What Every Community Bank Needs to Fight Fraud

Fraud continues to complicate the lives of community bankers and their customers. While the industry would be a far better place without it, the reality is that community banks must build fraud awareness, knowledge and prevention skills in order to succeed. And that all starts with knowing what to look out for.

“Fraud mechanisms and scam typologies are constantly evolving, and community banks continue to be challenged by their stubborn persistence,” notes Scott Anchin, ICBA’s senior vice president of strategic initiatives and policy. “Fraud and scams don’t just affect the bottom line; they affect customer relationships and divert resources away from other important operational activities.”

Anchin says check fraud, payment card friendly fraud, romance baiting and business email compromise top the list of today’s fraud concerns.

Worst of the worst: check fraud

Following years of exponential growth, check fraud remains the most concerning issue for community banks in 2025, says Terri Luttrell, compliance and engagement director at financial institution software provider Abrigo in Austin, Texas. According to the 2024 Abrigo Fraud Survey, 61% of Americans still write checks. This represents a decline in overall check volume, but incidents of fraud and the resulting losses remain high across the U.S. Luttrell cites current FBI statistics: $18 billion in annual check fraud losses, 500 million fraudulent checks per year and more than a million fraudulent checks detected daily.

At $1.6 billion-asset Plumas Bank in Quincy, Calif., “one of the strongest and most effective” check and ACH fraud protection tools the bank offers its commercial customers is positive pay with payee match, says Sarena Barker, senior vice president and digital banking manager.

Positive pay automates transaction monitoring for possible check and ACH fraud, and payee match double-checks payee names on images and issued check files. “Our clients say it’s a real game-changer and it provides peace of mind,” Barker says. 

Furthermore, Plumas Bank recommends that both its commercial and retail customers use the community bank’s secure online banking and bill pay services instead of writing and mailing checks because there are additional safeguards within those that can help deter fraud. Customers can review their transactions in real time, set up alerts and daily thresholds to easily monitor any unusual activity, and establish multifactor authentication (MFA) for an extra layer of validation.

Combating consumer scams

When it comes to consumer fraud, it’s all about scams: scamming them out of their credentials or one-time tokens, or duping them into sending instant payments, says Rene Perez, national director of financial crimes sales and financial crimes consultant at tech solutions provider Jack Henry in Monett, Mo.

“Banks have really gotten to the point where they have a lot of resources and tools put into place to protect their four walls,” says Perez, “so for fraudsters, the path of least resistance is targeting, more and more, consumers themselves.”

He notes that one scam growing in popularity is when fraudsters place ads on Facebook Marketplace for goods, asking buyers to pay outside of the platform and use Venmo or PayPal instead. The goods don’t exist.

“If a buyer sends money through Facebook, Facebook then holds that money from the person selling the item until that item is confirmed and received. Facebook then releases the money,” Perez says. “Both Venmo or PayPal have opportunities to claw back money as well, but it’s a lot more hoopla. You’ve already lost the money, and you’re now trying to gain the money back.”

Another scam targeting wealthy consumers, Perez says, is “pig butchering,” where fraudsters dupe individuals into investing dollars or cryptocurrencies using fake apps or websites. After sending their money, the fakes are taken down and the victims lose their money.

“A lot of the fraudsters that are committing the pig butchering scams are actually human trafficking victims,” Perez notes, “and they’re trying to buy their freedom from the fraud organization.”

Tools to mitigate fraud

Partnering with fintechs or other companies that offer fraud detection, mitigation and prevention tools can augment banks’ in-house resources, Anchin says. Consortium-based solutions, for instance, use data gathered from a bank’s customers to produce actionable fraud analytics.

Isabella Bank in Mt. Pleasant, Mich., uses multiple systems to mitigate various types of fraud, says Jenn Brick, vice president and director of customer service operations at the $2 billion-asset community bank.

“We have internal monitoring based on different types of alerts of anything that would be considered a high risk,” Brick says. “In addition, we have solutions for our customers.”

Isabella Bank, like Plumas Bank, uses MFA. Brick says it’s required for customers to log into its online banking site and its app, as well as for high-risk Mastercard debit card transactions.

Isabella Bank also uses the REDiVerify system, which messages customers to ask if a certain debit card transaction was legitimate. If not, the system shuts down the card and asks the customer to contact the bank.

“We also have different security features within each tool provided by Jack Henry, such as limitations depending on the type of transaction, like Zelle transactions or B2B transfers,” Brick says, “so at least the potential of fraud is limited.”

Perez notes that Jack Henry also now offers Financial Crimes Defender, where a bank can move all its fraud point solutions to a single platform. This offers a more holistic view to determine whether and where fraud is occurring. 

“For example, if a fraudster does a $500 Zelle payment, then a $2,000 ACH, a $1,500 wire and a $2,000 FedNow payment, each of those smaller transactions look legitimate under siloed fraud detection systems,” he says. “But when a bank can see the combination of all those different transactions, the bank will know that they’re fraudulent.”

Plumas Bank deploys software to manage fraud risks within an acceptable tolerance, and alerts are generated for risks that exceed set tolerances. These are then investigated by fraud experts, says Amber Marshall, senior vice president and risk manager. The community bank also has a strong customer identification program and customer due diligence controls in place, she says, as well as partnerships with local and federal law enforcement agencies “to help protect our clients and the bank from fraud.”

Anchin notes that when working with third parties, “it’s important to perform careful due diligence to make sure that solutions will integrate with existing technology and that vendors are reliable and trustworthy.”

Fraud education is critical

According to Anchin, “Education is the cornerstone of fraud prevention.” He notes that proactively educating both internal staff and customers will go a long way in minimizing the incidence of fraud.

“There are a number of creative mechanisms community banks can use to reach both groups, including alerts, live sessions and simulated fraud exercises,” he adds.

Isabella Bank’s marketing department regularly posts fraud-prevention articles on the bank’s website and social media. It also sends emails and push notifications directly to customers with tips for keeping personal and account information safe, Brick says. There’s external outreach, too: Bank staff give presentations about fraud prevention to local chambers of commerce and other organizations.

“We tell customers all the time that for your debit card number or account number, we will ask you a verification question, but we’re not going to ask for your full number because we should already have that in our system,” Brick says. “So, if someone is asking you for [full account] information, that’s a red flag. If you’re uncomfortable, hang up and call the number of your institution that you know, and verify if we were actually talking to you.”

Plumas Bank offers a “robust” educational program that includes in-branch forums, blogs, newsletters and social media, Marshall says. In addition, the community bank provides materials and handouts from government agencies such as the Federal Deposit Insurance Corporation, the Federal Trade Commission and the National Cybersecurity Alliance.

“Educating our clients on how to protect themselves against fraud and cybercrime is a top priority for Plumas Bank, and we take our role as a trusted financial resource for our clients very seriously,” Marshall says.

When alerting customers about how to avoid the latest fraudulent attempts, Perez recommends that community banks include vivid visual cues, like a big warning message with a skull and crossbones or a cartoonish hacker huddled over a computer.

“Once you get their attention, you got to give them good, concise information,” he says. “Nobody’s going to read a paragraph, but if you give them two or three bullet points, they’re going to look at it.”

---