- FrankonFraud
- Posts
- HSBC Ignored Fraud Teams' Warning, Scams Exploded đź’°
HSBC Ignored Fraud Teams' Warning, Scams Exploded đź’°
Frank McKenna
June 10, 2025
Hi Fraud Fighting Friends đź‘‹
It’s a great day to fight fraud and scams! Let’s start it off by reviewing all the interesting things that happened last week.
Fraud News Roundup 🗞️
AI Ghost Student Chatbots - Financial Aid fraud is so bad that criminals are using AI to enroll in college courses, and then attend those courses as Chatbots. They even submit homework to fool the teachers. Read More
ChatGPT Creates Amazing Fake Passports - A Polish security researcher used ChatGPT to create a passport that was so realistic that it bypassed KYC Checks on both Revolut and Binance. Read More
DMV Text Scams Are Exploding - Last month, there were toll scams, but this month, they have switched to DMV Scams and have spread to almost every state. I believe these are the same scammers who have just switched the pretext. Read More
Dead People Financial Aid - Over $30 million in financial aid was paid to thousands of fraudsters using dead people’s social security numbers in the last 3 years. This prompted the US to implement in-person or live video call identification checks last week. Read More
They’re Using Drones - Prisoners in Florida are using drones to fly in cell phones that they use to perpetrate romance and crypto scams against old people. Officials confiscated 400 cell phones and other contraband used in the massive scam operation. Read More
Bad Odds - A new study reveals that 25% of companies that pay hackers their ransom demands don’t actually end up getting their data back. Read More
Almost Non-Existent Fraud Levels - A former DOGE employee says they found a ton of waste in the government agencies, but very minimal evidence of fraud. Read More
TikTok Addiction Fraud - A woman stole half a million pounds from her employer and used it to gift TikTok influencers she followed. What a waste! Read More
Bain Capital Backed Scam - A wannabe hip hop mogul turned Obamacare into a $75 million scam using deepfake celebrity ads - all financed by Bain Capital. Read More
Meta Making Big Money On Nudify Apps - An exposé reveals that Meta is advertising hundreds of illicit “Nudify” apps with banners like “See anyone naked!” that can be used in sextortion scams. Read More
HSBC Fraud Managers Wanted To Use BioCatch, But No One Listened. Now They’re Getting Sued
Starting in January 2022, HSBC Australia saw impersonation scams run wild. The fraud manager proposed using BioCatch and ThreatMetrix to help stop them. It would cost $380,000, but no one listened to him.
Fraud experts there repeatedly warned the bank that there was no “real-time intervention” to stop suspicious payments and pitched using the products in steering committees.
Newly released court documents in Australia show how regulators are now using the fraud department's warnings to try to prove that HSBC was negligent in stopping scams.
How Scammers Use ChatGPT To Execute An Endless Array Of Killer Fraud Schemes
I knew scammers used AI, but I didn’t realize it was this bad. It’s all over Telegram and is used in just about every text message you receive from scammers in Southeast Asia.
In one week, ChatGPT detailed how Pig Butcherers in Cambodia were using their AI, Gary Warner with Dark Tower exposed how criminal syndicates were using “Hello GPT, and I located a very strange AI called "Super-AI”.
This is some wild stuff.
This Company Eliminated Synthetic Identity With Name Checks - See Their Stats
“No Synthetic Identity Fraud application can get past the Numindent”, writes Joe Cary, the CFO and Head of Risk and Compliance at Cred.AI. He’s referring to the eCBSV program from the SSA.
He analyzed 50,000 eCBSV checks and found that not only did it stop all his synthetic fraud, but it also identified that between 1.4% and 4.1% of SSNs verified through third-party vendors were synthetics. So, where traditional vendors fail, going right to the SSA seems to work better for synthetic identity detection.
Perhaps even better news for Cred.ai - they had virtually no drop-off in conversion rates when they implemented the consent forms applicants had to fill out
Poor Hilda’s Been Victimized By Identity Fraud Close To 50,000 Times And It Ain’t Over Yet
This is wild. Have you heard about Hilda Witcher's social security number? It's a pretty well-known story about how her boss put her Social Security number in thousands of wallets about 90 years ago.
But it ain’t over for Hilda, and it might never be. The government issued her a new SSN back in the 1950’s and as a result, the SSN is not listed on the Death Master File meaning that synthetic fraudsters keep using it for CPN’s
I did recent research on her SSN and as it turns out hundreds of people are still using it for synthetic identities. I found 75 recent auto applications for over 1 million dollars, in fact.
The MasterMind Orchestrated A Four-Pronged Check Washing Attack Against 37 Banks
His nickname is Roscoe Hill and he carried out a check washing scam out of his home in Georgia that was so good he wanted to expand his operations into Florida.
His 4-part scheme involved setting up a fake job website to steal identities by having applicants reveal all their personal details and identity documentation, opening fraudulent bank accounts, stealing mail, washing checks, recruiting mules on Facebook.
Brute Force Exploit Was Goldmine for SIM Swap Fraudsters
A security researcher uncovered a potentially fatal vulnerability allowing attackers to uncover phone numbers linked to any Google account.
Using a brute force method that is outlined right here 👉️ Brute Force Method, the researcher called Brutecat, could uncover US phone numbers in about 1 hour, UK phone numbers in 8 minutes less than a minute in other countries.
"This exploit is pretty bad since it's basically a gold mine for SIM swappers," said the researcher.
Google fixed the vulnerability and paid the researcher $5,000.
Digital SSN Cards Are Going To Be So Easy For Fraudsters To Get Their Hands On
This SSA announced that starting this summer, you can get your digital social security card online by logging into My Social Security Number and then completing one of those notoriously ineffective credit bureau surveys. You know the ones where they ask who you had your mortgage with in 1978?
Those KBA surveys have fail rates of 50%, but also fraudsters are very good at them because they pull your Credit Karma before committing identity theft.
If you’re a bank or lender, I am not sure I would trust these very much..
Inside The Shady “Craigslist For Scammers” Marketplace
Have you gotten one of those wrong number text recently? Chances are scam bosses got your name, phone number and other information about you from Huione Guarantee Marketplace on Telegram.
The Wall Street Journal went deep into this “Craigslist for Scammers”, revealing what they sell, how they operate and help recruit people into scam compounds and then provide an array of services to make the scam bosses lives easier.
“Wild Bill” Charged In Wild Ferrari Theft - He Hired A Tow Truck
Trevian Harmon, also known by his friends as “Wild Bill”, got nabbed by police after they noticed his car following a Tow Truck carrying a Ferrari. He called the Tow Truck to pick the car up from a Trailer Park!
When they pulled him and the Tow Truck over they discovered the Ferrari had been “VIN Washed” and suspected him of being involved in a fraud ring when they looked at his phone messages.
That’s all for this week folks. I hope this newsletter is helpful to you in staying on top of new frauds and scams.