Sardine

AI scams are getting out of control. And most companies are completely unprepared for what’s coming. We recently walked a group of merchants through a live phishing simulation.
In under 20 minutes, we cloned a major brand’s website, set up branded emails that would pass most spam filters, and completely automated the attack. This is what fraud in the age of AI looks like now: - Extremely fast and scalable - Hyper realistic, nearly indistinguishable from legit behavior
- Brand protection is virtually zero - they can spoof your website, emails, and apps using only screenshots. And the worst part - it often happens outside of your platform, where your detection tools can’t see it. So how do you fight back? Here are 3 key shifts to make: ✅ Detect social engineering with behavior and device signals
Look for signs of coaching, remote access tools, or stressed interaction patterns that indicate a user is being guided through your flow in real time. ✅ Spot bots that act like real users
Modern automation tools simulate scrolls, clicks, and timing to avoid detection. But under the hood, they behave differently. ✅ Connect activity across sessions and channels
AI scams play out over time. A phishing email might lead to a login, then a support request, then a transaction. Detecting these attacks means connecting behavior across the full customer journey. If this is the kind of fraud hitting your platform, you’re not alone. 👇 Read our Breakdown

Excited to join The Payments Association and get our team involved in their 
TPA community 🙌 We’re looking forward to attending their Financial Crime 360 event later this year with our partners at FIS. If you’re going to be there, send us a DM. #PaymentsAssociation #FinancialCrime360

🚨 Starting next year, Nacha will hold FIs accountable for detecting 𝒑𝒂𝒚𝒎𝒆𝒏𝒕𝒔 𝒎𝒂𝒅𝒆 𝒖𝒏𝒅𝒆𝒓 “𝒇𝒂𝒍𝒔𝒆 𝒑𝒓𝒆𝒕𝒆𝒏𝒔𝒆𝒔” In other words, your systems need to catch things like: - Account takeovers - Social engineering scams - Payroll impersonation The good news is: Every fraudster has a tell With the right data, you can spot these attacks well before the money moves So what’s the playbook for staying ahead? 💡 𝐌𝐨𝐧𝐢𝐭𝐨𝐫 𝐚𝐜𝐫𝐨𝐬𝐬 𝐭𝐡𝐞 𝐞𝐧𝐭𝐢𝐫𝐞 𝐣𝐨𝐮𝐫𝐧𝐞𝐲 
Is the account info provided at onboarding different than what’s happening at the time of payment? Too many banks only check one point in time. Fraudsters exploit that gap. 💡 𝐒𝐩𝐨𝐭 𝐬𝐞𝐬𝐬𝐢𝐨𝐧-𝐥𝐞𝐯𝐞𝐥 𝐫𝐢𝐬𝐤 𝐢𝐧 𝐫𝐞𝐚𝐥 𝐭𝐢𝐦𝐞
Even if profile data looks clean, fraudsters often leave traces in the moment: remote desktop software, signs of scripted behavior, or device sharing across multiple accounts. 💡 𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐫𝐨𝐥𝐞-𝐬𝐩𝐞𝐜𝐢𝐟𝐢𝐜 𝐀𝐂𝐇 𝐫𝐮𝐥𝐞𝐬
Generic ACH rules aren’t enough. Originators and receivers face different risks, so your controls, signals, and escalation paths should reflect those unique exposures. We’ve been working with organizations to implement advanced techniques that drive real results. One fintech cut ACH fraud by 60% by triangulating signals from account opening with device and behavioral data at the time of transaction. If you need help tackling ACH fraud scams - Sardine is only a call way 🐟 To learn more about the upcoming Nacha rule changes, link to our full breakdown in the comments👇🏼

Fraud attacks & scams are growing faster than risk teams can keep up. What can we do about it? Join us for SardineCon in San Francisco on August 20th. One day event, zero fluff. Just a room full of fraud operators sharing notes on what’s working, what’s failing, and how to get ahead of the next wave of attacks. Sneak peek of some of the sessions: 🐟 How scammers are exploiting your apps 🐟 Live demo building an AI‑built fraud attack in under 15 mins 🐟 What happens when AI drives all of our payments? Seats are limited, and the agenda’s built for operators who want tactics they can use Monday morning. If that’s you, apply to attend: https://lnkd.in/egaEczR6

Traditional KYC causes up to 30% sign-up abandonment Why? Friction. It starts off easy — name, DOB, tax ID… But then: - "Please upload a photo of your passport or driver’s license." - The user fumbles around to find it.
 - Image not captured. Please re-upload.
 - Crooked? Blurry? Wrong file type? Try again. And if the customer happens to be named John Smith, good luck. Too many hits. Straight to the manual review pile. Now an analyst has to dig through DOBs, middle initials, address history, trying to guess which out of the 150 John Smiths this is. In the meantime, the customer’s been waiting for hours. Maybe days. If they were signing up for a time-sensitive promo or a quick stock trade, that window has long gone and they might never come back. So what’s the fix? ✅ eKYC that verifies identities in seconds
 ✅ Enriching identity with consortium data
 ✅ Using AI to resolves false positives instantly
 ✅ Passive risk scoring in the background with device & behavior Not only does this reduce friction, it also opens the door for interesting optimizations. Say if a user is low-risk, you can give them limited access to start transacting while your team reviews. That could mean:
 - Letting them buy up to $50 of stock
 - Offering them a product walkthrough
 - Showing app features without full activation Better data = Faster UX, less friction, fewer drop offs, and shorter time to value
 If you’re looking for a better way to manage global KYC, Sardine can help 👋🏼 👇 Link to breakdown in the comments

The people who've stopped $100M+ in scams are gathering in one room. And they're sharing their playbooks. SardineCon brings together the best: - Erin West (Operation Shamrock) - has THE blueprint to end the Scamdemic - Dr. Nicola Harding - UK banks use her fraud prevention methods in production RIGHT NOW - Samant Nagpal (ex-CRO Square, now Gusto) - sees how AI is making scams invisible - Robert Kiel - the bank/fintech partnership expert every founder calls This isn't another conference of talking heads. It's a working session where we build the industry response to exponentially growing scams. Join us → https://lnkd.in/egaEczR6

AI agents are about to start spending your customer's money. Are your fraud systems ready? Agentic commerce is coming fast: AI agents managing bill pay, shopping, and financial decisions. Amazon’s working on it. So is Google. Startups are raising millions. But most risk teams haven’t updated their playbooks. In Simon Taylor's latest Brainfood, he outlines 3 emerging threats powered by AI agents: 1. ATO - Fraudster hijacks a customer's agent and transacts like a trusted user. 2. Trojan Agents – Your customer downloads a shopping AI app, but it's actually a phishing agent that logs your payment data & makes unauthorized purchases 3. Trojan Agent as a Service – Fraudster creates an army of Trojan agents, sells them on the dark web, and floods the market with agents that look legit to merchants. Underscoring all of these is with Simon calls "The Identity Gap" -- even with a good user and a clean agent, there's just no reliable way to authenticate the agent & link their relationship together. Fraud detection was built for humans spending time at checkout. But these systems won’t scale to agents making thousands of decisions per second. Through our R&D, we can now identify different AI Agents acting on a user's behalf. And we've partnered with firms like PayOS and Payman AI to build a trusted agent directory that merchants can use to prove SPECIFIC agents are acting on behalf of your real customers. If you'd like to learn more, comment "Agentic commerce" Link to white-paper in comments 👇

Nailed it! Sam Altman thinks it's insane that banks still use voice or face to authenticate. "There are some FIs that will accept a voice print to move a lot of money. That is a crazy thing to still be doing. AI has fully defeated that." Here's the KYC nightmare no one's talking about. The core problem: KYC exists to verify WHO is making the transaction. If AI can perfectly mimic voice and face, you're not authenticating the customer. You're authenticating anyone with the right software. This creates a compliance crisis: • Every voice-authenticated transaction is potentially non-compliant • When regulators ask "How do you KNOW your customer made this trade?" • The answer becomes "Well, it sounded like them..." That's not KYC. That's wishful thinking. The control framework breakdown: - Identity verification fails (can be spoofed) - Transaction authorization fails (wrong person approved it) - Audit trail fails (no proof WHO actually authorized) Altman's exact warning: "Some bad actor is going to release it. This is coming very very soon." Banks using voice auth for high-value transactions are at risk. The regulatory implications are massive. When examiners catch this gap, the conversation won't be about fraud losses.It'll be about systematic failure to identify customers. The solve? KYC needs to be always on. The industry has talked about "perpetual KYC for a decade" but very few do it in practice. Every signal, every tap, swipe, or interaction needs to feed a real time risk score and set of models to understand is this a human. And as an industry we need to get much better at detecting bad software and malware. Does your bank's KYC policy account for AI voice cloning? 👇

Confused about VAMP thresholds? You’re not alone. We connected directly with Visa to clarify how fraud ratios and enumeration attacks are being tracked under VAMP. Here’s what we learned: ✅ Excessive merchant thresholds vary by region (see chart) ✅ VAMP fraud ratios combine TC40s and TC15s into one number ✅ You must breach both rate and count thresholds to trigger action ✅ Enumeration has its own detection logic based on raw auth math ✅ Enumeration ratio is flagged at ≥ 2000 bps of total auths ✅ Enumeration count is flagged at ≥ 300,000 attempts The new rules aren't about clever ratio management. It's about showing real control across every fraud touchpoint. Full write-up in the comments 👇

We had a great time at the ICBA ThinkTECH Showcase at the Colorado School of Banking in Boulder last week. Ravi Loganathan shared how Sardine and Sonar are helping community banks stay ahead of fraud and financial crime by using AI, behavioral intelligence, and real-time threat detection to protect what matters most. Thank you to ICBA for hosting such a thoughtful and engaging event.