Combating Dealership Fraud in 2025

March 21, 2025

Fraud is on the rise, and Virginia dealers should protect themselves

Our Partners at ComplyAuto offer numerous resources to help combat dealer fraud. For more, visit www.complyauto.com.

The news stories are numerous: Fraudsters hack into a dealership's email system and intercept wire transfers. Scammers use impossible-to-detect fake IDs to secure transactions. Employees are duped into giving up customer information to an impersonator.

But it's not new news that cyberattacks on dealerships are more prevalent. Incidents can cost thousands of dollars, lost customers, and risk reputational damage. The Federal Trade Commission's Safeguards Rule also requires dealerships to adopt measures to protect the security of customer information.

Here’s the latest data on fraud and cyberattacks — and ways Virginia dealers can protect their business, people, and reputation.

Consumers Lost $12.5 Billion to Fraud in 2024

  • The latest FTC data shows consumers reported losing more than $12.5 billion to fraud in 2024 — a 25% increase over the prior year.
  • In 2023, 27% of people who reported a fraud said they lost money, while in 2024, that figure jumped to 38%.
  • Consumers reported losing more money to investment scams—$5.7 billion—than any other category in 2024. The second highest reported loss amount came from imposter scams, with $2.95 billion reported lost. 

An Always-On Problem for Dealers

Dealerships are an attractive target for cyber criminals because they have several key vulnerabilities, according to our partners at Zurich:

  • Dealers have a treasure trove of data: Confidential and personal information, including financing and credit applications, customer financial information and home addresses. 
  • They lack basic cyber security protections. A large percentage of auto dealers use outdated systems and/or have outdated software. Unsecure networks can act as gateways to stealing information or creating digital mayhem.
  • Dealership systems are often interconnected to external interfaces and portals, such as external service providers, exposing them to further risk.
  • Dealership employees may lack training in the most frequent of cyber-attacks, phishing scams.  

Nationwide, losses have cost the auto industry more than $7.9 billion, according to Point Predictive. Cybercriminals use hacking, phishing, and spoofing techniques to infiltrate email accounts, impersonate trusted parties, and redirect funds. Most attacks start with phishing or “Social engineering” to deceive or use emotional manipulation to trick people into revealing confidential information or act in ways that harm them (or their employers) financially.

DealCheck AI transforms your sales and F&I process from hours of manual checking to instant digital verification. By catching missing documents and errors before submission, you'll slash unfunded deals, eliminate chargebacks, and free your team to focus on selling cars instead of chasing paper. Visit www.complyauto.com/dealcheck-ai/

A.I. IDs: Impossible to Detect

  • Due to advances in AI, there was a 98% growth in fake-identity fraud in 2024, the FTC said.

Identity documents are too easy to forge. And A.I.-generated fake IDs have gotten so good that trained F&I managers cannot spot forgeries even with close scrutiny for details like 3-D holographic stamps.

Biometrics—such as facial recognition and other hard-to-imitate characteristics—may become the new standard, according to experts.

Be especially careful of wire transfer scams

Fraudsters hack or spoof email accounts to impersonate dealers. They wait for high-value transactions and send fraudulent wire instructions. Money is then wired to criminal-controlled accounts and quickly withdrawn.

How to stop fraudulent wire scams: 

  • If selling, establish immediately the method of payment. 
  • In each email or document created, use a message warning against fraud, such as: “Because of the possibility of fraud, only accept payment directions such as wire transfer instructions if you personally verify the information by a telephone call to our publicly advertised phone number.”  
  • Never accept payment directions, such as wire transfer information, without calling a known person at the seller using the publicly advertised phone number. 

Additional Measures You Can Take

Strengthen Cybersecurity Protections

  • Keep all computer systems and security software up to date.
  • Require IT vendors to implement the latest security protocols.
  • Use multi-factor authentication (MFA) for email and financial transactions.

Train your team

  • Educate employees on email scams and cybersecurity best practices.
  • Train staff to recognize phishing emails and avoid clicking on suspicious links.
  • Conduct routine checks to ensure employees follow security protocols.

Monitor for Suspicious Activity

  • Regularly review email security and access logs.
  • Ensure employees use strong passwords and do not write them down or share them.
  • Monitor for unauthorized changes in financial transactions.

Cyber fraud targeting auto dealers is not going away — and has only grown in recent years. Without proactive security measures, dealerships risk losing significant sums of money and facing massive liabilities. By implementing strong cybersecurity protocols, training employees, and verifying all wire transfers, dealers can reduce their risk of falling victim to scams.

More Resources