Prevent Fraud From Breaking Your Cardholders' Spring Break Plans

posted by Ryan Dutton on Wednesday, March 13, 2024 in SHAZAM Blog

Debit card fraud is on the rise. It accounts for about 40 percent of all card fraud. Here’s what our SHAZAM fraud specialists are noticing and what financial institutions can do to protect their cardholders.

Social Engineering Scams Are Still Common

Bad actors continue to use social engineering schemes to trick cardholders into providing their sensitive information or make fraudulent transactions. In these schemes, bad actors often claim to be a trusted financial partner or a representative of a well-known merchant. In their calls, emails or text messages, they will allege there’s a problem with a person’s card or account. These false narratives are meant to play on cardholders’ emotions to convince them to give up sensitive data such as their card number, log-in credentials or a one-time password.  

Education is key in protecting cardholders from being caught up in these malicious attacks. Remind them to be skeptical of unsolicited calls or emails. Cardholders should avoid giving out sensitive information over the phone or via email. Financial institutions may need to verify personal information if a cardholder calls them, but never the other way around.  

Financial institutions should also review their internal verification processes. Pay attention to customer behaviors and listen to their responses. Empower staff members to investigate further if a cardholder request is unusual behavior from previous interactions. If their gut is telling them something is off, odds are they are probably right.

Fraudsters Lurking to Attack BINs

Cybercriminals are constantly looking to stay in the shadows to get their hands on cardholder information. The industry continues to see this behavior by fraudsters through enumerative account testing to identify valid issued cards and solve card issuance strategies. 

To make it more difficult for fraudsters to predict patterns, it’s our recommendation, and industry best practice, to randomize card issuance in your assigned BIN range. Think of it this way — randomization is the equivalent of finding a needle in a haystack. Who wants to go searching for that, certainly not a criminal.

Account Testing: The First Sign of Fraud

Fraudsters often test the waters on any cardholder information they may have illegally obtained by making a small transaction, typically under $5. If a test authorization is approved, fraudsters then use the information to commit more fraudulent transactions or sell the information on the dark web.  

The ability to detect these threats before they can cause damage is critically important. Review active cases and submit updates when you confirm activity with your cardholder. Our fraud escalation team constantly analyzes fraud cases and is always available to help explore custom research and rule-strategy options to respond to issuer-specific fraud trends.

Protecting Financial Institutions and Cardholders

Fraud is more complicated than ever. Having sophisticated tools to fight back is paramount for a financial institution’s fraud mitigation strategy.  

SHAZAM’s Fraud Advisors™ helps financial institutions take a proactive approach to detect, respond and help protect cardholders to reduce fraud losses. With Fraud Advisors, financial institutions receive an analysis of tagged fraud transactions and recommendations based on fraud detection performance.  

Contact a specialist or your regional director to learn how a dedicated fraud consultant can help your financial institution manage debit card fraud.

SHAZAM, Inc. and ITS, Inc. provide this blog for general informational purposes only. Our blog may be shared by a direct link wherein the content remains as originally presented and has not been altered. SHAZAM, Inc. and ITS, Inc. assume no responsibility for errors or omissions in the contents on the blog. By using this blog, reader agrees that the information published does not constitute nor is a substitute for legal advice which should only be sought from a qualified, licensed attorney. 


comments powered by Disqus