Check Fraud and Payment Scams Are Back, and Your Clients Are the Target

Check Fraud and Payment Scams Are Back, and Your Clients Are the Target

There was a stretch where the industry assumed checks were on their way out and check fraud with them. The opposite happened. Check fraud has surged to levels that have regulators and financial institutions treating it as a top concern again, alongside a wave of payment scams that use email, text, and the phone to talk people out of their money. For a credit union, a community bank, an insurance agency, or a mortgage shop, this exists in two places at once: the institution's own exposure, and the clients who lose money and look to their financial provider to have protected them.

The Scale of the Problem

FinCEN, the Treasury's financial crimes bureau, issued an alert reporting that banks filed roughly 680,000 Suspicious Activity Reports tied to check fraud in a single year, a sharp jump from the prior year. The American Bankers Association has documented check fraud as the largest category of payments fraud that banks contend with, even as overall check volume keeps falling. Fewer checks but more fraud, which tells you the attackers have gotten better at exploiting the ones still in circulation.

Check fraud often starts with mail theft. Criminals steal checks from mailboxes, then "wash" them by chemically removing the ink and rewriting the payee and amount, or they use stolen check images to print counterfeits. A single stolen check gives a fraudster the account number, routing number, and signature needed to drain an account or manufacture more.

The scams running alongside check fraud have grown just as fast. The FBI's Internet Crime Complaint Center reported record losses to fraud, with business email compromise and related payment scams accounting for billions. The fastest-growing categories rely on social engineering, convincing a person to authorize a payment or hand over credentials, rather than breaking through technical defenses.

Why Financial Firms Are in the Crosshairs

A common scheme impersonates the financial institution itself. A client gets a call or text that appears to come from their credit union or advisor, warning of suspicious activity and asking them to "verify" credentials or move money to a "safe" account. The client, trusting the relationship, complies. The money is gone, and the institution faces an angry member who feels the firm should have prevented it, even when the client authorized the transfer.

Business clients face the wire and invoice version of this. A mortgage or title operation is a particularly rich target, because real estate closings involve large wire transfers and tight timelines. Fraudsters monitor a compromised email account, wait for a closing, then send altered wire instructions that route the funds to themselves. The losses in these schemes routinely run into hundreds of thousands of dollars per incident, and recovery after the money moves is rare.

The exposure isn't only the client's. When a financial firm's own email or systems are compromised and used to launch these attacks, the firm carries liability, regulatory scrutiny, and the reputational damage of having been the entry point.

What Actually Reduces the Risk

Fighting modern payment fraud takes a combination of technology controlling the firm's systems and process controlling how money moves.

On the technology side, email security is the front line, because so many of these scams begin with a compromised or spoofed email account. Strong filtering blocks a large share of phishing attempts before they reach anyone. Multi-factor authentication on email and financial systems shuts down the account takeovers that let fraudsters monitor a mailbox and insert fraudulent instructions. Monitoring catches the unusual login or access pattern that signals a compromise in progress.

On the process side, verification is what stops a convincing fraudulent request. Any change to payment instructions, any wire above a threshold, any request to move funds gets confirmed through a second channel, a phone call to a known number, never the contact information in the suspicious message itself. Staff trained to recognize the patterns of a payment scam catch the requests that slip past the technology, and clients reminded that their institution will never ask them to move money to a "safe account" are far harder to victimize.

Where a Managed IT Partner Helps

A managed IT provider can own the technology half of that defense and support the process half. The provider can run the email security and monitoring that block and detect the compromises behind most payment fraud, enforce multi-factor authentication across the systems that matter, and keep the firm's defenses current as the schemes change. The provider can also help build and document the security awareness training that turns staff into a working layer of defense, and the access controls and logging that contain damage if an account is compromised.

For a small or mid-sized financial firm without a dedicated security team, that combination is hard to maintain alone while also running the business. A provider makes it an ongoing, proactive service, which matters in an environment where the attackers refine their methods constantly and a single successful scam can cost a client a life-changing sum and the firm a relationship it spent years building.

If you're not confident your firm's email and financial systems are protected against the account takeovers behind today's payment fraud, or that your staff and clients could recognize a scam in progress, a Network Discovery might be in order. We'll assess your defenses and show you where the exposure is.


Ready to take the next step? Contact the Connecting Point team today to discuss your organization's needs.

Fill out our Network Discovery Form to get started!

970.356.7224 | www.CPcolorado.com | sales@CPcolorado.com

Connecting Point is a trusted IT solutions provider based in Greeley, Colorado, helping businesses across Northern Colorado and beyond navigate technology decisions with confidence.