Suncoast Credit Union Thwarts Post-Hurricane Fraud Attempts
Suncoast Credit Union, an established financial institution, reported a spike in account-takeover attempts following Hurricane Milton’s devastating landfall in Florida in October 2024. The credit union’s robust fraud-detection system, however, identified this unusual pattern before its members did, indicating a significant leap toward continuous, rather than periodic, fraud monitoring.
Continuous Monitoring: A Shift in Fraud Management
Over the past three years, Suncoast Credit Union has transitioned from one-time identity verification at account opening to continuous checks throughout the account’s lifespan. In doing so, it leveraged the platform developed by Alloy, an identity and fraud decision-making company founded in 2024. This shift led to a remarkable 35% decrease in net fraud losses from 2023 to 2024.
According to Jim Mortensen, a strategic advisor at research firm Datos Insights, financial institutions are increasingly adopting continuous monitoring due to the rise in fraud and the advent of instant payments. This “genuine directional shift” is, however, uneven, with many institutions still in the planning stages and 73% reporting resistance from business teams worried about additional friction for customers.
From Onboarding Checks to Constant Vigilance
Suncoast Credit Union began its fraud prevention shift three years ago, starting with onboarding. Prior to this change, digital applicants had to visit branches to complete account openings due to remote identity verification challenges.
After successfully implementing the new system, the credit union expanded its scope to include digital logins and later, mobile and in-branch channels. As a result, Suncoast monitored 269 million digital logins in 2024, with only 11,990 escalating to fraud investigations, and 98% of logins automatically approved, demonstrating the efficacy of the system.
However, aggressive growth can pose its own risks. As Suzanne Sando, lead analyst for fraud management at Javelin Strategy & Research, points out in Javelin’s 2026 Identity Fraud Study, a “growth at all costs” mindset can inadvertently aid fraudsters who exploit reduced friction in account openings to launch large-scale bot attacks.
The Hurricane Test: A Real-World Fraud Scenario
During Hurricane Milton, fraudsters banked on the chaos and disruption to launch account-takeover attempts, believing that members would be too distracted to notice. This behavior is characteristic of disaster fraud, which often intensifies during crises such as wildfires and hurricanes.
Parilee Wang, Alloy’s chief product and operating officer, describes disaster fraud as an amplified version of the standard account-takeover playbook. Fraudsters exploit the turmoil, focusing their efforts on the affected region, impersonating disaster victims, and pressuring credit union employees.
It’s important to note that post-disaster environments are associated with elevated fraud activity, including account-takeover attempts. Federal agencies and relief organizations routinely issue warnings after disasters, and institutions like Suncoast must stay vigilant.
Looking Forward: More Developments in Payment Use Cases
Suncoast Credit Union plans to introduce more payment use cases and launch a new mobile app, although details remain under wraps. As financial institutions adjust to the realities of real-time payments and increasing fraud risks, continuous monitoring and robust fraud prevention measures will play a crucial role in maintaining trust and security.
While Suncoast’s successes demonstrate the genuine appeal of real-time decisioning platforms like Alloy’s, integrating such a platform into a credit union’s core banking infrastructure can pose its own challenges, as Mortensen notes. Yet, such advancements are essential in an era of instant payments and sophisticated fraud attempts.
Source: American Banker