When Pam Berns mailed a few checks to pay bills, she had no idea such a routine task would throw her small publishing business into chaos.
One of the checks, which she put in a mailbox on a Lincoln Park street in Chicago, was later stolen and rewritten for $7,200 to someone named Mark Pratt. That drained her business bank account, which meant she couldn’t pay the printer, her monthly payroll taxes or her salespeople.
Nearly two months later, Ms. Berns, 76, hasn’t recovered the stolen money from her bank, BMO, which is still investigating the matter.
“A friend told me, ‘Whatever you did to get robbed, just don’t do it again,’” she said. “I just mailed checks. Most of us are vulnerable.”
What was once a routine way to pay your bills — handwriting paper checks at the kitchen table, dropping envelopes into a blue metal box on the street — has become a high-risk endeavor: It provides the raw materials for low-level fraud artists and sophisticated crime rings, costing financial institutions billions. It has put banks on high alert, though their efforts to catch the fraud also routinely entangle innocent customers, causing institutions to suddenly freeze or shut down customer accounts in the process. Many of the bad guys manage to disappear without any consequences.
“Fraudsters go where the money is easiest,” said Chad Hetherington, a vice president at NICE Actimize, a financial crimes company specializing in fraud prevention.
Even as check use has rapidly declined over the past couple of decades, check fraud has risen sharply, particularly since the pandemic. The cons may start with stealing pieces of paper, but they leverage technology and social media to commit fraud on a grander scale, banking insiders and fraud experts said. In the past, criminals needed a special internet browser that would grant entry into the dark web marketplace of stolen checks, maybe even someone to vouch for them. Now all they need is an account from Telegram, a messaging app.
“You can buy checks on the internet for $45, with a perfectly good signature,” said John Ravita, director of business development at SQN Banking Systems, which provides check fraud detection software. “There is one website that offers a money-back guarantee. It’s like Nordstrom.”
A recent surge in mail theft caused the Financial Crimes Enforcement Network — an arm of the Treasury Department known as FinCEN that is charged with safeguarding the financial system — to sound alarm bells this year. Thieves have attacked mail carriers, or stolen and sold carriers’ arrow keys, which unlock mailboxes within a certain area. The checks are stolen from the mail, and then criminals carry out a classic fraud: “washing” the checks using something as basic as nail polish remover, leaving the signature untouched. Others “cook” new checks by scanning and altering the old ones.
Some criminals deposit checks into their own accounts, while others list them for sale. But the schemes have grown sophisticated: Not only can thieves buy stolen checks, they can purchase bank accounts in which to deposit them, along with the mobile phone number and device used to create that account, among other things.
Banks and credit unions are expected to file nearly 540,000 suspicious-activity reports tied to check fraud this year, a record, according to a Thomson Reuters analysis of data from FinCEN. That’s about 7 percent higher than 2022, but more than double the levels in 2021, when fewer than a quarter-million such reports were filed.
Regions Financial in Birmingham, Ala., has filed its fair share: Last month, it admitted to Wall Street analysts that it had become entangled in a check scheme that went undetected for long enough that its fraud costs — $136 million so far in 2023 — would double this year.
“It’s hitting everybody,” David Turner, Regions’s chief financial officer, said at a bank conference in Boston last month. “It’s just not hitting them enough where they need to have the kind of public discourse readout because nobody wants to talk about it.”
Regions was the victim of two schemes this year. In one, criminals heard that the bank was giving its customers quicker access to money deposited from checks. “We opened the door too wide, bad people came rushing in, and we didn’t close the door timely enough,” Mr. Turner said. “What happens is they get on the dark web and they start talking to each other, and they just overwhelm the system.”
David Maimon, a criminal justice professor and director of a cybersecurity research group at Georgia State University, acts like a secret agent, watching the deals that take place on dark corners online, where criminals brazenly advertise their stolen checks using code words. The number of stolen checks circulating escalated during the pandemic, he said, when scam artists figured out how easily they could pull off such crimes.
In September, Professor Maimon’s group found nearly 9,148 stolen checks circulating in 80 select Telegram markets, up from 4,527 in February.
“This is just the beginning in a really long road that we will be experiencing,” Professor Maimon added. “Not enough is being done.”
At the same time, bank anti-fraud measures, however well intentioned, may misfire, turning consumers’ financial lives upside down.
Tyler Keefer’s troubles started when he sold his Kawasaki Ninja motorcycle. Accepting a check from the buyer caused Mr. Keefer’s bank, Ally, to lock him out of his own account, cutting him off from his main source of money just before he had to pay rent. Then it dropped him as a customer altogether.
“Freezing my account the day before rent was due felt diabolical,” said Mr. Keefer, 26, who lives near Lancaster, Pa. “It was all I could think of for the rest of that day at work.”
The buyer had come to see the bike with his father. They left a $500 cash deposit, but Mr. Keefer said he would accept a personal check for the balance under one condition: It needed to clear before he released the bike. They agreed.
Mr. Keefer watched the buyer write a check for $3,000, and the funds appeared in his account a few days later. The day after that, however, the deposit was clawed back, and Mr. Keefer’s account — along with his fiancée’s — was frozen.
The check had been flagged as potentially fraudulent by the check-issuing bank, PNC, because it believed it contained handwriting from two different people, he said. The bike buyer cleared up the matter with his bank, and ultimately paid Mr. Keefer in cash without incident.
Ally, however, wouldn’t budge. “From their perspective, I had cashed a fraudulent check,” he said. “Ally wouldn’t talk to PNC about that. There was no coming back.”
Ally and PNC declined to comment.
“Funny enough, I still have the check,” Mr. Keefer added. “I kept it as proof. I was worried they were going to put some sort of thing on my record and that other banks wouldn’t take me. I kept all of my information.”
Banks need to talk to other banks to get to the bottom of these schemes, and that alone can be a challenge. The American Bankers Association created an industry directory recently so that bank employees working in their fraud departments could more easily find their counterparts at other institutions who may be on the other side of a fraudulent transaction.
After they do connect, the most difficult task may be figuring out which bank is on the hook — an investigation that can take months. Fraud analysts examine the check’s electronic image, not a physical piece of paper, which may hold more easily discoverable clues about the way the check was altered.
“The liability rests on which bank is most able to determine whether the check was real,” said Paul Benda, executive vice president of risk, fraud and cybersecurity at the bank association.
Was it stolen from a mailbox and then altered? In that case, the bank that deposited the check is usually responsible. What if a thief stole a checkbook and then forged the account holder’s signature? In that case, the paying bank — from which the money is drawn — would be liable, since it should know what its customers’ signatures look like. What if the checks match exactly? How can a bank detect anything at all? Therein lies an increasingly complex problem.
Ms. Berns, the magazine publisher in Chicago, has experienced being caught in that waiting game. “I do appreciate that you are without the funds that were stolen,” her branch banker at BMO told her in an email last month, “but as discussed BMO are not able to refund these funds to you while we are awaiting the cooperation from the financial institution where the fraudulent check was deposited.”
A spokesman from BMO echoed that statement.
Banks will eventually return stolen funds to the vast majority of consumers, who have 30 to 60 days from the date of their last statement to report check fraud. But the wait can be frustrating. It varies by institution, but some banks won’t credit customers until after the claim is adjudicated, and some wait 30 days after that. Banks aren’t required to complete their analysis within any set time.
Despite the risks, people can’t seem to quit writing checks. In 2022, the typical American consumer wrote about 1.5 checks per month, accounting for about 3.8 percent of the total number of payments made in a month, according to a 2022 survey by the Federal Reserve Bank of Atlanta. In 2015, the typical consumer wrote 3.1 checks per month, accounting for about 6 percent of the total number of payments made.
“There is still strong demand by consumers to use checks under some pretty common conditions,” said Kevin Foster, survey director at the Atlanta Fed, adding that people also tend to use them for transactions involving higher dollar amounts. Some typical reasons: paying rent, the contractor, the government or charities. “I just don’t see them going away.”
Sheila McAllister found herself in a check-related predicament at the end of the summer. She had recently recovered from a life-threatening reaction to a medication, and finally felt strong enough to get on with the mundane aspects of life — like changing banks.
Her small community bank in New Jersey had limited online services, so she redirected all of her direct deposits — a couple of disability checks and a small pension — to an account she opened at Chase, where she also set up her automatic bill pay. The direct deposits took time to process, so she wrote a few checks from her old bank account to her new one, to avoid neglecting big bills like her rent and health insurance.
Two days after making a remote deposit, she said, the money still hadn’t cleared into her account — deposits are often “held” for a certain period, particularly on new accounts. So she walked to the nearby branch, in Westwood, N.J., using a walker and her two service dogs, to ask for the hold on her one of her checks to be lifted. The branch agreed — but Ms. McAllister said that rather than lifting the hold, the employee mistakenly deposited the same check again.
“I thought that because the error was made by a Chase employee that this problem will be resolved quickly,” said Ms. McAllister, 59, who lives with a chronic brain disease.
Shortly after, Ms. McAllister noticed that her Chase account had been restricted — so she got in touch with the bank’s escalation team, which told her that she was being investigated for fraud. She was incredulous.
But the bank’s team seemed to have left out a crucial detail: It wasn’t accusing her of depositing the check twice; that issue had been resolved. It was the next check that Ms. McAllister had written to herself — from her old bank, to the new one — that had been flagged because the handwriting looked suspicious.
But Ms. McAllister was left in the dark, she said, and her Chase account would soon be shut down.
Ms. McAllister pushed forward, trying to prove that the two deposits were an employee’s error, making it her full-time job. She said she had made roughly 40 phone calls to Chase, including one that involved a three-way discussion with her former community bank.
“They should really listen to their recorded messages,” she said, after learning about what Chase said it had found.
Chase said the account had been closed to avoid potential losses to the bank. “When we have concerns about a client’s transactions, we act in accordance with our compliance program,” a spokesman said, “consistent with our regulatory obligations.”
Getting her account balance also became an ordeal, all while Ms. McAllister’s Oct. 1 rent payment deadline was looming. The money arrived four days before her rent was due.
“I felt like a mouse in the maze,” she said.
Ron Lieber contributed reporting.