BITS Online Fraud Library

BITS Online Fraud Library
This library is compiled by BITS from publicly available reports and documents, as a resource for fraud-related information. BITS does not endorse any particular organization or their products, services, or other information provided by these links.

This page is periodcially updated. Please check back for new information. Bolded items are recent additions.

 

  • Anti Money Laundering/Suspicious Activity Reporting
  • Check 21
  • Consumer Education
  • Counterfeit Checks
  • Cybercrime Security Deals 
  • Data Breaches/Information Security
  • Email Security
  • Financial Abuse of the Elderly and Vulnerable
  • Fraud Risk Management
  • Identity Theft
  • Internal Fraud
  • Mobile Payments
  • Mortgage and Loan Fraud
  • Online/Remote Channel Fraud
  • Payment Card/ATM Fraud
  • Payments Fraud and Risk

 

  • Remote Deposit Capture

To Main BITS Publications Page
To Members Only Fraud Section
 (Login required)

Anti Money Laundering/Suspicious Activity Reporting
– FinCEN Report on Outreach to Large Depository Institutions
(Oct 2009)
– Symantec States It is Highly Likely That A North Korean Group Is Responsible For Ransomware Attacks
(May 2017)
– FinCEN’s SAR Activity Review: Trends, Tips & Issues
Issue 15
 (May 2009)
– Anti-Money Laundering (AML) Source Tool for Mutual
Funds
 (Jan 2009)
– SAR Activity Review – By the Numbers (Nov 2008)
– SAR Activity Review: Trends, Tips & Issues
Issue 14
 (Oct 2008)
– FinCEN Update: Prepared Remarks of James H.
Freis, Network: Promoting Information Sharing in our
Global Anti-money Laundering/Counterterrorism
Finance Efforts
 (Oct 2008)
– SAR Activity Review: By the Numbers (May 2008)
– SAR Activity Review: Tips, Trends and Issues,
Issue 13
 (May 2008)
– FinCEN’s Strategic Plan for 2008-2012 (May 2008)
– Financial Crimes Enforcement Network FY07 Annual
Report
 (Apr 2008)
– SAR Activity Review: By the Numbers (Jan 2008)
– Reporting of Certain Currency Transactions for Sole
Proprietorships and Legal Entities Operating Under a
“Doing Business As” (“DBA”) Name
 (Jan 2008)
– Suggestions for Addressing Common Errors Noted in
Suspicious Activity Reporting
 (Oct 2007)
– SAR Activity Review: Issue 12 (Oct 2007)
– Bank Secrecy Act/Anti-Money Laundering Examination
Manual
 (Aug 2007)
– Bank Secrecy Act/Anti-Money Laundering Examination
Manual
 (Aug 2006)
– Special Due Diligence Programs for Certain Foreign
Accounts
 (Aug 2007)
– Suspicious Activity Report Supporting Documentation
(Jun 2007)
– SAR Activity Review: By the Numbers (Jun 2007)
– SAR Activity Review: Issue 11 (May 2007)
– 2007 National Money Laundering Strategy (May 2007)
(4MB)
– Financial Crimes Enforcement Network FY06 Annual
Report
 (Apr 2007) (14MB)
– Interagency Guidance on Sharing Suspicious Activity
Reports with Head Offices and Controlling Companies

(Jan 2006)
– U.S. Money Laundering Threat Assessment (Dec 2005)
– Final Regulation Implementing Section 312 of the
USA PATRIOT ACT
 (Dec 2005)
– Money Laundering: A Banker’s Guide to Avoiding
Problems
 (Dec 2002)

Check 21
– Board of Governors of the Federal Reserve System
Report to the Congress on the Check Clearing for
the 21st Century Act of 2003
 (Apr 2007)
– Check 21 and Check Fraud Prevention: Are They
Mutually Exclusive?
 (As contained in the Federal
Reserve Bank of Philadelphia Publication: SRC Insights)
– Implementing the Check 21 Act: Potential risks facing
banks
 (Aug 2005)
– Strategies for Mitigating Fraud Risks Associated with the
Check Clearing in the 21st Century Act
 (Oct 2004)
– Check 21 Resource Document (Mar 2004)

Consumer Education
– Manipulation and Abuse of the Consumer Credit
Reporting Agencies
 (Aug 2009)
– Identity Theft Help for Victims
– Plastic Fraud (Jun 2008)
– Count on Scammers and Schemers to Follow the
News
 (Feb 2008)
– BITS Mortgage Fraud Prevention: An Education and
Awareness Toolkit for Consumers
 (Jan 2008)
– ID Crime Prevention Toolkit 
– ID Crime Recovery Toolkit (2.5MB)
– Treasury Warns Public About E-Mail Scams (Dec 2007)
– To Buy or Not To Buy: Identity Theft Spawns New
Products and Services To Help Minimize Risk

(Nov 2007)
– STOP, THINK, CLICK: Seven Practices for Safer
Computing
 (Sep 2007)
– FinCEN Warning Notice: Fraudulent Stop Order Scams
(Aug 2007)
– FTC Brochure: Giving the Bounce to Counterfeit Check
Scams
 (Feb 2007)
– How Not to Get Hooked by a ‘Phishing’ Scam
(Oct 2006)
– Fighting Back Against Identity Theft: Common
Ways Identity Theft Happens
 (May 2006)
– 10 Dumb Things Users Do That Can Mess Up Their
Computers
 (May 2006)

Counterfeit Checks
– The Evolution of the Check as a Means of Payment
(Jan 2009)
– FTC Brochure: Giving the Bounce to Counterfeit Check
Scams
 (Feb 2007)
– BITS Voluntary Guidelines for Collections in the Financial
Services Industry
 (Mar 2004)

Cybercrime
– McAfee Threats Report: Second Quarter 2010
(Aug 2010)
– 14th Annual CSI Computer Crime and Security Survey  (Dec 2010)
– In the Crossfire – Critical Infrastructure in the Age of
Cyber-War 
(Jan 2010)
– 2010 Threat Predictions (Dec 2009)
– Symantec: Top Security and Storage Trends to
Watch
 (Dec 2009)
– McAfee Virtual Criminology Report 2009 (Nov 2009)
– The Top Cybersecurity Risks (Sep 2009)
– APWG: Phishing Activity Trends Report (Jan-June 2009)
– Understanding Scam Victims: Seven Principles for
System Security
 (Aug 2009)
– A Cybercrime Hub   (Aug 2009)
– McAfee Threats Report: 1st Quarter 2009   (May 2009)
– Symantec Global Internet Security Threat Report Trends
for 2008
 (Apr 2009)
– Symantec Report on the Underground Ecomomy
(Nov 2008)
– IAAC Directors’ and Corporate Advisors’ Guide to Digital
Investigations
 (Nov 2008)
– DOJ: Cybercrime Against Businesses (Oct 2008)
– Data Breaches: What the Underground World of
“Carding” Reveals
 (May 2008)
– Global Markets and Global Vulnerabilities: Fighting
Transnational Crime through Financial Intelligence

(Apr 2008)
– Electronic Crime Scene Investigation: A Guide for First
Responders, Second Edition
 (Apr 2008)
– Russian Business Network Study (Oct 2007)
– GAO-07-705: Cybercrime: Public and Private Entities
Face Challenges in Addressing Cyber Threats

(Jun 2007)
– CRS Report for Congress Terrorist Precursor Crimes:
Issues and Options for Congress
 (May 2007)

Data Breaches/Information Security
– MessageLabs Intelligence: 2009 Annual Security Report 
(December 2009)
– Hey, You, Get Off My Cloud: Exploring Information Leakage in Third Party Compute Clouds
(Oct 2009)
– On the Leakage of Personally Identifiable Information Via Online Social Networks
(Aug 2009)
– Verizon 2009 Data Breach Investigations Report
(Apr 2009)
– McAfee: 2009 Threat Predictions (Jan 2009)
– Information Security Breaches: Thinking Back and
Looking Ahead
 (Sep 2008)
– UNISYS Security Index: Global Summary (May 2008)
– Do Data Breach Disclosure Laws Reduce Identity
Theft?
 (Jun 2008) ( see our Wolters Kluwer promo codes ,They are our recommended provider for all legal, business, tax, accounting, finance, audit, risk, compliance matters .)
– 2008 Data Breach Investigations Report
(Verizon)
 (May 2008)
– Best Security, Privacy and Data Protection Articles
of 2007
 (Jan 2008)
– SANS Top-20 2007 Security Risks: 2007 Annual Update
(Nov 2007)
– GAO-07-837: Information Security: Despite
Reported Progress, Federal Agencies Need to Address
Persistent Weaknesses
 (Jul 2007)
– GAO-07-737: Personal Information: Data Breaches
Are Frequent, but Evidence of Resulting Identity Theft
Is Limited; However, the Full Extent Is Unknown

(Jun 2007)
– BITS/ABA Key Considerations for Responding to
Unauthorized Access to Sensitive Customer Information

(Nov 2006)
– BITS Consumer Confidence Toolkit: Data Security and
Financial Services
 (Oct 2006)
– BITS Key Considerations for Securing Data in Storage
and Transport
 (Apr 2006)
– Interagency Guidelines Establishing Information Security
Standards: Small-Entity Compliance Guide
 (Dec 2005)

Email Security
– Phishing Activity Trends Report: 3rd Quarter 2009 (Jan   2010)
– Count on Scammers and Schemers to Follow the
News
 (Feb 2008)
– STOP, THINK, CLICK: Seven Practices for Safer
Computing
 (Sep 2007)
– BITS Email Security Toolkit: Protocols and
Recommendations for Reducing the Risks
 (Apr 2007)
– How Not to Get Hooked by a ‘Phishing’ Scam (Oct 2006)

Financial Abuse of the Elderly and Vulnerable
– BITS Fraud Protection Guide: Protecting the Elderly and   Vulnerable from Financial Fraud and Exploitation  (February 2010, Updated from 2005)
– BITS Fraud Protection Training Guide: PowerPoint   Presentation (February 2010, Updated from 2005)
– BITS Fraud Protection Guide: Protecting the Elderly and
Vulnerable from Financial Fraud and Exploitation

(Nov 2005)

Fraud Risk Management
– Advice for Phone and Online Banking Users (Jan 2010)
– 2009 Lexis Nexis True Cost of Fraud (Nov 2009)
– Bank Secrecy Act – GAO: Suspicious Activity Report Use
Is Increasing
 (Apr 2009)
– Six Critical Elements of a Comprehensive Risk
Management Program
 (Dec 2008)
– 2008 RSA Online Fraud Report (Dec 2008)
– Managing the Business Risk of Fraud: A Practical Guide
(Jul 2008)
– Ten Things About Fraud Control (Nov 2007)
– How Does Your Hotline Measure Up? (Checklist Criteria)
(Nov 2007)
– Financial Crimes Report to the Public,
Fiscal Year 2007
 (Sep 2007)
– Risky Business: Managing Electronic Payments in the
21st Century
 (Dec 2005)

Identity Theft
– Predicting Social Security Numbers from Public Data
(Jul 2009)
– FTC Compliance Guide: Fighting Fraud with the Red
Flags Rule
 (Mar 2009)
– Identity Theft Assistance Center Blog
– Vicitms’ Rights: Fighting Identity Crime on the Front
Lines
 (Feb 2009)
– FTC Report: Security in Numbers – SSNs & ID Theft
(Dec 2008)
– Identity Theft Help for Victims
– Identity Theft: The Aftermath 2007 (Jun 2008)
– Victims of Fraud Dossier, Part IV (May 2008)
– International Association of Chiefs of Police (IACP) and
Bank of America Identity Crime Toolkits (Dec 2007)
– ID Crime Prevention Toolkit 
– ID Crime Recovery Toolkit (2.5MB)
– Police Chief’s Identity Crime Toolkit (3MB)
– Identity Fraud Trends and Patterns: Building a
Data-Based Foundation for Proactive
Enforcement
 (Oct 2007)
– FTC 2006 Identity Theft Survey Report
– Identity Theft Laws: State Penalties and Remedies and
Pending Federal Bills
 (Jun 2007)
– Fighting Back Against Identity Theft: Common
Ways Identity Theft Happens
 (May 2006)
– Identity Management at Credit Unions (Mar 2006)
– Identity Theft: Some Outreach Efforts to Promote
Awareness of Consumer Rights are Under Way 

(Jun 2005)
– Local Law Enforcement’s Response to Identity Theft
Crimes: Strategies to Support the Investigative Role of
the Police and Compliance with the F.A.C.T. Act of 2004

(Jun 2005)
– Locking up the Evil Twin: A Summit on Identity Theft
Solutions
 (Mar 2005)
– National and State Trends in Fraud & Identity Theft
(Feb 2005)
– The Use of Technology to Combat Identity Theft
(Feb 2005)
– Identity Theft: A Risk to be Managed (Feb 2005)
– Putting an End to Account-Hijacking Identity Theft
(Dec 2004)
– Putting an End to Account-Hijacking Identity Theft
Study Supplement
 (Jun 2005)
– BITS Fraud Reduction Guidelines: Strategies for Identity
Theft Prevention and Consumer Assistance
 (Jul 2003)
– Documents to Assist Members in Addressing Email
Hoaxes (July 2003)
– Questions for Financial Institutions to Ask
Customers Calling to Report an Email Hoax

Internal Fraud
– Report to the Nation on Occupational Fraud and Abuse(June 2010)
– Deloitte’s 6th Annual Global Security Survey (Feb 2009)
– ACFE 2008 Report to the Nation on Occupational Fraud &
Abuse
 (Jul 2008)
– Managing the Business Risk of Fraud: A Practical Guide    (Jul 2008)
– (ISC)2 Global Information Security Workforce
Study
 (May 2008)
– When Bad Things Happen to Good Banks: The Perils of
Unbalanced Internal Control Regime
 (Mar 2008)
– CERT Podcast: Insider Threat and the Software
Development Life Cycle
 (Mar 2008)
– Insider Threat Study: Illicit Cyber Activity in the
Government Sector
 (Jan 2008)
– Insider Threat Study: Illicit Cyber Activity in the
Information Technology and Telecommunications Sector

(Jan 2008)
– Internal Fraud: Building the Business Case for
Investment
 (Oct 2007)
– KPMG Profile of a Fraudster Survey 2007 (Aug 2007)
– Internal Fraud: Surveying the Current Landscape
(Mar 2007)
– Report to the Nation on Occupational Fraud & Abuse
(Aug 2006) (7MB file)
– Common Sense Guide to Prevention and
Detection of Insider Threats, Ver 2.1
 (Jul 2006)
– Insider Activities: Comptroller’s Handbook (Mar 2006)
– Insider Threat Study: Computer System Sabotage in
Critical Infrastructure Sectors
 (May 2005)
– Insider Threat Study: Illicit Cyber Activity in the
Banking and Finance Sector
 (Aug 2004)

Mobile Payments
– Boston and Atlanta Feds cohost mobile payments   industry roundtable meeting (June 2010)
– Mobile Payments in the United States at Retail Point of   Sale: Current Market and Future Prospects (May 2010)
– Alternatives for Banks to offer Secure Mobile Payments  (March 2010)
– Mobile Payments: Mobile Operator Market Opportunities
and Business Models
 (Aug 2007)

Mortgage and Loan Fraud
– Loan Modification and Foreclosure Rescue Scams –   Evolving Trends and Patterns in Bank Secrecy Act
Reporting
 (Jun 2010)
– 2009 FBI Mortgage Fraud Report “Year in Review”
(May 2010)
– FinCEN Mortgage Loan Fraud Update: Suspicious Activity   Report Filings from July 1-September 30, 2009 (Feb
2010)
– The Detection and Deterrence of Mortgage Fraud
Against Financial Institutions: A White Paper 
(Feb 2010)
– FFIEC Issues 2009 Mortgage Fraud White Paper: The
Detection and Deterrence of Mortgage Fraud Against
Financial Institutions”
(Feb 2010)
– FinCEN’s SAR Activity Review: Trends, Tips & Issues”
(Oct 2009)
– Q2 2009 Mortgage Fraud Risk Report”(Aug 2009)
– FBI 2008 Mortgage Fraud Report, “Year in Review”
(Jul 2009)
– FinCEN Advisory: Guidance to Financial Institutions on
Filing Suspicious Activity Reports Regarding Loan
Modification/Foreclosure Rescue Scams
 (Apr 2009)
– FinCEN Report: Mortgage Loan Fraud Connections with
Other Financial Crime
 (Mar 2009)
– Mortgage Asset Research Institute’s (MARI�) 11th
Periodic Mortgage Fraud Case Report to the Mortgage
Banker’s Association (MBA)
 (Mar 2009)
– Filing Trends in Mortgage Loan Fraud (Feb 2009)
– OCC Offers Consumer Tips to Avoid Foreclosure
Rescue Scams
 (May 2008)
– Q2-2008 Core Mortgage Risk Monitor (Apr 2008)
– FBI 2007 Mortgage Fraud Report (Apr 2008)
– Suspected Money Laundering in the Residential Real
Estate Industry: An Assessment Based Upon Suspicious
Activity Report Analysis
 (Apr 2008)
– Mortgage Loan Fraud: An Update of Trends based Upon
an Analysis of SARs
 (Apr 2008) (5MB)
– Mortgage Loan Fraud: An Industry Assessment based
upon SAR Analysis
 (Nov 2006)
– Interthinx Training DVD: Fraud Angels (Mar 2008)
– BITS Mortgage Fraud Prevention: An Education and
Awareness Toolkit for Consumers
 (Jan 2008)
– MBA Study: Strengthening Federal and State Mortgage
Fraud Prevention Efforts
 (Oct 2007)

Online/Remote Channel Fraud
– APWG Global Phishing Survey (registration required)
 (May 2010)
– CyberSource: 10th Annual Online Fraud Report
 (Apr 2010)
– Malicious Software: A Security Threat to the
Internet Community
 (Jun 2008)
– CyberSource: 8th Annual Online Fraud Report
(Apr 2008) (registration required)
– A Practical Approach to Managing Phishing (Apr 2008)
– APWG: Advisory on Utilization of Whois Data For
Phishing Site Take Down
 (Mar 2008)
– APWG: Phishing Activity Trends (Dec 2007)
– APWG: The Relationship of Phishing and Domain Tasting
(Sep 2007)
– Online Financial Fraud and Identity Theft Report
(Aug 2007)
– Report on Phishing A Report to the Minister of Public
Safety and Emergency Preparedness Canada annd the
Attorney General of the United States (Oct 2006)
– 10 Dumb Things Users Do That Can Mess Up Their
Computers
 (May 2006)
– Online Identity Theft: Phishing Technology, Chokepoints
and Countermeasures
 (Oct 2005)
– FFIEC: Authentication in Internet Banking Environment
(Oct 2005)
– Voluntary Guidelines for Consumer Confidence in Online
Financial Services
 (Sep 2005)
– STAR ID Theft/Phishing Research Update (May 2005)
– Fraud Prevention Strategies for Internet Banking
(Apr 2003)

Payment Card/ATM Fraud
– A Method for Improving the Benchmarks Used to
Monitor ACH Returns
 (Jun 2010)
– Where Security Fits in the Payments Processing Chain
(May 2010)
– Federal Reserve Bank of Philadelphia Payment Cards
Center: Update Newsletter
 (Spring 2010)
– Best Practices for Managing Cardholder Dispute,
Chargeback Processes
 (Mar 2010)
– The 2008 Survey of Consumer Payment Choice
(Jan 2010)
– The future of everyday payments in Europe: Who cares?
(Jan 2010)
– Skimming Prevention: Best Practices for Merchants
(Sep 2009)
– ATM Crime: Overview of the European Situation and
Golden Rules on How to Avoid It
 (Aug 2009)
– Stopping Card Fraud in its Tracks (Jul 2009)
– Economics of payments card: A status report
(Mar 2009)
– The Federal Reserve’s Role in Retail Payments: Adapting
to a New Environment
 (Jan 2009)
– The Economics of Payment Cards (Nov 2008)
– Recent Payment Trends in the United States (Oct 2008)
– BITS Debit Card/ATM Fraud Resource List (Oct 2008)
– Understanding Risk Management in Emerging Retail
Payments
 (Sep 2008)
– Payments Card-related Legislative and Policy Update
(Sep 2008)
– Plastic Fraud (Jun 2008)
– A Guide to the ATM and Debit Card Industry:
2006 Update
 (Jan 2007)
– Targeting Debit Card Fraud: A Multi-pronged Approach
to Educate, Prevent and Detect
 (Nov 2005)
– The Laws, Regulations, and Industry Practices That
Protect Consumers Who Use Electronic Payment
Systems: Credit and Debit Cards
 (Jan 2005)

Payments Fraud and Risk
– 2010 AFP Payments Fraud Survey (Apr 2010)
– Heartland Payment Systems: Lessons Learned from a
Data Breach
 (Jan 2010)
– Payments Fraud. How it happens. And what you can do
to protect your organization.
 (Nov 2009)
– Payment Cards and Mobile: Inside Fraud (Oct 2009)
– The Beating Heart of Banking: Insights in Global
Payments
(June 2009)
– Payments Fraud: Perception versus Reality – A
Conference Summary 
(June 2009)
– Payment System End-Users Committee (EUC) Position
Paper on SEPA Direct Deposit
 (Jul 2009)
– A Backward Glance While Looking Forward
Federal Reserve Bank of Kansas City (Apr 2009)
– 2009 AFP Payments Fraud and Control Survey: Report
of Survey Results
 (Mar 2009)
– The Federal Reserve’s Role in Retail Payments: Adapting
to a New Environment
 (Jan 2009)
– Consumer Choice and Merchant Acceptance of Payment
Media
 Federal Reserve Bank of Chicago (Nov 2008)
– The Economics of Payment Cards
Federal Reserve Bank of Chicago (Nov 2008)
– Recent Payment Trends in the United States (Oct 2008)
– Understanding Risk Management in Emerging Retail
Payments
 (Sep 2008)
– Assessing the Landscape of Payments Fraud
Chicago Fed Letter (Jun 1008)
– 2008 Payments Conference “Payments Fraud:
Perception Versus Reality”
 (Jun 1008)
– The Contactless Wave: A Case Study in Transit
Payments
 (Jun 2008)
– FFIEC Booklet: Wholesale Payment Systems
– The Evolution of the ACH (Dec 2007)
– Chicago Fed Letter: Competitive Forces Shaping the
Payments Environment: What’s Next?
 (Aug 2007)
– Accepting Contactless Payments: A Merchant
Implementation
 (Jun 2007)
(Registration required for full report)
– Fraud in the ACH System: A Holistic Approach for
Financial Institutions
 (Jun 2007) (Registration required)
– Liability Flows Among Networks – Comment Letter on
Cross-Network Liability
 (May 2007)
– Third Party Payments System Access Control White
Paper and Recommendations
 (May 2007)
– BITS ACH Check Conversion Risk Management Toolkit
(Mar 2007)
– FRB: The Supervisory Framework Surrounding Nonbank
Participation in the U.S. Retail Payments System:
An Overview
 (Apr 2006)
– NACHA: A Comprehensive Strategy for Risk
Management in the ACH Network
 (Feb 2007)
– OCC Bulletin 2006-39 – Managing Risks of ACH Activity
(Sep 2006)
– NACHA: A New Strategic ACH Rules Framework for Risk
Mitigation in the 21st Century
 (May 2005)
– The Laws, Regulations, and Industry Practices That
Protect Consumers Who Use Electronic Payment
Systems: ACH E-Checks & Prepaid Cards
 (Mar 2005)
– Account-to-Account Services: Emerging Product
Overview
 (Mar 2005)

Remote Deposit Capture
– BITS Remote Deposit Image Capture: The Processes,
Risks and Strategies Used to Mitigate Them
 (Sep 2006)
– NetDeposit: Remote Deposit Capture: A White Paper
Addressing Regulatory, Operational and Risk Issues

(Aug 2006)