Battling check fraud in the U.S.

Dec 16, 2025

Battling check fraud in the U.S.

Many countries have retired checks as a financial instrument, but billions of checks are still written every year in the U.S. This has proved to be a boon to fraudsters. There is an entire underground industry dedicated to stealing and fabricating checks that is not slowing down and is tricky to combat. Often, images of stolen checks are posted on Telegram and offered for sale to other fraudsters. In this Studio 471, Eric Huber, who is Cybercrime Research Leader at TD Bank, discusses why check fraud is such a huge problem and how financial institutions can counter it. Huber is the curator of the Fraudster Glossary, which is an index of terms used on cybercrime forums. Intel 471 also recently published an in-depth blog on check fraud, which is available here.

Participants:
Eric Huber, Cybercrime Research Leader, TD Bank
Jeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471

Emerging Threats//

CrazyHunter Ransomware

CrazyHunter is a ransomware campaign targeting healthcare that weakens endpoint defenses and escalates privileges before encrypting systems at scale.

Emerging Threats//

DevMan Ransomware

DevMan Ransomware is a newly emerging ransomware operation observed in 2025 that has been assessed as a derivative of the DragonForce ransomware family.

Emerging Threats//

Gootloader Malware Update

Gootloader resurfaced with enhanced capabilities, building on the multi-stage loader malware first seen in 2020.

Sign up for our Executive Intel Update

Stay informed with our weekly executive update, sending you the latest news and timely data on the threats, risks, and regulations affecting your organization.

Battling check fraud in the U.S.