Check Fraud: New Approaches to Solving an Age-Old Problem

Experts Discuss the Alarming Rise in Check Fraud, Ways for Banks to Mitigate Losses
Watch this report on the rise of check fraud and how banks can address it by Information Security Media Group's Suparna Goswami.

Check fraud is back although, technically, it never went away. Today, cybercrime groups are openly hawking fraudulent check schemes on the Telegram messaging app. Check fraud is easier and more accessible, and it’s back in the headlines.

See Also: Gartner Guide for Digital Forensics and Incident Response

In fact, check fraud increased 84% between 2021 and 2022, according to the U.S. Department of the Treasury. Check fraud started rising during the COVID-19 pandemic because of related stimulus programs. Fraudsters made big and easy money by stealing checks from the mail, altering them and selling them on the dark market or by hiring mules and walkers to deposit the fake checks.

U.S. check fraud grew to 680,000 cases in 2022, prompting the Financial Crimes Enforcement Network to alert financial institutions this year to the nationwide surge in check fraud schemes targeting U.S. mail. FCEN said it worked with the U.S. Postal Inspection Service to identify red flags to help financial institutions detect, prevent and report suspicious activity connected to mail theft-related check fraud.

But experts say tracking check fraud in the mail isn't going to stop the problem. Banks have avoided investing in check processing technology for years, but now they will need new fraud tools to tackle the rising losses from check fraud.

The Evolution of Check Fraud

Check fraud is one of the oldest financial crimes, dating back to the first printed checks in the 1700s. But now, criminals are super-charging it on popular messaging platforms such as Telegram, which has become a one-stop shop for criminals, where they can buy stolen checks and hire people known as walkers to deposit them.

Much has changed in the past two years, said David Maimon, a professor in the Department of Criminal Justice and Criminology at Georgia State University, who monitors platforms and techniques criminals use to alter, sell and buy checks. Information from one stolen check can now be used to print more checks.

"We are seeing criminals selling the checks along with sensitive information on the victims, including Social Security numbers and balances in the accounts," Maimon said. "If we're talking about a company, we're talking about employment identification number, which comes along with the check."

Check fraud is so popular that tutorials hosted on Telegram give pointers on how to obtain checks. "The market is now evolved in terms of the type of commodities that the criminals are offering to a point where criminals will offer to replace a check that did not work," Maimon said.

One big driver of check fraud is the thriving secondary market on Telegram for stolen checks, said Infamous Ghost, a YouTuber and fraud fighter. "There are thousands of stolen and counterfeit checks for sale and it's only growing month over month."

The Problem With Banks

For the better part of the past 20 years, check fraud was stable and exceptionally predictable. Though banks try to do their best, technology solutions are still available to curb the increased volume of fraud. Most banks and processors rely on legacy mainframe-based applications that make introducing new anti-fraud technologies a challenge.

“Most have not been investing much in the way of R&D to come up with innovative solutions,” said Trace Fooshee, strategic adviser at Aite Novarica Group. "That’s beginning to change, of course, and we're beginning to see a pickup in activity around innovation in this space."

Bank fraud investigators agree that new investments are needed. Karen Boyer, senior vice president of financial crimes with M&T Bank, said banks need to adjust to "a whole new angle of check fraud."

"Check fraud is nothing new, but it is increasing into this space that bankers, until now, have not faced," Boyer said, adding that counterfeit checks are not the biggest problem. "We're dealing with legitimate checks being negotiated nefariously."

Fraudsters are combining identity theft and fake bank accounts to deposit checks and bypass authentication by the bank, Boyer said.

"Historically, we have established a check is fraudulent or not by looking into the account of a person," she said. “The department would call the customer and ask if he had deposited a check of this amount to this person and if the person verifies, the check is cleared. The problem now is that the amount is getting deposited in a fake account, while the check is legitimate. So, if I call you and verify the way we did earlier, it does not show a red flag because all other details are fine."

Manual verification only adds to the already difficult task of spotting fraudulent checks. "It is tough to distinguish a genuine handwritten document from a falsified document," Fooshee said. "It is a fairly analog process and it is not something that lends itself easily to automation. Detection is usually very costly and a very manual process."

Banks also face challenges in spotting check fraud across multiple channels including mobile deposit, ATM deposit, branch deposit, branch check cashing and check clearinghouses.

"If you add up the losses and expenses to manage all these processes, banks place significant operational and technology expenses to support these customer options," said Mary Ann Miller, vice president at Prove. "Banks are in the process of conducting risk assessments and upgrading their process in all the categories, but it cannot happen fast enough. Each process requires separate strategy approaches, technology approaches and operational responses."

Advancement in Check Fraud Tech

With this sudden resurgence in fraud, there is an opportunity for banks to take a hard look at their fraud strategies for checks.

Legacy fraud detection tools are designed to flag suspicious checks during high-volume processing, but the false positive rate is high. Typically, check processors find one fraudulent check out of every 800 inspected, experts said.

Banks can reduce false positives by integrating legacy systems and image analysis systems with risk engine platforms or business rules engines. These platforms use filtering to effectively reduce false positives.

"If banks are able to integrate all these controls together, which is oftentimes a pretty big challenge, you can get the false positive rate down to somewhere in the range of 30 to 1," Fooshee said.

Miller said image analysis tools should be combined with mobile identity verification and authentication to determine the risk of the check. For example, mobile deposits need to be treated as high-risk transactions, and banks should be able to verify that the customer has possession of the mobile phone and is making the deposit, she said.

Experts shared a few ways for banks to tackle the check fraud problem:

  • Configure risk engines and rules engines to filter out risk models: A risk-based rules engine is an application that uses predefined logic to determine a client's risk status and can manage the decision-making process. A risk engine combined with a rules engine can manage a considerable volume of data in one repository to enable verification, cross-matching and flagging of areas of suspicious checks for referral
  • Apply artificial intelligence to visually spot fraud patterns: AI reduces the number of checks routed for manual review and can help reduce risks associated with synthetic and account fraud, forged checks and identity theft.
  • Leverage a cloud-hosted consortium to fight check fraud together: Members could access a repository with details of fraud attempts against banks to fight against common attackers.

"In an era of huge technical advances in the areas of machine learning and AI, financial institutions better protect themselves when they participate in a common network that more quickly discovers fraud and incorporates insights for the protection of all participants," said Michael Diamond, senior vice president and general manager of digital banking at Mitek Systems..

He said companies should compare multiple check attributes with check profiles stored in a secure cloud repository that can be used by participating financial institutions. "Cloud-hosted service complements existing fraud-fighting systems and protocols with minimum integration effort."

Unfortunately, it takes time for banks to implement new technologies. "There are vendors who are now looking into this problem. However, it is not easy to get clearances from the banks as they have to go through regulatory processes to vet any new technology," Maimon said.

He fears that by the time new systems are vetted by banks, fraudsters will have already moved to the next stage. "Hence we are always paying the catch-up game."

Frank McKenna, chief fraud strategist at Point Predictive, who has written multiple blogs on check fraud, said banks have some hard questions to answer: "Are the new solutions good enough? Can we sustain using the same solutions for the next eight to 10 years? What is the cost of doing nothing? In a banking world where all investment money is going into digital transformation, will banks be able to make the business case to invest in the lowly check?"

"I feel it is a must," McKenna said. "At the end of the day, it is about faith in the system. Check fraud has made a comeback and fraudulent check scams against consumer and commercial accounts are a big part of the scams challenge banks are facing. So, they cannot afford to ignore it."


About the Author

Suparna Goswami

Suparna Goswami

Associate Editor, ISMG

Goswami has more than 10 years of experience in the field of journalism. She has covered a variety of beats including global macro economy, fintech, startups and other business trends. Before joining ISMG, she contributed for Forbes Asia, where she wrote about the Indian startup ecosystem. She has also worked with UK-based International Finance Magazine and leading Indian newspapers, such as DNA and Times of India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.