Skip to main content

BIN There, Done That: Air Force FCU Topples An Attack

In late April 2021, transactions totaling close to six figures from the same retailer hit the credit union in nearly one fell swoop. Transaction data from Air Force FCU’s core provider indicated all the charges were card-not-present purchases, which tipped Miller off to the fraud.

The cooperative had to act quickly.

Because the retailer, which Miller declines to name, is a large, legitimate business, the credit union couldn’t simply cut off those transactions. However, during its due diligence, Air Force FCU learned the attack came from only one of the several networks through which it processes transactions, and it could shut off transactions from specific card networks.

“We made the decision to stop all transactions from that network for two days,” Miller says. “It stopped the fraud in its tracks and gave us enough time to figure out our next move.”

The credit union’s chief technology officer along with several risk employees began to thoroughly review Air Force FCU’s daily credit card transaction reports. A pattern soon emerged. Miller says her exceptions report often state “card destroyed,” “card lost,” “card stolen,” or “wrong pin.” Not this time.

“We saw was a huge pattern of ‘card not found,’” Miller says. “Plus, these were all from the same vendor and the impacted card numbers ran in a sequential order. It just wasn’t normal.”

The fraudsters, however, had accurate card information so transactions were going through, putting the credit union on the hook for losses. And the hackers were sophisticated, Miller says. They used different names, different dollar amounts, and even different addresses — not always in the United States.

“People were really buying stuff,” Miller says. “It was going as far away as Colombia.”

The Response

Air Force FCU implemented immediate changes to its card numbering logic — no longer would the same several digits appear for each card. By altering the pattern, the credit union hoped to make hacking more complicated. Additionally, the credit union reissued every card that was affected by the attack, but it did not reissue cards en masse.

“It’s a long process to reissue like that,” Miller says. “And it wasn’t going to stop the bleeding.”

The fact the dollar amounts tended to be small posed a challenge to identifying fraudulent charges. And because it was a well-known retailer, members weren’t always aware they were victims. Air Force FCU posted a message on its home banking platform asking members to review their statements carefully for suspicious activity. It did not name the retailer because the attack ultimately wasn’t the retailer’s fault. In fact, the retailer was helpful.

“When we contacted them, they were eager to help us stop the fraud,” Miller says.

Internally, three employees in the risk department started reviewing daily core and card processor reports looking for context clues for potential fraud. Of primary focus are those “card not found” transactions, especially sequential card numbers used in close succession.

“The crook spends his whole day looking for ways in. We’re going to be behind the curve in trying to catch up, but we’ll do everything we can.” Cathy Miller, SVP & Chief Risk Officer, Air Force FCU

Looking forward, Air Force FCU hopes its risk review process will curb future fraudulent activity and is evolving its cybersecurity efforts, which include a new information security committee. Miller knows the battle is far from over, but that doesn’t mean it’s not worth the fight.

“The crook spends his whole day looking for ways in,” Miller says. “We’re going to be behind the curve in trying to catch up, but we’ll do everything we can.”

 Callahan & Associates, Inc.

Comments

Popular posts from this blog

Without President’s Signature, ROAD to Housing Act Becomes Law; Includes CU Board Modernization Act

WASHINGTON — The bipartisan 21st Century ROAD to Housing Act became law Friday without President Donald Trump’s signature after the president allowed the measure to take effect while Congress remained in session, choosing not to sign it in protest over the Senate’s failure to advance separate voter identification legislation.  The legislation includes the Credit Union Board Modernization Act, which reduces the frequency with which credit unions must meet and which had strong support from the credit union trade groups.  Trump announced on social media that he would not sign the housing package because the Senate had not passed the SAVE America Act, a measure he has championed requiring proof of citizenship for voter registration. Under the Constitution, a bill becomes law if the president neither signs nor vetoes it within 10 days, excluding Sundays, while Congress is in session.  Scott Simpson ‘Steadfast in Commitment’ “America’s Credit Unions, our league partners, and cr...

Invest in Education - Invest in Tomorrow

 

Inflation Cools in June Report, But One CU Economist Says There’s One Reason–And it Could Change

WASHINGTON — U.S. consumer inflation cooled more than expected in June, offering relief after several months of elevated price pressures, though economists cautioned the improvement could prove temporary as renewed geopolitical tensions threaten to push energy prices higher. The Consumer Price Index fell 0.4% in June on a seasonally adjusted basis, the largest monthly decline since April 2020, after rising 0.5% in May, according to data released Tuesday by the Bureau of Labor Statistics . Compared with a year earlier, consumer prices rose 3.5%, down from 4.2% in May.  Foot off the Gas Dawit Kebede “Falling gas prices led June’s decline and pulled headline inflation lower year-over-year. Renewed hostilities could complicate the energy picture ahead, and a reversal in gasoline costs would be the most likely channel for that pressure to show up,” said America’s Credit Unions Senior Economist Dawit Kebede. “But softening core prices point to broader-based moderation, suggesting the ea...

What You Might Not Know About July 4th.

White Paper from WOCCU Examines How Stablecoins are Reshaping Financial Infrastructure

WASHINGTON– World Council of Credit Unions (WOCCU) has released a new white paper that examines how stablecoins are reshaping the financial infrastructure that credit unions and other cooperative financial institutions rely on to serve their members.  According to WOCCU, the white paper, How Digital Money Is Impacting Credit Unions, Part 1: Focus on Stablecoins , is the first in a planned three-part series exploring how emerging forms of digital money are affecting the global credit union movement.  “The report begins by noting that stablecoins are no longer a niche fintech development, but part of a broader structural shift in how money is stored, moved and regulated,” WOCCU explained. “As commercial banks, payment networks, technology firms and retailers build stablecoin offerings or integrate stablecoin rails into their platforms, credit unions must consider how these changes could affect deposits, payments, member relationships and long-term institutional relevance.” For ...

New GDP Data is ‘Positive,’ Clouds Clearing, Says NAFCU Economist

WASHINGTON–Although discussion and forecasts continue to focus on a recession in the U.S. economy, economic growth remained solid at the end of 2022, according to new federal data. Curt Long The Commerce Department said U.S. gross domestic product, adjusted for inflation, increased at an annual rate of 2.9% in the fourth quarter of 2022, down slightly from a 3.2% growth rate in the Q3. Consumer spending grew at a 2.1% rate, according to the Commerce Department data, which will be revised at a later date. “The big picture view of economic growth in the fourth quarter is a positive one,” said NAFCU Chief Economist and VP-Research Curt Long. “Much of that grow...

NCUA Tells FICUs Crypto Trading is OK — If Big Exchanges Provide the Service

When it comes to reading between the lines of financial regulators’ advisory letters, tone matters. Take last week’s letter from the National Credit Union Administration (NCUA) which gave the federally insured credit unions (FICUs) it oversees permission to partner with digital asset providers to allow retail customers to buy, sell and trade in cryptocurrencies. Now compare it to the one issued by Comptroller of the Currency Michael Hsu’s agency to the national banks and federal savings associations it regulates a month earlier. On the surface, both said much the same thing: Financial institutions can provide cryptocurrency services (albeit with some notable differences: the OCC’s letter dealt with more back-end services, including custody services as well as holding and using dollar-pegged stablecoins for transaction settlement). Neither was enthusiastic. The NCUA’s letter said it “does not prohibit FICUs from establishing these relationships” — which is not as enthusiastic as “are a...

The FedNow Service will launch in 2023 "Are you ready?"

The FedNow Service is a new instant payment service that the Federal Reserve Banks are developing to enable financial institutions of every size, and in every community across the U.S., to provide safe and efficient instant payment services in real-time, around the clock, every day of the year. Through financial institutions participating in the FedNow Service, businesses and individuals will be able to send and receive instant payments conveniently, and recipients will have full access to funds immediately, giving them greater flexibility to manage their money and make time-sensitive payments. Consistent with the Federal Reserve’s historical role of providing payment services alongside private-sector providers, the FedNow Service will provide choice in the market for clearing and settling instant payments as well as promote resiliency through redundancy. Financial institutions and their service providers will be able to use the service as a springboard to provide innovative instant p...

The Federal Reserve has opted to make no changes in interest rates

WASHINGTON–The Federal Reserve has opted to make no changes in interest rates following the conclusion of its meeting here, but it has indicated it could move as soon as next month to cut rates if the United States and China isn’t able to find ways to resolve their trade dispute. As a result,  For now, the Fed left its short-term rate at a range of 2.25% to 2.5%. Eight of the 17 votings, Fed policymakers did predict there could be as a half percentage point decline in rates in 2019. In a statement following its meeting, the Fed did dial down a bit its forecast for the economy.   “In light of these uncertainties and muted inflation pressures, the FOMC will closely monitor the implications of incoming information for the economic outlook and will act as appropriate to sustain the expansion, with a strong labor market” and inflation near the Fed’s 2% goal,” the Fed said.  Fed Chairman Jerome Powell in recent interviews has expressed concerns over what he ...

Fed Chair Says Inflation To Hang Around a Bit Longer; New Beige Book Data Show Why

WASHINGTON–The chairman of the Federal Reserve told the House the current increase in inflation is temporary, although it will remain elevated in the months ahead before moderating. Fed Chairman Jay Powell’s comments before Congress came on the same day the Fed released its Beige Book analysis, which found an economy showing increasing strength, but also suffering shortages of many materials and manpower. During his testimony before House Financial Services Committee as part of his semiannual monetary policy report to Congress, which he will repeat today before the Senate, Powell said asset valuations have generally risen as the economy has improved and investor risk appetite has grown. “Household balance sheets are, on average, quite strong, business leverage has been declining from high levels, and the institutions at the core of the financial system remain resilient,” Powell said. What About Inflation? As for inflation, which is of conce...