Common fraud schemes impacting businesses and financial institutions

Fraud is the intentional use of deception to obtain an unlawful or unfair advantage. There are countless types of fraud schemes - countless ways a fraudster can scam a person or a business out of money or other assets. 

In the case of many common fraud schemes, the crime can be internal, external, or collusion. Internal fraud is when the crime is committed by someone within an organization - an employee depositing checks to their own account for example. External fraud is when a business is the victim of someone outside their organization - like a hacker sending spear phishing emails. And collusion is when the two work together, which could look like a corrupt banker approving bad loans in a mortgage fraud scheme. 

Fraud schemes can also be categorized as first-party fraud or third-party fraud.

By nature, fraud is constantly evolving. New scams and patterns evolve as new opportunities emerge and fraudsters find ways around detection and prevention measures, requiring sophisticated fraud analytics to investigate.  

Still, there are known schemes, and many types of fraud occur again and again, across different geographies and types of businesses.

While not an exhaustive list, here are some common fraud schemes that regularly impact businesses and financial institutions.

One way a fraudster may try to cover their tracks is by creating a fake identity to open a bank account for example. A synthetic identity is a fake identity that mixes real and fake information, such as a real social security number and phone number, and a fake name. These attributes do not belong to a single real person.

Online fraud schemes like phishing attacks are increasingly common. The cyber criminals behind these schemes send emails impersonating banks, for example, to harvest the credentials of their victims. Once they have access to bank accounts, they empty them. It’s a major threat to brand equity for financial institutions.

By arranging a series of international transactions between cooperating companies, it’s possible to claim a VAT refund without ever paying the VAT in the first place. Operating the scheme requires a company that can charge the VAT tax to a client and then disappear without ever transferring the money to the tax authority. Fraudsters must therefore take over or create multiple companies.

Generating fake insurance claims can be a way for fraudsters to make money. An individual can take a car insurance policy, then claim a refund on a non existing car accident. A car repair shop acting as an accomplice can generate invoices for non-existent repairs to trigger payment from the insurance company.

A credit card skimming device copies a credit card when it’s used to pay at a card reader at an ATM, gas pump, or other point of sale. The device owner can then use this information to make fraudulent transactions, such as online purchases.

All companies spend money to operate, creating an opportunity for fraud networks to take advantage of weak controls in procurement processes. A rogue employee might coordinate with a supplier to defraud the company, for example. Or an ill-intentioned HR manager might keep former employees in the company’s system and redirect their salaries for personal gain. There’s potential for substantial money losses.

Some fraud networks abuse the system of government benefits, like unemployment. It’s possible, for example, to use a legitimate employment document and tweak it to claim unemployment benefits on behalf of multiple persons. Those involved may keep a percentage of the stolen money and share the rest with the scam’s organizers.

Corrupt practitioners can receive fraudulent reimbursement by billing for services they haven’t provided. Institutions such as Medicare pay those bills. It’s particularly hard to stop this when the practitioners claim those services were performed on older patients who may be more vulnerable and therefore less likely to report fraudulent behavior.

Cyber fraud schemes include anything that happens online: malware, trojan horses, viruses, phishing emails, and more. It could be someone impersonating the CEO of your company to gain account access, or hackers holding a computer system for ransom. Cyber fraud is on the rise as more interactions and transactions move online.

To inflate a bonus or retain a job, someone might misrepresent the financial state of a business, overstating assets, revenues, or profits, or understating liabilities. Financial statement fraud rarely results in personal gain for the fraudster.