this post was submitted on 28 Aug 2023
1 points (100.0% liked)

cybersecurity

0 readers
0 users here now

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

founded 1 year ago
MODERATORS
 
This is an automated archive.

The original was posted on /r/cybersecurity by /u/hubbyofhoarder on 2023-08-28 11:32:36+00:00.


Lately I've seen an uptick in attempted ACH and direct deposit fraud attempts aimed at my company. When folks in our AP or payroll functions receive those attempts they report them to my team. We engage with the would be scammer and get the target account information. Once we have the routing/account number, we report to the target bank. Our goal is pretty simple: to make attempting to defraud us just a little bit of a pain in the ass.

Once we report the account to the bank, we also re-engage with the scammer saying that we've made the change. However, in the change confirmation email, we always change a few digits in the routing and account numbers, if only to further make interacting with us annoying. We're not really fighting crime or anything, just hopefully making us a less attractive target. I also share the interactions with the AP/payroll teams to spread the amusement/love and encourage continued reporting.

90% of the time, the target bank is Green Dot bank. We engage with GD's fraud dept, and from what they tell us, they close those accounts as being involved in fraud.

While engaging in this effort over the last couple of months, I also have seen a few articles like this:

I can't help think that the customer account woes and the fraud attempts are somehow related.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here