Preventing Online Account Origination Fraud

As consumer demand for more online banking services grows, fraudsters are finding more and more ways to exploit these services. While not a new scheme, online account origination fraud has grown in part because of the prevalence and ease of use of online banking services, and in part because of the number and scope of data breaches allowing bad actors access to a large amount of consumer data.

In this blog post, we’ll discuss common tactics used in online account origination (OAO) fraud, and controls that can help prevent losses.

Common tactics

Often, fraudsters use stolen identities and banking information to perpetrate fraud when opening new accounts online. The use of real information can make this type of fraud much more difficult to detect, especially because of the relative anonymity associated with online banking.

Related Reading: Transaction Laundering in the Payments Landscape

Detection and controls

Ensuring your institution has adequate controls and methods of detection for online account origination fraud can help prevent financial loss. Here are some ways you can identify this scheme and prevent possible losses:

  • Heuristic email filtering can help spot email addresses likely associated with scams
  • IP geolocation can help you determine if the origin of a web-based payment makes sense based on member information
  • Day/time of transactions submitted can indicate inherent risk—transactions submitted overnight or on weekends are typically subject to less immediate oversight, potentially allowing bad actors a larger window of time to make fraudulent payments and extract funds
  • Multiple users with the same source account can indicate the use of stolen or fake payment information
  • Sudden (unexplained) increase in online account origination activity (especially when coupled with an increase in returns) may point to a targeted attack
  • Holding funds from new account deposits for a period of time can help prevent losses from fraudsters attempting to withdraw funds before fraudulent payments are returned

SWBC Payments monitors all transactions processed through our system and keeps a list of fraudulent customer and account information. This list is integrated into our monitoring software to detect fraud from known bad accounts/bad actors across all of our client base. Our monitoring software also employs multiple rules that scan our payment application for many scenarios, including transactions between liquid accounts that exceed certain values (especially if one or both accounts are new), and deviation from historical activity for existing accounts and members.

The image shows the Connect2Core™ logo, which is a real time payment solution
January 2024
Revolutionizing Financial Operations: The Dynamics of Real-Time Payment Data Posting 
Adhering to Nacha’s Fraud Risk Management and Monitoring Rules
August 2022
Adhering to Nacha’s Fraud Risk Management and Monitoring Rules
2022 Product Outlook for Financial Institutions: Payments
January 2022
2022 Product Outlook for Financial Institutions: Payments

Learn more about Transaction Enablement™