Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Comments are moderated and will not appear until the moderator has approved them.
Please submit appropriate comments. Inappropriate comments include content that is abusive, harassing, or threatening; obscene, vulgar, or profane; an attack of a personal nature; or overtly political.
In addition, no off-topic remarks or spam is permitted.
October 12, 2021
Scams and Student Loan Forbearance
If you are a millennial like me, sitting on a mountain of student loan debt, chances are you've probably received at least one call or letter a month with offers to suspend your student loan payments as part of the administrative forbearance set by the Coronavirus Aid, Relief, and Economic Security—or CARES—Act. In fact, I recently received a letter stating that I was "prequalified" to have my federal student loans forgiven in exchange for an upfront fee. Of course, not all of the unsolicited letters and calls are scams, but if you're asked to pay a fee to have your student loans canceled, it's a safe bet that those offers are more than likely scam tactics.
Although student loan forgiveness scams have been around for some time, fraudsters claiming to be affiliated with the Department of Education are exploiting the current economic uncertainty by creating confusion around how borrowers can qualify for the administrative forbearance program. Some fake companies will offer to work with borrowers to negotiate a lower repayment plan for free and then request that they send their payments directly to the company rather than to the lender. Furthermore, scammers may ask for personally identifiable information or the borrower's Federal Student Aid (FSA) login credentials in hopes of stealing the borrower's identity or money. In a time when unemployment is high and many are financially vulnerable, people are likely more willing to take risks if it means obtaining some desperately needed financial relief—and fraudsters are well aware of this.
So what should you do if you are contacted by a company offering student loan debt relief? The FSA recommends you look out for these red flags before you respond:
- They require you to pay upfront or monthly fees.
- They promise immediate and total loan forgiveness or cancellation.
- They ask for your FSA ID username and password.
- They ask you to sign and submit a third-party authorization form or a power of attorney.
- They claim that their offer is limited and encourage you to act immediately.
- Their communications contain spelling and grammatical errors.
The FSA also lists some examples of common phrases that scammers use in their communications:
- "Act immediately to qualify for student loan forgiveness before the program is discontinued."
- "You are now eligible to receive benefits from a recent law that has passed regarding federal student loans, including total forgiveness in some circumstances. Federal student loan programs may change. Please call within 30 days of receiving this notice."
- "Your student loans may qualify for complete discharge. Enrollments are first come, first served."
- "Student alerts: Your student loan is flagged for forgiveness pending verification. Call now!"
Although the latest extension of the administrative forbearance into early next year may be a huge relief for many borrowers, it unfortunately also means that scammers have more time to exploit the situation. I encourage you to read an FSA article that contains other helpful information on how to identify and report a student loan scam.
October 4, 2021
Webinar on Preventing Elder Financial Exploitation
Every day, nearly 10,000 adults in the United States turn 65, and every year, elder financial exploitation results in ever greater losses. In 2020, people over the age of 60 sustained more than $1 billion of losses due to fraud, an increase of $300 million over the previous year, according to the FBI's Internet Crime Complaint Center , known as the IC3. (Some estimates put the losses much higher.)
Payments-related problems are often red flags that alert bankers that fraud could be occurring. Overdraft fees due to bounced checks, unusual ATM withdrawals, utility payments for multiple properties, or payment card transactions that aren't a pattern within the customer's normal payment history are just a few examples that can be explored to protect against elder financial exploitation.
The recent public spotlight on conservatorships—consider Britney Spears, Nichelle Nichols who played Lieutenant Uhura of Star Trek fame, and the 2020 Golden Globe-winning movie I Care A Lot—has identified an until recently little-known form of potential financial exploitation. Approximately 1.3 million adults, representing $50 billion in assets , are in some form of a conservatorship today according to the most recent statistics from 2016. This number includes those who are younger and have disabilities or other issues that may require oversight, but the majority are elders.
As the population continues to age, what risks need to be exposed to protect the elderly from financial exploitation? What are the differences among guardianship, power of attorney, and conservatorship? Are women more at risk for exploitation than men? What can financial institutions do to identify their elderly customers and protect them?
Join us on October 21 for the next session of our Talk About Payments (TAP) webinar series, when two experts in elder financial abuse prevention provide insights into these and other questions. Scarlett Heinbuch, a payments risk expert at the Atlanta Fed, will lead the discussion with Naomi R. Cahn, director of the Family Law Center at the University of Virginia School of Law, and Ronald C. Long, head of aging client services for Wells Fargo.
The webinar takes place on October 21 from 1 p.m. to 2 p.m. (ET). To participate in the free webinar, you must register in advance. Register on the event page or go to the TAP webinar page, where you can also view previous webinars. Once you have registered, we will send you a confirmation email with login information.
We look forward to a lively discussion on these little-known topics. Bring your questions!
July 12, 2021
Young and Old Want to Keep Their Money Safe
My colleague Doug King recently moderated a panel about age-related attitudes toward banking and payment practices. He spoke with a boomer, a gen-Xer, a millennial, and a gen-Zer.
Most notable about these panelists: not how different they were from each other but how alike. Keeping in mind that a sample of four is not representative and that all were Federal Reserve employees, panelists of every age agreed about risk when it comes to their money: they hate it.
All four had used a brick-and-mortar bank one way or another in the last year, and there was no interest in switching to a digital-only bank or fintech option—even though all panelists struggled to remember the last time they had written a check. One panelist said, "I stick with what I know." Another: "I just don't have time to do the research." A third, "I'm staying with the traditional, just in case." They wanted not the bricks, not the mortar, but rather the security implied by the existence of solid real estate.
They admitted to more risk-averse behavior: no one—not the youngest, not the IT guy—owned crypto assets. Too risky, they said. Most are storing card numbers with an online merchant with high brand recognition but not at other online shopping websites. It's worth the small amount of time to put in the number at lesser known sites, said three of the four.
Do you see a marketing opportunity out there? Some newer services are selling the idea of speed—that is, payments that are fast and frictionless. Or the social benefits of tagging payments with emojis. Or convenience. Or a user-friendly app. But these four people, at least, want safety.
Of course, newer ways to pay do offer security enhancements—for example, two-factor authentication when you use a phone with fingerprint or face ID authentication to pay. And, with so many choices available, panelists said they would like to better understand their payment options. This means that maybe customers are waiting to hear more about product features and benefits that emphasize security and, according to these four, at least, that are delivered by recognized brands they already know and trust.
May 17, 2021
Common Learnings from Fishing and Phishing
As a youngster growing up in Southeast Georgia, one of my favorite summer pastimes was fishing with my older brother at the local creek using cane poles and some corn niblets or, if we really hit the bait treasure box, pieces of beef hot dog. There is a reason they call it fishing and not catching as most days we barely got a nibble. But there were those days when we would land a nice-sized bluegill.
As I grew older and my fishing opportunities expanded, I began to learn more about the science and techniques of fishing. To increase the catching, there was a level of knowledge needed as to what type of bait (artificial or live) and what fishing technique (bottom, slow, or fast retrieve) to use to target the species of fish I wanted.
I reviewed the FBI's 2020 Internet Crime Report recently and learned that there were more than 240,000 phishing/smishing/vishing/pharming incidents in 2020—an increase of 110 percent over 2019 (and these are just those that were reported). Losses from these incidents were estimated at $54 million. Reading about this made me flash back to my fishing learnings. I reflected that in phishing, as in fishing, there are those people who simply throw out a baited hook to see what bites they get. They blast out a generic email to tens of thousands of email addresses they bought or otherwise acquired illegally, promising fortunes if you only pay, in advance, a finder's fee or the taxes, with gift cards or cryptocurrency. (These messages have advanced over the years to eliminate the poor grammar and misspellings and provide a more believable scenario about the money that belongs to you.)
It has become obvious to me from my research, from seeing the attacks firsthand, and from listening to my colleagues that criminals are becoming more sophisticated in their messages. They are quick to take advantage of current health or natural disaster crises, sending links to “breaking news” that contain malware or links to false websites to capture your personal information or other credentials. They have become very skilled in identifying a target and researching that individual's hobbies or life events through social media, which allows them to craft a message that appears legitimate and appeals to the target's interest.
My colleagues and I are constantly trying to better educate the public about these threats through our posts, webinars and other publications. Just when we think we've seen it all, the criminals come up with a new twist on an old scheme, such as what we saw over the last year regarding the stimulus payments. The bad guys are always going to be out there hoping they can get a nibble from you so they can try to set the hook and reel you in. Don't let yourself be the catch of the day.