Download to learn:

  • Examples of different cybercrime and ransomware trends, including Double Extortion Schemes, “Big Game Hunting” Schemes, use of “Fileless” ransomware, and more
  • Key indicators of ransomware-related illicit activity, including irregular transactions occurring between customers and organizations, customers showing limited knowledge of CVC yet purchasing CVC, and more
  • The specific language to use when filing a suspicious activity report (SAR) for cyber events

Cyber attacks are the most significant threat to U.S. financial institutions. Learn more about what your institution can do to prevent and detect cyber fraud. View our blog, FinCEN Guidance on Cyber Fraud – Video.