Fraud Based on Trusted Data

The profession of a fraudster is highly competitive: to stay afloat and be economically efficient, poor fellows must keep up with trends and respond quickly to changes. If tomorrow they start issuing loans for the development of agriculture – quickly gather cattle from neighbors and get a loan for the suddenly increased livestock. The day after tomorrow, fraudsters will urgently start learning foreign languages and taking loans from gullible banks for this purpose. And as you know, only cowards repay loans.

The profession of a scammer is highly competitive: to stay afloat and be economically efficient, the poor fellows must keep up with trends and quickly respond to changes. If tomorrow they start issuing loans for the development of agriculture somewhere, quickly gather cattle from neighbors and get a loan for the suddenly increased livestock. The day after tomorrow, scammers will urgently start learning foreign languages and taking loans from gullible banks for this purpose. As you know, only cowards repay loans.

You can fight credit fraudsters through careful analysis and rechecking of user information. But sometimes fraud is carried out using specially generated "valid data". Today I will tell you about interesting cases that we caught in Uzbekistan.

A brief historical background.

The electronic government of the Republic of Uzbekistan is based on three pillars: the portal of interactive public services, the unified identification system, and the interdepartmental integration platform (IIP). Simply put, the IIP is an Enterprise Service Bus on a national scale, to which dozens of databases and hundreds of government services are connected. Through the IIP, government recipient systems request the required information online using standard protocols. End users are relieved of the need to run around for certificates, all necessary information can be obtained automatically. The IIP processes millions of requests daily.

A well-functioning tool becomes interesting to business – business wants to receive up-to-date data and is sometimes ready to pay for it. In September 2022, a resolution of the Cabinet of Ministers was adopted, which allowed commercial organizations to receive information from central databases. Naturally, taking into account the requirements of personal data legislation, information security requirements, and several other by-laws. The main consumers of services were banks and commercial organizations, which for the first time had the opportunity to create scoring based on online data. In the competitive struggle, banks prepared more and more attractive offers, and now in Uzbekistan, there is an explosive growth in the issuance of online loans and microloans through mobile applications (for example, a website with comparative tables of loans from different banks).

Scheme 1: Are you working?

The first scoring models were simple. A significant score could only be obtained because the user was employed. If the applicant is working, then he is a priori an honest person and can be blessed with a microloan.

Fraudsters quickly understood the logic of scoring and launched the service "Microloan as a service". The future victim goes about their sacrificial business, meets a suspicious person in the passage, who conspiratorially whispers "psst, kid, want to make some money?". After a short persuasion, they go to an inconspicuous room, the person is quickly registered to work in a dummy company, all necessary identifications and checks are quickly passed, and profit: the happy owner receives a microloan. 50% of the microloan is immediately transferred to the suspicious person for services, and the rest of the money is spent by the involuntary accomplice on their own needs. And they enjoy life until it turns out that microloans need to be repaid, and the dummy company has already closed.

The maximum amount of an online microloan is limited to 50 million sums (just under 4,000 dollars). As a rule, with the first microloan, significantly smaller amounts are approved, but this is enough for a comfortable life for fraudsters.

Scheme 2: Paying into a pension?

When banks faced obvious challenges, analysts started to frantically consider new ways to assess a potential borrower's creditworthiness.

One indirect method to evaluate an applicant's financial standing is through their pension contributions. According to local legislation, mandatory pension contributions account for 0.1% of total income. By the same law, the maximum amount of voluntary pension contributions is unlimited. A future fraudster takes a job (either legitimate or semi-legitimate) with a nominal salary of $50. Simultaneously, the fraudster voluntarily contributes their entire "salary" to the pension fund. After 3-4 months, the fraudster goes to their favorite bank and, pulling out all the stops with acting skills, tells the employee, "Look closely, my friend! See how high my pension contributions are? Imagine what my salary must be!" The bank employee pulls out a calculator and, based on their understanding of the legislation, calculates the applicant's salary. With confidence, they then grant a loan or microloan to this “respected” individual with a supposed monthly income of $50,000. Somehow, the loan then goes unpaid.

This scheme can be extended by offering a "microloan as a service" for an external victim, or by involving a familiar bank employee in the operation.

Scheme 3: Receiving a salary?

After the “pension loophole” was closed, fraudsters didn’t mourn for long; new schemes quickly appeared. One of these stands out for using completely legal methods:

  1. the user gets a "left" position in a no less "left" company.

  2. the company submits a payroll to the tax committee, in the statement the fraudster is indicated with a huge salary.

  3. with these figures, which are confirmed by a request to the central database, the fraudster goes to his favorite bank again and takes a loan "under a high salary".

  4. a few days later, the company, with the words "sorry, we made a little mistake", withdraws the previous one and submits an updated payroll, in which the fraudster's salary is much closer to reality. But the loan has already been issued.

The described cases largely no longer work, banks include additional checks and rechecks in scoring. The Central Bank is fighting fraud, tightening requirements for issuing loans, identifying users. But we look forward to what the fraudsters will come up with this time.

PS. The article deliberately did not consider typical schemes such as "the security service calls you, name the code" or "we wash the bum, give a bottle of vodka so that he provides his passport data and gets a loan." The described schemes are based on data that the bank trusts and must trust.

PPS. All written amounts are given in dollar equivalent, solely for understanding the scale.

Comments