The threat from artificial intelligence has been in the headlines lately, but dealerships must also watch for relatively low-tech scams that still succeed, such as straw purchases, phony credentials or fast-talking scam artists who attempt to take remote delivery, especially when dealerships are busy or eager to pursue a sale, experts say.
“Good, solid ID verification is my priority right now," says Preston Stewart, national variable operations and compliance director for megadealer group Napleton Automotive, based in the Chicago suburb of Oakbrook Terrace, IL.
For remote deliveries, Stewart's group regularly uses a vendor that verifies identification via online means, and as an added precaution, also offers dealerships the option of dispatching a notary public to deliver required paperwork in person, collect customer signatures and watch for potential “Red Flag” warning signs of fraud.
“That’s my nightmare. Is the paperwork going out randomly to some individual through a FedEx envelope, without being sure they are who they say they are?” Stewart tells WardsAuto.
That can happen when a dealership gets “caught up in the flow” of a busy weekend, he says.
It’s the Real Thing
To deter identity theft, “There’s no substitute for the human experience, one-on-one,” says Lisa Spring, a manager for Maverick Document Signings, Mission Viejo, CA – usually called Mavsign, for short.
Mavsign, with a network of notaries, is one of several vendors Napleton Automotive uses to deter fraud, Stewart says.
Spring presented some anti-fraud tips and best practices for dealerships in a recent “Red Flags Program” webinar hosted by the Association of Finance and Insurance Professionals and the Association of Dealership Compliance Officers, both based in Colleyville, TX.
“Gotcha Moment”
“Red Flags” refers to the Federal Trade Commission’s Red Flags Rule. Since 2011, the rule has required businesses involved in credit transactions, including car dealerships, to adopt written plans to detect and respond to instances of possible identity theft.
The FTC provides templates for businesses to follow to create their own Identity Theft Protection Plan. But the plans can be tailored to incorporate tips and lessons learned, Spring says.
For example, part of Mavsign’s remote-delivery standard operating procedure is to collect a thumbprint from the buyer. Just hearing in advance that they must provide the notary with a thumbprint is often enough to persuade scammers to call off the deal, Spring says. “People just will not do it,” she says.
Stewart agrees, saying: “I couldn’t tell you how many times I’ve gotten a call, ‘The second I asked for a thumbprint, they left.’ That’s really the kind of ‘gotcha’ moment.'”
Check All the Boxes
In the webinar, Spring says dealerships sometimes press ahead with a sale, even when Mavsign has raised some red flags.
A common warning sign is when the phony customer cites some domestic emergency and changes the location of the document signing and delivery, usually to a different address than the home address on the contract.
On remote deliveries, Mavsign recommends dealers verify buyers’ identities first by online means and only then go to the next step with the in-person notary. “The takeaway should be, you really need to do both,” Spring says.
However, sometimes dealerships opt to proceed directly to delivery without first verifying the identity, which, of course, increases the risk.
“If the identity is not good, then you can’t proceed with anything else; the dealership simply will cancel the deal. Sometimes they don’t do it that way,” she says. “It always amazes us that they will allow the customer to talk them into skipping that piece.”
