Cybercrime is a lender headache

Americans filed about 860,000 complaints with the Federal Bureau of Investigation’s Internet Crime Complaint Center in 2025, and the reported losses topped $20 billion for the first time. Investment fraud led the list, with business email compromise close behind. (ic3.gov) That sounds like a consumer scam story until you look at how equipment lending actually works. One machine sale can involve a borrower, a dealer, a vendor, a lender, insurance paperwork, title or serial-number records, and at least one payment instruction moving between inboxes. (ic3.gov) Business email compromise is the scam built for that kind of chain. The Federal Bureau of Investigation says it starts when criminals break into or convincingly imitate a real business email account and then push an “updated” wiring instruction or a fake approval into a legitimate transfer. (ic3.gov) The Federal Bureau of Investigation’s 2024 warning put the cumulative exposed loss from business email compromise at more than $55.4 billion worldwide from October 2013 through December 2023. In 2023 alone, the bureau said more victims were sending funds to third-party payment processors and cryptocurrency exchanges, which made recovery harder. (ic3.gov) For a lender, that can look ordinary right up to the moment the money leaves. A spoofed message can swap a vendor bank account, a fake employee can request customer tax forms, or a rushed closing can push staff to accept a PDF invoice without calling the known number on file. (ic3.gov) Identity theft sits in the same workflow. Criminals who steal a borrower’s personal details can open accounts, alter payment destinations, or support a false application with real-looking data pulled from earlier breaches and phishing attacks. (ftc.gov) Phishing is still the front door for a lot of this. The Cybersecurity and Infrastructure Security Agency says attackers now use urgent language, fake links, and polished messages generated with artificial intelligence, which means “bad grammar” is no longer a reliable warning sign. (cisa.gov) That is why fragmented workflows are expensive even before a fraud loss is booked. When documents live in one portal, payoff instructions arrive by email, identity checks happen in another tool, and exception approvals sit in a shared mailbox, each handoff creates one more place for a criminal to impersonate someone real. (aba.com) Federal rules already assume finance companies and dealers need tighter controls than that. The Federal Trade Commission says financial institutions covered by the Safeguards Rule must maintain a written information security program, and that includes most automobile dealers that finance or lease vehicles. (ftc.gov) The practical fix is less glamorous than the scam numbers. Verify any change in payment instructions through a second channel, lock down who can edit bank details, require multi-factor authentication, and keep the borrower, dealer, vendor, and funding records inside one controlled workflow instead of five separate inboxes. (ic3.gov) (cisa.gov)