#4: MoneyGram attack, AI Face Cloning Crisis, and Citi vs NY

This week, we’re diving into some serious shifts in the world of digital fraud—where the old boundaries keep blurring, and new threats emerge faster than ever. From classic cyberattacks to AI-enabled schemes, here’s my take on the latest developments.

‍NATE'S TAKE: Top Three This Week

1. What MoneyGram’s cyberattack means for consumer trust
2. AI face cloning creates a new challenge for fintech
3. Citi’s battle over fraud accountability escalates in New York

1. MoneyGram's Cyberattack: What It Means for Consumer Trust

MoneyGram recently faced a cyberattack that compromised customer data, causing a five-day service outage. Hackers used social engineering tactics to infiltrate the company’s systems, taking advantage of the human element—a vulnerability many organizations overlook. What stands out here is that even as companies invest heavily in tech defenses, attackers often find ways in through the simplest means: manipulating people.

It’s a stark reminder that our defenses need to go beyond the digital. We need to equip our teams with the instincts to recognize when something feels off—whether it’s a suspicious email or an unexpected request for access. Think of it as building a human firewall alongside your technical ones. If MoneyGram’s experience teaches us anything, it’s that a well-trained team is your first line of defense.

2. The AI Face Cloning Crisis: A New Challenge for Fintech

The rise of AI-generated deepfakes is turning the world of identity verification upside down. What used to be cutting-edge liveness checks and KYC processes are now vulnerable to AI-powered face swaps. The reality is that fraudsters are getting access to tools that can make a fake look real—convincingly enough to fool systems designed to catch them. It’s no longer a question of if they can get through, but when.

This should push all of us to rethink our approach. Sure, we need to keep updating our verification tech, but the bigger question is: How do we create layers of defense that adapt as quickly as the threats do? It’s a wake-up call for fintech, banks, and anyone dealing with sensitive customer data—because staying static means falling behind.

3. Citi vs. NY Attorney General: A Battle Over Fraud Accountability

Citi is pushing back against New York’s claim that it hasn’t done enough to protect customers from online scams, arguing that more regulation could disrupt the way banks handle electronic payments. This case gets to the heart of a big issue: As the tactics of scammers get more sophisticated, who’s responsible when a consumer gets duped?

Banks like Citi argue that their systems are strong, but they can’t prevent every scam—especially when people unknowingly hand over their own information. It’s a tough balance. On the one hand, we expect financial institutions to protect us, but on the other, there’s a role for consumer education. It’s not enough to build stronger defenses; we need to make sure people understand how to protect themselves, too.

If this case teaches us anything, it’s that the fight against fraud is a shared responsibility.

===

That’s all for this week! For more insights, subscribe to my Fraud in Focus newsletter and get weekly updates in your inbox.

And be sure to follow us on LinkedIn or X, and if you want to learn more about what we do, request a demo here.