Payments Security

Scams: A Growing and Costly Problem

Scams are increasingly in the news – along with astonishing estimates of the resulting losses and number of people affected. In 2022 alone, the Federal Trade Commission (FTC) reported consumers lost nearly $8.8 billion to scams (Off-site) – a 35% increase from 2021 – despite receiving half a million (19%) fewer reports of scams.

The nature of a scam: fraudulent, deceptive, dishonest, illegal.

In general, scams are designed to steal money and/or goods through deception. However, the fraud and payments industries have not adopted a uniform definition of scams. Themes common to the various working definitions focus on the nature of a scam: fraudulent, deceptive, dishonest, illegal. Both consumers and businesses are victims.

Fraudsters Target Consumers

“Social engineering” techniques are commonly used to deceive, manipulate or influence the victim to provide sensitive information, send money or change device security settings. Fraudsters often play on emotion to create a sense of urgency. For example, a fraudster pretends to be a frantic friend or relative needing money ASAP due to an accident, arrest or robbery – or an email from “PayPal” claims the recipient must confirm credit card details or the account will be deactivated.

Fraudsters frequently will attempt to strike up a conversation with consumers via spam texts, email and social media. Romance scams are one growing type of fraud. Fraudsters may pretend to live overseas or work in a job that requires extensive travel so they can establish a warm, but solely online, relationship with the victim. They make plans to meet or even marry, then the fraudster asks for money to cover an unexpected medical bill or emergency expense. The fraudster disappears as soon as the victim sends the funds.

Common types of scams

We also are vulnerable targets because of fraud warning fatigue and multi-tasking (Off-site). In addition, oversharing on social media and data breaches have ensured personally identifiable information (PII) is readily available to facilitate scams, such as by creating synthetic identities.

Other common consumer scams include:

  • Investment scams: The fraudster convinces the investor to make purchases based on false information, including promises of large returns with minimal risk. This was the most common form of consumer fraud (Off-site) reported to the Federal Trade Commission in 2022, costing victims more than $3.8 billion.
  • Imposter scams: Fraudsters pose as legitimate organizations (e.g., the IRS) to convince their victims to send them money.
  • Advance payment/lottery scams: The victim pays money to the fraudster in anticipation of receiving something of greater value in return, but instead, receives nothing or significantly less than expected.

Businesses Are Impacted by Scams

For organizations, “business email compromise” (BEC) has long been the most prominent type of scam. It targets both businesses and individuals who perform fund transfers. Imposter scams (Off-site) are prevalent here, too. In a typical BEC scam, the fraudster will hack into or “spoof” company emails to pretend to be a legitimate executive at the organization. The fraudster then sends a seemingly authentic company email – or even, sets up a Zoom call posing as a member of company management – to demand a wire transfer to an “authentic” recipient, such as a supplier. Criminals often immediately move these fraudulent wire transfers to cryptocurrency wallets and disperse the funds, making recovery more difficult.

Top five online scams

Other types of leading business scams include:

  • Fake invoice scams: Like many phishing attacks, this scam relies on fear and urgency, pressuring an end user to submit an allegedly past due payment for goods or services that the victims subsequently realize they never ordered or received.
  • Overpayment scams: An individual is sent a payment or commission with instructions to keep part of the payment and send the rest to another person or business. The initial payment was fraudulent, so the victim loses the so-called overpayment.
  • Business loan scams: A small business or business owner is promised a lower interest rate or longer repayment period on a loan, only to find those conditions unfavorably changed – or to never receive the loan funds at all, often despite paying advanced fees.

When we look across the fraud landscape, it’s important to consider how a given scam was initiated. Was the authorized party tricked into sending the payment, or did an unauthorized party take over an account? The Federal Reserve’s FraudClassifierSM model enables organizations to track both types of scams to help improve fraud detection and mitigation.

More to Come

The Federal Reserve spent much of 2022 engaging with stakeholders to understand how the Fed can help the industry further address the identification, categorization and reporting of scams. This work will continue in 2023 and include collaboration with the industry to develop a common definition and taxonomy of scams.

In addition, visit USA.gov (Off-site) for fraud reporting information and links to organizations that track scams and fraud.

“FraudClassifier” is a service mark of the Federal Reserve Banks. A list of marks related to financial services products that are offered to financial institutions by the Federal Reserve Banks is available at FRBservices.org.