Zelle Fraud! Or is it?

Karen Boyer, Vice President Fraud, People's United Bank, N.A.

Karen Boyer, Vice President Fraud, People's United Bank, N.A.

Zelle fraud. By now, we have all seen the headlines. We know the dangers of using Zelle and the terrible victim impact statements that come with it. You probably have even seen the interviews that paint this money movement channel as the worst thing to come out of the payment space since Shrute Bucks.

Now, I’m not underestimating the pain of losing money, just reflecting on the news that we have, unfortunately, grown accustomed to. That said, what if I were to tell you that what we refer to as “Zelle fraud” actually has nothing to do with Zelle at all? While it is true that Zelle has been repeatedly used as the preferred choice of many criminals to siphon funds from victims’ accounts, the actual fraud that is occurring has nothing to do with the platform itself.

First, let me explain how these scams work. There are some variations on the premise, but generally, most cases you hear about go something like this:

John receives a text from what appears to be his bank: “There’s been a $1000 purchase at a Wal-Mart in Florida. Did you do this? Answer Yes or No. Since John is in Maine (and the fraudsters know this), he quickly answers “no” to the text, panicked that his account has been hacked (a term that is also often misused).

Afterward, John receives a second text saying “Thank you for your response, a fraud representative will call you shortly.” This is quickly followed by a call from the fraudster, using an app that spoofs the bank’s 1-800 customer service number.

The fraudster’s script goes something like this: “John, this is Donna from the fraud department at ABC Bank. I understand that there was an unauthorized charge on your account recently.”

John: “Yes. I am not in Florida, and I didn’t go to Walmart.”

Donna: “Got it. Yes. I see that. For security purposes, is this John XYZ at 123 Main Street, and we’re talking about card ended in x6789?” (This information was already purchased on the dark net from a prior breach, and is the source the fraudster used to know which bank to impersonate. Naturally, this also builds credibility with John. Donna must be from the bank. After all, how else would she know all his information?)

John: “Yes, that is me.”

Donna: “Okay. We’ll get a claim started for you immediately. What is your username for your online banking?

John: “Umm… John123.”

Donna: “Got it… Oh, this is bad… Let me know your password so I can stop this now!”

Read Also

Leveraging Effective Communications for Strengthening Cybersecurity

Leveraging Effective Communications for Strengthening Cybersecurity

Grant McKechnie, Chief Information Security Officer, Endeavour Group
How To Think Digitally And Transform Your Organization To Win The Digital Customer

How To Think Digitally And Transform Your Organization To Win The...

Dobyl Malubane, CX Business Dev & Strategy Director, Oracle Africa
The Future Of Cloud Is Mobile

The Future Of Cloud Is Mobile

Rudi Strydom, Head of IT Operations, Technology and Architecture, Imperial South Africa
Exploring New Technological Impacts

Exploring New Technological Impacts

Melissa Orchard, Digital Hub & PDC Director, Marketing; CMI, Unilever Africa
The Human Reality Of Cyber Security

The Human Reality Of Cyber Security

Henry Denner, ICT Security Officer, Gautrain Management Agency
Zelle Fraud! Or is it?

Zelle Fraud! Or is it?

Karen Boyer, Vice President Fraud, People's United Bank, N.A.