Fintech fraud in 2020

Financial Technology, or FinTech, comprises ‘computer programs and other technology used to support or enable banking and financial services’. The first ATM was opened in 1967 at Barclays bank branch in Enfield, UK. Since then, Fintech has evolved significantly to online banking and other platforms that facilitate the transfer and lending of money, making banking cheaper and more accessible for people around the globe. In 2019 the GSMA (Global System for Mobile Communications) suggested the number of online banking users will reach 5 billion by 2025. However, as easy as this transition has been for banks and as convenient as it has been for customers to be able to manage their money online, these developments have also been linked to an increase in fraud worldwide. Social media platforms such as Instagram and Tiktok have made it easier for threat actors to conduct ‘bank loading’ fraud – a method in which illegal funds are transferred through online banking applications. Threat actors abuse both FinTech applications and cryptocurrencies to ensure their malicious activities are as anonymised as possible.

Cryptocurrencies are particularly useful for cybercriminals because of the anonymity many of these products provide. Cryptocurrency platforms, such as Coinbase and Crypterium, now have mobile banking applications, which makes them a favoured option for threat actors looking to transfer illegal funds. In operations that use cryptocurrency methods, accomplices are encouraged to download and verify a wallet on one of these platforms. Financial information is then used to purchase cryptocurrencies either on the target platform or through P2P exchanges like local Bitcoins. The acquired coins are then ‘tumbled’ and sent to the fraudster’s wallet where they will give the ‘associate’ their cut. ‘Tumbling’ is a method of hiding the origin of transferred tokens by combining multiple transactions and using different wallets as the recipients of transactions. Some cryptocurrency services, such as Bitstamp, have been used to launder illegally gained or stolen funds. This method has become popular among the UK fraud community, within which fraudsters advertise their services – money flipping or bank loading –  to get the bank details of unsuspecting users with a Coinbase account. The fraudster will then transfer the acquired illegal funds through this accomplice’s bank account into a Bitcoin wallet and continue the transaction anonymously.

Since the increase in innovative online banking applications – such as Dozens and Bo Bank – as well as those from high-street branches such as NatWest, there has been an increase in UK fraud. ‘Bank loading’ – the moving of illegal funds through bank transfers between the fraudster and the victim or accomplice – has become prevalent. Following the UK government’s imposition of a countrywide lockdown in March 2020, many high-street banks were temporarily closed. Some UK fraudsters used this as an opportunity to increase their focus on FinTech applications such as BO bank, Revolut and Monzo. Online banking became a target for money laundering due to the ease of downloading and verifying the apps. Cybercriminals use social media platforms, such as TikTok, to advertise their fraudulent activities which take the form of ordering a Monzo card to cash-out funds; ordering Apple products through stolen card details; or purchasing food through Deliveroo and attempting to defraud Paypal into refunding the cost.

Fraudsters use app-based banks because they have often had CIFAS (Credit Industry Fraud Avoidance System) markers applied to them or as a result of their financial history preventing them from opening accounts at high street banks. However, accomplices of these fraudsters can open new accounts with Monzo and because the bank is not a member of CIFAS, the lack of restrictions makes it easier to carry out fraudulent activities. The purpose of CIFAS is to help detect fraudulent payments and to protect victims. If fraudulent activity is detected on an account, a CIFAS marker is applied to that customer for 6 years and all accounts associated with them are suspended. Therefore, it is more difficult for the fraudsters to open new accounts for illegal fund transfers. Some scammers offer services to assist in the removal of CIFAS markers for victims: however, it is not possible for the marker to be removed once it has been applied and this is yet another way of cybercriminals making money from unsuspecting victims.

During the COVID-19 lockdown, there was a significant increase in requests for account information: fraudsters can use this information to transfer money across accounts, and only need the account holder’s login details for access. The fraudsters’ preference for recruiting users of FinTech applications as mules, stems from the convenience provided by these apps. The recruitment of FinTech customers is commonly arranged on social media platforms, such as Instagram, Snapchat and Facebook.

COVID-19 had a significant impact on fraud. Approximately 500,000 people applied for Universal Credit in the UK in the first nine days of the lockdown; fraudsters in the UK used this as an opportunity to increase their focus on Universal Credit scams across platforms such as Instagram and Telegram. Threat actors approached applicants who fitted the Department of Work and Pensions (DWP) criteria for Universal Credit and applied on their behalf for an increased amount or completed an early withdrawal of funds. The criminals then split the funds with their accomplices. Although there has been a significant change in lockdown regulations, and the window for successful exploitation of the Universal Credit system is closing, threat actors are still conducting benefit scams.

FinTech has become an essential part of everyday life for customers and institutions. However, as outlined above, faster payments can lead to faster fraud due to the accessibility measures in place to facilitate convenience for customers. As FinTech continues to develop, institutions are looking for ways to reduce money laundering through the “Know Your Customer” (KYC) checks. Banking systems are working to identify “unusual” transactions and can flag them up to customers to help prevent fraudulent activity. UK fraudsters will, of course, continue to attempt to use cryptocurrencies and FinTech applications for the anonymity and convenience they provide. With each new development in FinTech, a concurrent development in FinTech fraud is to be expected. A number of innovative digital offerings are due to launch in the coming year; cybercriminals will already be anticipating the ways in which these can be abused to further their fraudulent aims. Financial institutions around the world, therefore, must be conscious of the risks associated with FinTech and continue to do their utmost to provide safe and efficient services for their customers.


Scroll to Top