Traditional Check Fraud Gets a Digital Makeover

Glenn Fratangelo, Head of Strategy and Marketing, Enterprise Risk Case Management
Traditional Check Fraud Gets a Digital Makeover

What happens when trust is shaken in a fundamental societal institution, like the postal service system?

An emerging method of committing financial fraud is stealing checks, and the circumstances surrounding these scams are often bizarre and highly public. Checks are appropriated from the familiar blue United States Postal Service (USPS) collection boxes and rewritten, repurposed, and cashed by thieves. One victim had their check stolen twice from the same collection box, even after taking measures to get a new bank account and checks.[1]

With so much attention given to the constant uptick in digital scams, it’s easy to push concerns over physical financial assets, like checks, to the side. But criminals exploit any avenue to commit fraud—even vandalizing protected federal government property to get a payout.

Check fraud is a conduit to numerous other crimes, such as wire fraud, identity theft, synthetic identity fraud (SIF), peer-to-peer payments (P2P) fraud, account takeover (ATO), and mail fraud. As the risk of check fraud rises, so should the precautions and measures to prevent this trending crime.

Check Fraud Scams Go Digital 

By now, I should be desensitized to the machinations of these criminals thanks to constant exposure to this industry. But their confidence and audacity still surprise me. 

Take the infamous Telegram user, “Liam Neeson” who brazenly posted numerous stolen items for sale on social media.[2] Under the handle of this A-list actor, this criminal advertised stolen checks for sale to 1,200 subscribers. Charitable donations, DMV fees, uncashed checks, and utility payments pilfered from mailboxes in North Carolina were all presented as photos with the intent of selling to a criminal community. 

The digital era introduced some unsavory variants to traditional check fraud scams. Social media platforms provide criminals with the public portal and visibility to boast about their crimes and incentivize their peers, as they occasionally seek validation or hope to inspire their teammates. These criminals also rely on the dark web to sell stolen checks and related paraphernalia, like stolen mailbox keys, to other criminals within their vast networks. 

Gain access to personal mail 

Stolen mailbox keys, or arrow keys, are commonly featured for sale on the dark web or platforms like Telegram (where they’ve been known to sell for upwards of $7,000) because they’re one of the main methods available to illegally access personal mail. A report from USPS revealed that complaints of mail theft rose 161% between March 2020 and February 2021.[3]

Mail theft and subsequent check fraud via this technique has captured attention at the highest level; Congresswoman Eleanor Holmes Norton has made inquiries of the United States Postal Service (USPS) regarding this issue.[4] The USPS responded that it is aware and taking action to prevent this crime but they’re under-resourced, which makes it far more challenging to fully investigate these attacks. Ultimately, it falls on everyone to do what they can to prevent check fraud, as postal workers are being attacked.

Leverage Peer-2-Peer Platforms

Yet another example of the digital twist on this crime is the use of P2P platforms, like Cash App, to augment check fraud.[5] Criminals are targeting people through tactics like fake job offers. Victims are instructed to deposit substantial checks into their bank account as an advance for job-related items, like computers or supplies, and then told to send the deposited funds to a different person through a P2P app. Ultimately, the victim realizes the check was fake, leaving them responsible for the losses. In this scenario, criminals capitalize on Regulation CC, which enables customers to immediately use at least a portion of deposited funds prior to the check clearing. With knowledge of regulatory requirements along with a bank’s corresponding funds availability policies, they use this information to obtain a portion of deposited funds prior to the check bouncing.[6]

Types of Check Fraud and the Real-Time Response

Check fraud techniques are more creative now and closely linked to a broad range of digital payment fraud. But there are many staples that bad actors rely on. 

Check Kiting

A bad check is intentionally written by an account holder from one account and deposited into another, creating a fabricated appearance of balance in the second account. 

Identity Check Theft

An account is opened in another person’s name using a stolen identity or credentials, and checks are written with it. 

Check Forgery

An account holder’s signature is forged on a check. 

Chemical Modification or Check Washing

A criminal changes the original inked content on a check using various chemicals, such as nail polish, with the purpose of rewriting the amount and name of the recipient. 

Paper Hanging

An account holder intentionally writes bad checks from their account. 

Money Order Fraud

An account holder is scammed into providing a check to a criminal in exchange for a money order, only to realize it’s fake once the money order is deposited.

Check Theft

A criminal steals a physical check to deposit into their account, cash it, or use it to purchase services or products. 

Counterfeit Checks

A criminal steals a checking account holder’s information to print checks that can be cashed using funds from the victim’s account.

Increase Customer Trust

Check fraud undermines trust in an institution that society has depended on since the USPS’s inception in 1775, in part because criminals are exploiting risk controls on checks. Investments and efforts toward fighting digital payment fraud is currently a top priority for most financial institutions (FIs). But as criminals continue to rekindle and perfect this type of fraud, FIs must make every effort to shore up their defenses and protect their customers. 

Advanced technologies and tools capable of identifying and monitoring suspicious check deposits and associated payment risks in real time can help FIs proactively respond to innovative forms of check fraud. Machine learning (ML) and artificial intelligence (AI) can analyze massive amounts of relevant data—including payment, transaction, channel events, and customer risk events—to efficiently predict and respond to risk and common check fraud scenarios, as well as adapt to new fraud patterns. 

An advanced analytics-driven check fraud prevention solution can leverage ML and AI for: 

  • Batch or real-time monitoring and risk scoring of check deposits
  • Detecting and preventing suspicious deposit amounts, kiting, duplication, and counterfeits
  • Gaining a holistic, cross-channel view of customers by monitoring risk events, access risk, and non-monetary risks, as well as identifying anomalies
  • Facilitating real-time decisioning and faster, safer customer access to funds to improve the overall banking experience 

Criminals are constantly iterating on their techniques and innovations, and even embracing old classics and standbys like check fraud. FIs must focus on smart check fraud prevention to protect their organization and customers against every creative version of this crime. 


[1] Tang, A. and Nakhlawi R. (2022, April 30). The stolen-mail scheme now targeting a wealthy DC suburb.

[2] Gillum, J. (2022, March 28). Signed, sealed, snatched.

[3] United States Postal Service. Office of Inspector General. (2021, May 20). U.S. Postal Inspection Service pandemic response to mail fraud and mail theft.

[4] Postal Times. (2022, June 6). Postal services respond to Norton letter on increase in mail theft.

[5] Finney, M. and Koury, R. (2022, June 15). Woman loses everything to fake check scam – here’s how con artists use law to steal your money.

[6] Federal Reserve: Compliance with Regulation CC (2013)

Speak to an Expert