Fa La La La Fraud: How Credit Unions Can Better Protect Members this Holiday Season11.18.2019
‘Tis the season for holiday shopping, which means it’s also time for an influx of holiday fraud. In 2018, more than 165 million Americans shopped either in stores or online from Thanksgiving to Cyber Monday—a period of 5 days—according to the National Retail Federation. Such large transaction volumes serve as an attractive lure for criminals and fraudsters.
Consumers today are conducting more of their daily lives online, including shopping. According to Deloitte’s 2019 holiday retail survey, e-commerce sales are expected to grow by 14%-18% this season. With there are certainly numerous benefits associated with online shopping such as convenience, time savings and easily comparing prices and products, there is also newfound risk. Between fake websites, automated bot attacks and targeted phishing campaigns, the Internet can be a dangerous place for consumers, especially toward the end of the year. In fact, according to a 2018 Experian survey, 43% of holiday shoppers who had their identity stolen reported that the fraud occurred while shopping online.
The trend of holiday fraud unfortunately shows no signs of slowing down. While it is nearly impossible to completely avoid any possibility of fraud, there are precautions consumers can take to better protect themselves. Credit unions are in a unique position to help their members implement some healthy financial behaviors to prevent fraud and safeguard their sensitive information. Through member education and awareness, strong internal security best practices and robust vendor due diligence, credit unions can reduce member vulnerability while strengthening member relationships and loyalty.
Knowledge Is Power: Educating Members on Best Practices
Members are typically so preoccupied with the products they purchase and the deals they find that they fail to give security the attention it requires during the holiday rush. As member advocates, credit unions should proactively push relevant information to their members around red flags for fraud, preventative strategies and immediate steps to take if their data is compromised. Sharing general tips such as the importance of frequently reviewing credit and debit card statements, how to check if a retailer’s website is legitimate and how to report fraudulent transactions is valuable content that can help members better protect themselves through the holidays and into next year.
There are several tactics credit unions can employ to effectively reach a diverse range of members. For example, including advice around preventing fraud in a credit union’s digital or physical newsletter is a great vehicle to efficiently share information with a wide audience. A credit union’s website is another strong option, as members are likely to visit the website more frequently during busy shopping seasons like the holidays. Given social media’s current popularity, leveraging social platforms such as Twitter, Facebook and Instagram to disseminate the content can also be an effective method. These can be especially powerful tools for reaching younger generations, such as Millennials and members of Generation Z.
In addition to digital avenues, credit unions should also educate members in the branch, as many still prefer to conduct their financial services and transactions in person. This presents a valuable opportunity for credit union employees to engage in meaningful conversations about fraud, warning signs and defense strategies with their members face-to-face. Other tactics can also be used in branch, such as displaying posters, disseminating brochures and exhibiting pertinent information on screens, such as at the ATM.
Looking in the Mirror – Strengthen Internal Security and Evaluate Vendor Partnerships
An obvious but sometimes overlooked aspect of protecting members is to make sure credit unions’ own internal practices, protocols and systems are optimally secure. Cyberattacks continue to increase in volume and sophistication, and financial institutions are a tempting target for these criminals. Credit unions must take precautions to guard members’ sensitive information with powerful firewalls and appropriate data storage.
Credit unions cannot stop at evaluating their own internal operations; they must take a close look at the security measures of their vendors as well. When partnering with a technology provider that will house members’ data, it’s imperative that institutions conduct comprehensive due diligence and thoroughly assess the potential partner’s security controls, certifications and procedures. Many credit unions are even enlisting third parties to help them determine security and risk scores for their technology partners to ensure that members’ data will be well guarded. If information is compromised because of a vendor, members will still ultimately hold the credit union responsible, which is why institutions must assume accountability and carefully gauge each potential partner.
While holiday fraud will continue to pose a threat, credit unions have an opportunity to leverage their deep member relationships and security expertise to help safeguard members’ sensitive data and promote healthy, vigilant financial behaviors. By educating members, ensuring optimal internal security and properly vetting technology partners, credit unions are well positioned to help prevent fraudsters from stealing holiday joy this season.
Scott Johnston is EVP/COO of Member Driven Technologies, a CUSO that delivers integrated and secure technology solutions for credit unions.