Some real frauds spotted and stopped

The fraudster impersonated a bank customer and asked the banking employee to order a transaction of CHF 1,000,000. The banking employee was scammed, believed that the fraudster was the customer and validated the transaction.

Although the case involved a new client with little historical data, the payment was blocked because the transaction was unusual at the bank level, and the beneficiary account was also unusual.

The fraudster impersonated a bank agent and through social engineering persuaded the customer to release his/her e-banking login details. The fraudster took over the customer’s account and made a payment of EUR 33,170 to an account of their own.

The AI risk models identified the transaction as fraudulent and blocked it because the e-banking metrics – e-banking language, browser, screen resolution, etc – did not match the customer’s usual profile.

A fraudster impersonating a banking agent persuaded a customer to disclose his/her e-banking login details through social engineering, took over the account and attempted a payment of GBP 21,000 to an illicit account.

Vyntra's AI risk models blocked the transaction due to unusual e-banking and transaction variables, including unusual amount, screen resolution, beneficiary institution, beneficiary account, e-banking session language, and currency.

The fraudster impersonated the CEO of the account holder’s company and over email convinced the victim to pay EUR 170,000 into an illicit account.

Vyntra's AI risk models stopped the transaction due to unusual variables including the beneficiary account and country, the operation type, order type, and currency.

The victim was advised by a fraudster impersonating a business partner to invest in a fictitious company and ordered a payment of USD 170,000.

Vyntra stopped the transaction due to variables not matching the customer’s profile, including the unusual destination, beneficiary bank, beneficiary account, amount, and currency.

The fraudster introduced himself to the victim as an American soldier based in the Middle East. A romantic relationship started and the fraudster convinced the victim to make three transactions to his bank in Germany – of USD 1,500, of EUR 3,000, and one of EUR 11,300.

Vyntra’s AI risk models stopped the first and third transactions, spotting unusual variables including the beneficiary bank account, the destination bank country, the amount and currency.

The fraudster impersonated a Microsoft employee and called the victim to say he had been hacked. The victim gave over control of his computer to the fraudster, who then planted malicious code and was able to transfer a payment of EUR 3,469 from the victim’s bank account to an illicit account in Slovenia.

Vyntra spotted a number of unusual transaction variables and stopped the payment. These included an unusual beneficiary country and account, and unusual currency for the customer, and an unusual beneficiary account for the bank.

An IT administrator with back-end user privileges inflated account balances for an accomplice. The funds were then were ready to be withdrawn from ATMs and mobile banking but we detected the fraud before the money left the bank.

Vyntra’s AI risk models spotted the internal fraud because the privileged user checked the account several times over a number of days, behavior the models picked up as suspicious.

The victim received an invitation via a phishing email apparently from the government containing a malicious link. On clicking the link, the fraudsters were able to install a banking Trojan, add a new device, enter two payments and validate them through eBanking.

Vyntra’s AI risk models detected and stopped the payments after spotting variables that didn’t match the victim’s usual profile. These included the unusual screen resolution, beneficiary institution, beneficiary account, amount of transaction and browser.

A client wanted to access her eBanking service. After entering her credentials and scanning the QR code, a message appeared in French and German asking her to re-enter her credentials for greater security. After she did so, an error message appeared saying the site was unavailable. This is likely to have been a man in the middle attack in which the second QR code was displayed by a hacker to recover the victim’s account credentials. The fraudster then attempted a payment of CHF 38,000.

Vyntra’s blocked the payment due to unusual session information, including browser language and screen resolution, and transaction details including the unusual amount and beneficiary bank. The system logs showed three sessions that raised suspicions, suggesting the fraudster accessed the victim’s account several times while attempting the payment

A bank customer received emails from a fraudster impersonating an existing supplier which instructed him to change the IBAN of the beneficiary for certain transactions as the supplier’s account details had changed. The customer proceeded with 8 payments without any further control or validation, sending a total of USD 850,000 to the fraudster’s IBAN account.

Vyntra’s AI solution stopped the fraudulent payments as there were unusual factors such as unusual beneficiary account and unusual country.