Big Red Flag To Watch For: When Employees Start Pulling More Credit Reports Than Usual
SPOKANE, Wash.-One potential red flag to watch for when it comes to fraud is an employee who is suddenly pulling far more credit reports than usual.
But that doesn't mean the employee is committing the fraud, reminded one analyst. "Some of the bigger things that have popped up in our world are hackers' attacks on our technology and our users' technology and desktops with keylogger Trojan [viruses], that go out and copy a user's keystrokes," reminded Dave Chiappe, COO for Sharper Lending, which offers its Appraisal Firewall products to mortgage lenders.
Chiappe explained that those malicious programs allow hackers to view a user's keystrokes so they can then relay that information to others-often in remote locations such as Nigeria or Russia, he said-giving hackers access to Web sites, password-protected material and other sensitive information.
But a thorough understanding of staff behavior can help mitigate the threat, said Chiappe. "The No. 1 thing credit unions can do to fight fraud is know their employees," he said, adding that high security standards at workstations are a must. "If Janice normally pulls three credit reports in one week and then pulls eight reports in one week, there should be some administrative flag that goes off. Go talk to her; if she has only pulled three, then it could be some sort of a 'logger situation.' "
The greatest security against this kind of threat will come from a combination of human and technological forces, he said, because it's going to take the technology to tell a human administrator that a behavior pattern is outside the norm, and only then can CU staff actively confront the threat.