Common fraud schemes & scams

Fraud is on the rise globally: according to a 2022 PwC study, 51% of surveyed organizations experience fraud in the past two years, the highest level in 20 years of research (1). There are countless types of fraud schemes - countless ways a fraudster can scam a person or a business out of money or other assets.

In the case of many common fraud schemes, the crime can be internal, external, or collusion. Internal fraud is when the crime is committed by someone within an organization - an employee depositing checks to their own account for example. External fraud is when a business is the victim of someone outside their organization - like a hacker sending spear phishing emails. And collusion is when the two work together, which could look like a corrupt banker approving bad loans in a mortgage fraud scheme. 

Fraud schemes can also be categorized as first-party fraud or third-party fraud.

• First-party fraud is when a fraudster purposely misrepresents their identity by using a synthetic or stolen identity.
• Third-party fraud is when someone's personal information is used without consent so a third party can illegally or unfairly gain access to resources, credit, or products.

By nature, fraud is constantly evolving. New scams and patterns evolve as new opportunities emerge and fraudsters find ways around detection and prevention measures, requiring sophisticated fraud analytics to investigate.  

Still, there are known schemes, and many types of fraud occur again and again, across different geographies and types of businesses.

While not an exhaustive list, here are some common fraud schemes that regularly impact both individuals and businesses.

One way a fraudster may try to cover their tracks is by creating a fake identity to open a bank account for example. A synthetic identity is a fake identity that mixes real and fake information, such as a real social security number and phone number, and a fake name. These attributes do not belong to a single real person.

All companies spend money to operate, creating an opportunity for fraud networks to take advantage of weak controls in procurement processes. A rogue employee might coordinate with a supplier to defraud the company, for example. Or an ill-intentioned HR manager might keep former employees in the company’s system and redirect their salaries for personal gain. There’s potential for substantial money losses in cases of procurement fraud.

Online fraud schemes like phishing attacks are increasingly common. The cyber criminals behind account takeover schemes send emails impersonating banks, for example, to harvest the credentials of their victims. Once they have access to bank accounts, they empty them. It’s a major threat to brand equity for financial institutions.

Generating fake insurance claims can be a way for fraudsters to make money. An individual can take a car insurance policy, then claim a refund on a non existing or staged car accident. A car repair shop acting as an accomplice can generate invoices for non-existent repairs to trigger payment from the insurance company.

Some fraud networks abuse the system of government benefits, like unemployment. It’s possible, for example, to use a legitimate employment document and tweak it to claim unemployment benefits on behalf of multiple persons. Those involved may keep a percentage of the stolen money and share the rest with the scam’s organizers.

A credit card skimming device copies a credit card when it’s used to pay at a card reader at an ATM, gas pump, or other point of sale. The device owner can then use this information to make fraudulent transactions, such as online purchases.

Corrupt practitioners can receive fraudulent reimbursement by billing for services they haven’t provided. Institutions such as Medicare pay those bills. It’s particularly hard to stop this when the practitioners claim those services were performed on older patients who may be more vulnerable and therefore less likely to report fraudulent behavior.

VAT fraud is also known as carousel fraud. By arranging a series of international transactions between cooperating companies, it’s possible to claim a VAT refund without ever paying the VAT in the first place. Operating the scheme requires a company that can charge the VAT tax to a client and then disappear without ever transferring the money to the tax authority. Fraudsters must therefore take over or create multiple companies.

Cyber fraud schemes include anything that happens online: malware, trojan horses, viruses, phishing emails, and more. It could be someone impersonating the CEO of your company to gain account access, or hackers holding a computer system for ransom. Cyber fraud is on the rise as more interactions and transactions move online.

To inflate a bonus or retain a job, someone might misrepresent the financial state of a business, overstating assets, revenues, or profits, or understating liabilities. Financial statement fraud rarely results in personal gain for the fraudster.

New technology like graph analytics and visualization are powerful assets in both detecting and investigating complex fraud schemes. Layered onto existing systems, it can help detect more fraud, faster, and accelerate investigation time. 

To take a deeper dive into how this technology can improve upon your anti-fraud tech stack, take a look at our e-book: Outsmarting fraudsters with next-generation technology.

(1) https://www.pwc.com/gx/en/services/forensics/economic-crime-survey.html