Skip to main content
Learning Center
Fraud BasicsCommon Fraud Types Every Analyst Should Know

Common Fraud Types Every Analyst Should Know

The most frequent fraud types you'll encounter as a fraud analyst - identity theft, payment fraud, account takeover, and business fraud

Common Fraud Types Every Analyst Should Know

Essential fraud patterns you'll encounter in your first year

The Most Common Fraud You'll See

As a fraud analyst, certain fraud types appear repeatedly in your work. Understanding these patterns helps you spot them quickly and protect customers effectively.

This guide covers the fraud types that make up about 80% of what you'll investigate.

Payment Card Fraud

Credit Card Fraud

What it is: Criminals use stolen credit card information to make purchases

How it happens:

  • Card skimming: Devices steal card data at ATMs or stores (criminals attach small devices that read your card when you swipe it)
  • Online data breaches: Hackers steal card numbers from merchants (when stores get hacked and customer card data is stolen)
  • Card-not-present fraud: Using stolen numbers for online/phone purchases (criminal has your card number but not the physical card)
  • Counterfeit cards: Creating fake cards with stolen data (printing fake cards that work like the real ones)

Red flags you'll see:

  • Purchases immediately after card activation
  • Transactions from unusual locations
  • High-value purchases of easily resold items (electronics, gift cards)
  • Multiple small "test" purchases followed by large ones

Real example: Customer's card used at gas station in their home city, then 2 hours later for $3,000 electronics purchase 500 miles away

Debit Card Fraud

What it is: Similar to credit card fraud but uses debit cards, which can be used with or without PINs

Key differences:

  • PIN transactions: ATMs and some point-of-sale systems require PINs
  • Signature transactions: Many stores allow debit cards to be used like credit cards (no PIN required)
  • Online/phone: No PIN required, just card number and security code
  • Immediate impact on customer's bank account
  • Customers notice faster because money is gone immediately

Common scenarios:

  • ATM skimming with hidden cameras to capture PINs
  • "Shimming" - thin devices inserted into chip readers
  • Stolen cards used for online purchases (no PIN needed)
  • Card-not-present fraud using stolen debit card numbers

Account Takeover (ATO)

Account takeover means criminals gain access to someone else's existing accounts (bank accounts, email, social media, shopping accounts) and use them without permission.

What Account Takeover Is

The crime: Criminals gain control of legitimate customer accounts and use them fraudulently

How accounts get compromised:

  • Credential stuffing: Using stolen usernames/passwords from other breaches (like when LinkedIn gets hacked, criminals try those same passwords on banking sites)
  • Phishing: Tricking customers into revealing login information (fake emails that look like they're from the bank)
  • SIM swapping: Taking control of customer's phone number for 2FA codes (convincing phone company to transfer the number to criminal's phone)
  • Social engineering: Manipulating customer service to reset passwords (calling and pretending to be the customer)

Types of Account Takeover

Banking ATO:

  • Criminals log into bank accounts
  • Transfer money to accounts they control
  • Set up new payees for fraudulent transfers
  • Apply for loans or credit products

Example: Criminal uses credentials from LinkedIn breach to access customer's online banking, adds new external account, transfers $5,000

Email/Social Media ATO:

  • Access to email often leads to other account compromises
  • Used for business email compromise (BEC) attacks
  • Social media accounts used for romance scams or crypto fraud

E-commerce ATO:

  • Criminals access shopping accounts
  • Change shipping addresses
  • Use stored payment methods
  • Sell access to accounts with reward points

ATO Investigation Tips

  • Check login locations and devices
  • Look for recent account changes (email, phone, address)
  • Verify if customer recently received phishing emails
  • Check if customer's credentials appear in known breach databases

Identity Theft

Identity theft means using someone else's personal information (like Social Security Number, name, address) without permission to commit fraud.

There are two main types:

Synthetic Identity Fraud

What "synthetic" means: Creating a completely fake person by combining real and made-up information

What it is: Creating fake identities using a mix of real and fabricated information

How it works:

  • Criminals use real Social Security Numbers (often from children or deceased)
  • Combine with fake names, addresses, and other details
  • Build credit history over time
  • Eventually "bust out" with large fraudulent applications

Why it's dangerous:

  • Difficult to detect because it doesn't immediately harm real victims
  • Can take years to develop before the fraud occurs
  • Often involves multiple accounts across different institutions

Red flags:

  • Thin credit files for adults
  • Address mismatches
  • SSN issued in different state than current address
  • Multiple applications using similar information

Traditional Identity Theft

What it is: Using real person's complete identity without permission

Common sources of stolen identity data:

  • Mail theft (pre-approved credit offers, tax documents)
  • Data breaches
  • "Dumpster diving" for discarded documents
  • Theft of wallets, purses, or personal documents

Typical fraud pattern:

  1. Criminal obtains victim's personal information
  2. Opens new accounts in victim's name
  3. Makes purchases or withdraws cash
  4. Victim discovers fraud when bills arrive or credit score drops

Romance and Social Engineering Scams

Romance Scams

What it is: Criminals build fake romantic relationships to steal money

How it works:

  • Create fake profiles on dating sites or social media
  • Build emotional relationships over weeks or months
  • Eventually ask for money for "emergencies"
  • Often claim to be military overseas, doctors, or business travelers

Common money requests:

  • Medical emergencies
  • Travel money to "visit" the victim
  • Customs fees for packages
  • Investment opportunities

Red flags:

  • Requests for wire transfers or gift cards
  • Claims to be traveling or overseas
  • Asks for money after short online relationship
  • Photos that seem too professional or model-like

Other Social Engineering

Business Email Compromise (BEC):

  • What BEC means: Business Email Compromise - criminals impersonate executives or vendors via email
  • Criminals impersonate executives or vendors
  • Request wire transfers or sensitive information
  • Often target accounting departments

Tech support scams:

  • Criminals claim to be from Microsoft, Apple, etc.
  • Convince victims their computers are infected
  • Sell fake security software or steal remote access

Check and ACH Fraud

What these payment types are:

  • Checks: Paper documents that authorize banks to transfer money from one account to another
  • ACH: Automated Clearing House - electronic transfers between bank accounts (like direct deposit or automatic bill pay)
  • Wire transfers: Fast electronic money transfers, usually for large amounts

Check Fraud

What it is: Creating, altering, or using fraudulent checks

Types you'll encounter:

  • Forged checks: Completely fake checks
  • Altered checks: Changing amounts or payees on real checks
  • Stolen checks: Using checks stolen from mail or businesses
  • Account takeover checks: Writing checks from compromised accounts

Modern check fraud patterns:

  • "Check washing" - removing ink and rewriting checks
  • Depositing fraudulent checks via mobile banking
  • Using high-quality printers to create realistic fake checks

ACH/Wire Transfer Fraud

What it is: Unauthorized electronic transfers

Common scenarios:

  • Business email compromise leading to fraudulent wire transfers
  • Account takeover resulting in ACH transfers to criminal accounts
  • Fraudulent ACH authorizations through fake websites

Investigation focus:

  • Verify authorization methods
  • Check for recent account compromises
  • Confirm recipient account legitimacy

First-Party Fraud (Friendly Fraud)

What "first-party" means: The legitimate account holder (not a stranger) commits the fraud

What "friendly fraud" means: Called "friendly" because it comes from someone the bank has a relationship with, but it's still fraud

What First-Party Fraud Is

The concept: When the legitimate account holder commits or facilitates fraud

Why it happens:

  • Financial desperation
  • Perceived low risk of getting caught
  • Rationalization ("the bank can afford it")
  • Opportunity when controls are weak

Common Types

Chargeback Fraud:

  • Customer makes legitimate purchase
  • Files chargeback claiming they didn't authorize it
  • Keeps both the product and refunded money

Application Fraud:

  • Lying on loan or credit applications
  • Inflating income or assets
  • Providing false employment information

Bust-Out Fraud:

  • Building good payment history
  • Suddenly maxing out all available credit
  • Never intending to pay back

Detection Challenges

  • Customer has legitimate relationship with institution
  • Authorized access to accounts and cards
  • May involve partial truths mixed with lies
  • Often requires behavioral analysis rather than technical detection

Cryptocurrency and Investment Fraud

Crypto Fraud Basics

What you need to know: Cryptocurrency transactions are irreversible and difficult to trace

Common crypto fraud types:

  • Fake investment platforms: Promising high returns on crypto investments
  • Romance scams involving crypto: Criminals convince victims to buy and send cryptocurrency
  • Tech support scams: Claiming victim's crypto wallet is compromised
  • Social media giveaway scams: Fake celebrity accounts promising crypto returns

Investment Fraud Red Flags

  • Guaranteed high returns with no risk
  • Pressure to "invest" quickly
  • Requests for payment via crypto, wire transfer, or gift cards
  • Claims of celebrity or expert endorsements
  • Complex explanations that don't make sense

What This Means for Your Daily Work

Investigation Priorities

When you see these fraud types:

  1. Speed matters: Many frauds require quick response to prevent additional losses
  2. Pattern recognition: Look for similar cases that might indicate organized fraud
  3. Customer communication: Legitimate customers need clear explanations and support
  4. Documentation: Proper case notes help with law enforcement and prevention

Prevention Focus

Help your institution prevent fraud by:

  • Identifying control weaknesses that enabled the fraud
  • Suggesting customer education opportunities
  • Providing feedback on detection rule effectiveness
  • Sharing intelligence about new fraud patterns

Key Takeaways

For new fraud analysts:

  1. These fraud types represent most of what you'll see in your first year
  2. Each type has specific red flags - learn to recognize them quickly
  3. Criminals often combine methods - account takeover leading to wire fraud, etc.
  4. Stay current - fraud methods evolve constantly
  5. Focus on protecting customers while stopping criminals

Remember: Understanding common fraud patterns is your foundation. As you gain experience, you'll encounter more sophisticated schemes, but these basics will serve you throughout your career.

Ready to learn how to investigate these fraud types? The next module covers fraud investigation fundamentals.

Test Your Knowledge

Ready to test what you've learned? Take the quiz to reinforce your understanding.