Scammers are targeting Gen Z and dealing a blow to banks

Young African-American Man Texting in City Square
While Generation Z is not yet a top target for fraudsters, the average loss to such schemes for people in the age group exceeds $6,000.

Recent research uncovering a spike in fraud targeting Gen Z gives banks a glimpse of the future, as people 25 and younger become a larger chunk of their customer bases.

This generation's lack of awareness of fraud schemes make them an easy prey to fraudsters in some ways, according to Tamas Kadar, co-founder and chief executive of SEON, a fraud prevention company based in London. But the young also have tendencies and knowledge that help protect them.

Kadar’s company released a report last month that looked specifically at the fraud trends affecting Generation Z, defined by institutions like Pew Research as people born during or after 1997. Past research has typically focused on older people as fraud victims.

“Up until recently, the vast majority of internet users had grown up in an analog world and had to learn about online safety later in life,” the SEON report said. “This also meant that they were not the target of digital fraudsters in their youth, which has led to the presumption that most victims of online fraud are elderly folks with little knowledge of the internet.”

To be sure, older Americans did report losses more frequently than younger people in 2021, according to data recently released by the FBI’s Internet Crimes Center. People 60 and older filed fraud complaints more than six times more often than people 20 and younger. Older Americans also reported larger losses on average. People 60 and older reported the greatest losses of any age group — $1.68 billion in total compared to $101.4 million for people under 20 who reported incidents.

But young people are in fraudsters’ crosshairs. The age group experienced more than twice as many incidences of fraud in 2020 as in the previous year, though that spike in activity leveled off in 2021. While their losses were smaller than their older counterparts', in 2021 teenagers and younger people reported losing $6,800 on average per incident.

This might be in part due to a lack of adequate communication with young people. A survey of 1,500 Canadians conducted in February by Equifax suggested that younger people expressed less concern about fraud than their older counterparts.

“It’s very clear that better communications are needed to warn younger generations about the dangers associated with fraud and identity theft,” said Julie Kuzmic, Equifax Canada’s senior compliance officer, consumer advocacy.

The smaller fraud loss figures are likely the result of smaller-scale attacks, but according to Mark Ruchie, chief information security officer at the identity management company Entrust, they could also mask a larger problem.

“A $200 Venmo payment is not likely to make the news, but a $500,000 fraud involving a housing payment with an older individual is,” Ruchie said. For similar reasons, smaller fraud cases also might not escalate into law enforcement notices or be aggregated in fraud statistics as often.

One type of fraud risk to which Generation Z is especially vulnerable is synthetic identity fraud, which can take many forms but typically exploits people with short to nonexistent credit histories.

Fraudsters engaging in synthetic identity fraud target the Social Security numbers of people without credit histories — generally younger people or new U.S. citizens — and typically pair the information with fake names, street addresses, or other personal information.

Kadar said some dark web forums offer lists of Social Security numbers belonging to people who are about to turn 18, making them newly eligible for credit and other financial services and ripe targets for con artists.

“When you think about security questions — like, ‘What was the first street you lived on?’ — credit bureaus use those to actually make sure it's you,” Kadar said. “But for young people, they haven't been asked for those background details, so it's easier for fraudsters to just impersonate them.”

On the other hand, Kadar said Gen Zers have a leg up in the fight against fraud, in that they are native users of smartphones and comfortable with monitoring their finances and credit in an app.

He pointed to the use of mobile banking as a differentiating factor. While digitally literate banking customers are familiar with viewing their transaction history and balances online, their counterparts — those who grew up without digital banking — are more familiar with the intricacies of paper statements instead.

“For the older generation, maybe they don't even use a mobile app for checking their bank transfers,” Kadar said. “Maybe they get paper statements mailed every month, which they scan through. But if they have that as a recurring task every month, it might be a very long list.”

Kadar said that although online banking can create new opportunities for fraudsters, it also gives people an opportunity to closely monitor their accounts and credit use. Notifications about large transfers, new credit inquiries, unusual login attempts, or other updates can tip off a customer to fraudulent activity within seconds of it happening — a feature that mailed statements distinctly lack.

Authorities are in many instances able to return money to rightful owners after fraud occurs. According to a fact sheet released by the Financial Crimes Enforcement Network in February, the network’s Rapid Response Program (RRP) had recovered $1.1 billion on behalf of U.S. internet crime victims since the program’s inception in 2015.

The program is a partnership between Fincen and domestic and foreign law enforcement agencies. Victims of cyber-enabled crime — a common vector for fraudsters — activate the RRP by filing a complaint through the FBI or their nearest U.S. Secret Service field office.

A spokesperson for Fincen said in an email the total amount recovered by RRP to date amounted to roughly half of the reported losses. Fincen reported greater success recovering lost funds in cases where it received reports of fraudulent transfers within 72 hours of the transaction.

For reprint and licensing requests for this article, click here.
Fraud Cyber security Technology Digital Identity in 2022 and Beyond
MORE FROM AMERICAN BANKER