Transcription:
Venesulia Carr (00:08):
Good afternoon everybody. I am Venesulia Carr, Velia in Italiano, Vene. It just depends on who in the family is calling me, but you can all call me the I am the CEO of Vicar Group, LLC. We're operations and management consultants for Generation U. We have a cyber division and organizational development division, and we talk about all the things that we are talking about here today and beyond. I also host a television show down to business with V column one, Newsmax. It's a political, so regardless of your political leanings, you can go there and find out what's happening in fraud mitigation and how it's impacting the government business, civil society, and politics. So excited to do that. I'm also a former Marine. Any Marines in this building?
(00:55):
Anybody? Okay. Alright, I'll hold it down for all of us then. Alright, so I have my wonderful and esteemed colleagues and guests here today. We're going to be talking about scams, and for those of you that don't know me, this stuff really lights me up. I don't know if they've tried to get the FBI in the room to close out this session today, but I can tell you you got the next best thing, so if you need somebody to take them down, that will be me. So I'm going to hand it off to Stacey and we'll work our way back down. Stacey, tell us a little bit about yourself and what you do to save the world.
Staci Shatsoff (01:30):
I can't follow that, but I'll try. I'm Staci Shatsoff. I'm part of the Secure Payments team at Federal Reserve Bank of Boston, and essentially what we do is work with the industry to help secure the US payment system. So really focus on all things fraud and security scams obviously being a huge problem right now. So we're doing a lot of work in that space.
Shivi Sharma (01:54):
Awesome. Thank you Staci. I'm Shivi Sharma. I Lead Fraud Analytics for Varo Bank. Varo is a digital bank that got its federal banking charter three years back, and we are really building the foundations up for the digital bank, digital only bank. At Varo, I lead fraud analytics for the entire platform, starting from application onboarding to any kind of transaction card transaction, ZACH and so on. It's an exciting space for me. I'm super passionate about the space. I've been working in fraud for almost a decade now, so continue my commitment to reduce that and make payments easier for everyone.
Venesulia Carr (02:36):
Awesome. Well you guys, I've got my notes on my phone just so I don't miss anything. So if you see me looking down, that's what I'm looking at. But we are going to try and pack this session with as much information as possible for you guys to take back for your teams scams. This is rocking our world in every single sector of industry, banking industry is taking it pretty hard. Payments of course. Let's talk a little bit about what you guys are seeing when you're looking at fraud in the financial sector. What is it that's standing out to you and what are some of the trends that you're seeing on the landscape?
Shivi Sharma (03:14):
Yeah, I speak particularly about scams. Think Z is the most convenient payment form to do scams because it's real time. It's convenient for fraudsters to just ask someone, create an emergency situation and tell them, Hey, transfer me X amount, who are Z? And my people who take that seriously, they're the fall victims, which is unfortunate. See parents are definitely on top of everyone's mind, and so for us, similarly bank, personal and personification, I think that is one. Another area that is picking up now specifically with generative AI. It's become more easier to fake someone's voice or act as someone else. We're receiving more and more complaints where consumers are calling us and telling us that, Hey, we received a call there. Someone said that we are calling from the bank and my account has been hacked, so we need to just transfer money by sales. It's a combination of bank, personal personification and sales can that we are seeing a lot.
Venesulia Carr (04:25):
Stacy, anything to add there?
Staci Shatsoff (04:27):
Yeah, I Mean, I would just add that what we're hearing from industry and the organizations scams are different. It's a different type of fraud actually. They're targeting a consumer and it's the human behavior aspect that is really challenging, particularly for FIS, right? I mean, you can have the best detection in the world and you can stop that transaction, but at the end of the day, if somebody wants to send the money because they truly believe that they're getting a great deal, don't want to send their money one way or another. So it adds an additional layer of complexity. And how do you not only obviously detect and prevent, but how do you help consumers understand the red flags and take five seconds to think real quick to think about if they want to send the money? A lot of times we often hear, I felt like something was wrong, but I sent it and then as soon as I hit send, I knew it was too good to be true. But how do you tackle the mind and get folks to slow down? So it's just another level of complexity, unfortunately.
Venesulia Carr (05:39):
Yeah, that education piece is so huge, just getting them the general public, our constituency to understand what's happening on the fraud landscape, be able to identify it and to not fall prey to it. The education piece is huge. And you talked a little bit about Z, those peer-to-peer applications. We're seeing that there might be an uptick in fraud because of that, but we're looking specifically at Gen Z and boomers. It's amazing that Gen Z is the most technologically savvy generation that we have. Yet they're falling victim to the scams in greater numbers than boomers. Why is that? What's going on there?
Shivi Sharma (06:21):
I believe Gen Z because they are more technical savvy. They're always on using digital applications and maybe there's a gap in the awareness piece that they are very new to the world of handling their own finances and so on kind of all trap. They see some offer running on social media and they fall into it, okay, I'm getting a puppy and some scammer creates a situation, Hey, I've followed, I have a lot of other offers. Do you want to pay immediately to reserve your pet? So we see all such sort of situations that we call it pet scams, romance scams, scams can fall into different categories and Gen Z unfortunately fall into trap and become victims quickly.
Venesulia Carr (07:10):
Yeah, that social engineering piece is huge. Stacy, you kind of touched on it, but social media is a big piece of a fraudsters puzzle. Huge when they're looking at,
Staci Shatsoff (07:22):
Yeah, it's huge and we talk a lot. We support obviously the financial institutions, but if you think about the spay web and all the contributing factors, it's much broader than the financial industry. So how do you bring all the players together, the talk, the social media, the financial industry, of course, how do you bring all that together and get the right people at the table? The talk about how do we start making an impact, what are the right things to do? And your point about Gen Z, they're technologically savvy, but they're also using a lot more technology than in some of the other generations. So with that, they're in social media a lot more. They're using all these P two P payment types and different apps to send money and things that perhaps other folks aren't using. So it just opens up additional ways for them to be sending funds, unfortunately.
Venesulia Carr (08:20):
Yeah, absolutely. There's a huge challenge when we look at the different layers that we have regulatory wise. Let's talk about some of the challenges that it poses when we look at fraud mitigation scams, how they're playing out, bringing an organization together, not being siloed as we're addressing these concerns. Let's look at how we manage this operationally. We will start with you.
Shivi Sharma (08:46):
Sure. I was reading a Forester report and it said that only 10% institutions do a great work at integrating their DNLBSA teams and fraud teams. So historically, people look at fraud in Silos. Maybe someone is doing ECH fraud or someone is doing their fraud, someone is doing application fraud. Actually, a fraudster is not thinking that way. They're there to do fraud, they can do it anyway. So bringing all those different verticals together, more and more information sharing within the organization. And in fact, outside organization with all of the banks, that is a very important key. And consortiums play a great role in information sharing because what we see in one bank, it transfers to other banks. So if you speak to our friends and other banks, they'll be like, oh, you saw that last month. We are seeing it this month. So the sooner we can share that knowledge with each other within than outside the organization, the better it is, the better we can tackle with it and cope with it.
Staci Shatsoff (09:57):
I mean, the information sharing is huge. We actually have a project going on right now with the industry around information sharing, because if you look at what's happening today, there's packets, right? There's a packet here, there's a packet here, there's a packet here of information sharing. But how do you bring all that together and holistically first have a view of it, but also have industry-wide participation and have folks understand what they're able to share and what they may not be able to share, and what can you share that would make a difference. So we have work going on there right now, and actually we'll be released later this year, but that's a huge part. To your point, the same tactics are used across multiple organizations, and the faster you can get that information out, the faster other organizations can be aware and hopefully try to stop some of it.
Venesulia Carr (10:52):
Yeah, absolutely. You guys, the previous panel, Ian talked about all of the efficiencies that come along with AI. How many of you, are you using AI in your organizations right now? Yeah. And how many, are you using it personally like chatGPT and things like that, leveraging it? Yeah, absolutely. So it's a part of our daily lives. Even if you wanted to, you couldn't avoid it if you're using Grammarly or if you're using any type of website or web platform, it's integrated now. So the risk is a whole lot larger. I want to talk about how we weigh the risks of AI along with the benefits. And listen, I am the most risk averse person there is. If you show me something great, I'm going to tell you 10 ways that we need to be watching out for this thing to take us down. So in as much as I love a good AI photo shoot, I'm aware of a deep fake. I write about them all the time. Let's talk about how frauds are using this and what this audience can take back to their teams as action items and talking points for how they are to be aware in as much as they're leveraging it. Stacy, we'll start with you.
Staci Shatsoff (12:05):
Yeah, I mean, fraudsters are probably using this technology better than some of us. They use it in scams all the time. I don't know if you saw, it was a couple weeks ago where there was literally a team meeting that was all a scam, and the employee ended up sending a significant amount of money out the door because he thought he was on the phone in a meeting with the CEO and other folks in the organization. So that's obviously an extreme example, but that's happening, and that I'm sure is not the only example of how it's happening. So awareness, again, I think goes back to a lot of it, understanding the technology and understanding how it works and what it can do. And then of course, as fraud prevention specialists and fighter, we're very good at poking holes in that and understanding where the frauds can take advantage of it. But I think a lot of times it's understanding how something works that can really make a difference, because if you don't understand how it works, you're going to be less likely to understand how fraudsters are using it.
Shivi Sharma (13:16):
Yeah, I completely agree with that, Stacy. And I would say generated AI, I see that as a double-edged sword. So if it's making it easier for fraudsters to unlock ways more and more ways and better ways to do fraud, it also unlocks ways for banks to fight fraud. It's becoming increasingly difficult to differentiate between the artificially generated good content. Like earlier, the warnings or awareness that we used to create was if you see some spelling mistakes, grammar that used to be very easy to spot on. Phishing emails, specifically fraudsters are now becoming better equipped to write better phishing emails. How do you do that? So I think it goes back to their awareness piece. Make sure that if you are getting an email, you just check that it's actually coming from your bank if you're using Chase, either chase.com. So just those little awareness pieces go your five way to protect the customers. And banks can also use generative AI equally good to identify such emerging patterns. For example, generative AI does a great job at consolidating all the information from very large data sets. So how do we bring that consolidated information to the analyst on the team to anyone who's looking into fraud patterns, identify patterns better? Those are the capabilities that generative AI unlocks for the other site too.
Venesulia Carr (14:51):
Yeah, absolutely. One of my big concerns is that in the age of artificial intelligence, and as much as I love it, we have opportunities and challenges that we'll have to overcome. One is the biometrics are no longer something that we can truly rely on when you have the ability to digital clone, I have a digital AI V I wasn't sure how I felt about it, but there's a little AI me and it looks just like me. It sounds just like me.
Staci Shatsoff (15:25):
It should have brought that
Venesulia Carr (15:26):
You guys. So what happens when someone can take, especially someone with a public presence like mine, when they can take my voice, clone my voice, and give them the right set of information, infiltrate my bank accounts? What do we do in cases like this? What's happening in technology on the institution side that can prevent these things from happening and protect our consumers?
Shivi Sharma (15:56):
Yeah, I mean, I'm sorry to hear that you have already experienced that. We're already cloned. I think one of the ways to deal with such situations is to have those passports that only, I was speaking to someone and she was telling that she has already created a passport with her kid because the grandparents scams are increasing where someone just calls up and says, Hey, I've kidnapped your kid earlier. It used to be the third person saying, now they impersonate that voice and get the kid on the call, the fake kid on the call. And so they creating those kind of passwords that only you and other person knows it can help probably. But we're all learning. Everything is so new for everyone. So we're in the learning switch.
Venesulia Carr (16:48):
Yeah, we're trying to keep up with frauds still way ahead of you
Shivi Sharma (16:51):
Always,
Staci Shatsoff (16:52):
Always.
Venesulia Carr (16:53):
And mouse, what would you say?
Staci Shatsoff (16:56):
I mean, just to add on to that, anything that you know, like you are saying is something that is much harder to replicate as long as somebody else doesn't know it as well. So again, just keeping that in mind. And I would say, I always go back to awareness, right? So if you're opening a bank account, let's say, and you have her information, but there's something different. Maybe it's a synthetic who's using your clone, right? Just understanding again how all of those pieces of information can be used and used by a fraudster. If you can prevent that initial relationship from being open, you are one step ahead of the game.
Venesulia Carr (17:39):
Yeah. You mentioned the grandparents scam. We talked a little bit about that on one of my episodes. One of the gentlemen that was scammed was taken for a ride, and the good thing was that he had people that were aware around him. I don't know if you guys ever heard of the case where they reached out, did the grandparent scam. For those of you that don't know, that's when there's a pretense that someone's grandchild or relative is in trouble. This fraudster says, we've got somebody on the line. They want to help you. They want to help your family. We need you to send in a bail, or we need you to send in a certain amount of money. Well, we had a similar case where it was one of the prize scams, the lottery scams. They reached out to this gentleman and, Hey, you've won this prize.
(18:31):
You've won this lottery. We want you to send in just the taxes on it. Well, he said, I'm not so sure about this. And the fraudster became more persistent. It accelerated to threats. What he did not realize was that he had one of the few people that had ever served as the head of the FBI and the head of the CIA and also a federal judge. On the end of that line, that man knew exactly who to call in that case. But what happens when it's your grandma and your grandpa and they don't have those resources at hand? How do we prevent that with them? We know that education is key, but how can we at the institutional level, put things in place that we could warn our constituents about things like this? Let's talk about that, Stacy, and we've only got two minutes left. So we've got speed
Staci Shatsoff (19:27):
Around here. So obviously, I always go back to education is key, but also if you have the detection in place, right, and you can identify those out of pattern transactions, that that's a good first step. You also have to, again, the interaction right with the customer. So you have grandma or grandpa on the line who is convinced that their grandchild is kidnapped in Mexico and is going to die if they don't send this money, right? That's a hard conversation to have as an agent or anyone, but that's a really hard conversation to have. So how do you train your front, your frontline folks when they have to have these conversations so they can feel empowered to ask the right questions, but understand what the person on the other end of the line is going through. But the reality is they're going to be a very good defense to you in that situation. So how do you properly educate them and train them and give them the confidence to be able to have those conversations with the customer, I think is very important.
Shivi Sharma (20:33):
I would just add, I think bring them those messages as close to the point of payment as possible. That goes a long way. So email awareness is no longer enough. For example, at the point of making a payment, if you are sending that, hey, only fraudster will ask you for an OTP or something like at the point of making sell payment, saying that, Hey, these are the possible scams that are happening these days on social media, on phone calls. Are you sure you know the person that you're sending to this money may be gone forever? Just giving those awareness messages right at the point of payment that I'm asking the user to acknowledge that they have read it. That goes a long way. Because if they are doing that payment in rush or thinking that this is an emergency situation, it gives them a moment to think one more minute about it.
Staci Shatsoff (21:27):
Absolutely. You guys, in the last 30 seconds that we have, what I love about a conference like this is that the solutions are in the room. Those vendors out there that were presenting had the answer.
(21:41):
We have the technologies that could intercept this on a phone call and call back out. So I'd say not only is the awareness piece important, but leveraging the technology that we have, using it to our benefit, being proactive with it. If you've got to beta test it with a small group beta test it, but we've got to protect ourselves, our consumers and I have definitely a heart for our grandparents, those that are struggling with this technology to ensure that they're safe. So that goes very close to my heart, but I want to thank you all for coming, for staying with us, for shutting this conference down, for closing it out. Give yourselves a round of applause.
(22:25):
I appreciate it. I also want to say an awesome thank you and a shout out to the American Banker Conference team. They do it with excellence every single time. The venue is great, the food is great, the content is great, the conversations are great. So I want to shout you guys out and say thank you all for what you do to put these conferences on and bring this information to us so that we can go back and make the best of what we do every day. Staci, thank you so much for being with us. Thank you. Thank you so much for being with us. They've got to get on flights. I'm staying, so if you guys want to hang out and catch up, I'll be out there somewhere. All thank you all. Thank you so much, and we'll see you next time.
Track 4: Scams: What You Need to Know
April 12, 2024 10:54 AM
23:14