Skip to content

The Dark Web: An Online Market for Stolen Checks

  • Abrigo's new report cites the "dark web" as a driver for fraud
  • Potential check fraud of all types nearly doubled in 2022
  • Tech solutions are crucial in stopping check fraud attempts

Modern day success owes much to technology. The advent of the computer, the internet, and mobile phones are just a few technologies that have played a major role in everyday life. However, as with many leaps forward, there is the good and there is the bad. A perfect example is the dark web -- the part of the internet not indexed by popular search engines like Google.

In their new report entitled Check Fraud and the Dark Web: Detection and Prevention, Mary Ellen Biery of Abrigo and Robert Villanueva of Q6 Cyber -- and formerly with the Secret Service, where he specialized in transnational cybercrimes, access device fraud, network intrusions, and identity theft data breaches affecting the private sector -- explore and explain the ways fraudsters are leveraging the "dark web" to better enrich themselves through the sale and purchase of stolen checks.


On the dark web, criminals are typically asking for $175 for personal checks and $250 for business ones, according to Georgia State University researchers.

However, that stolen check could cost thousands or millions more in losses to a financial institution and its customers. In two months alone in late 2021, the university researchers found stolen checks on the dark web with a total face value of nearly $22 million. An average of 1,325 stolen checks were being sold each week– on just 60 of the thousands of active online chat rooms in messaging apps such as WhatsApp, ICQ, and Telegram.

The dark web structure, of course, creates a very tempting and financially fulfilling situation for persons willing to steal checks. Efficiency and reliability breed more attempts and more losses.

The Federal Bureau of Investigation (FBI) says losses from check fraud total $18 billion annually. And the number of Suspicious Activity Reports (SARs) detailing potential check fraud of all types nearly doubled in 2022, Financial Crimes Enforcement Network (FinCEN) data show.

The Dark Web's Role in Endangering Mail Carriers

Before the internet, criminals would need to have a "contact" or a source for information, stolen items like checks, as well as a network of people to collaborate with -- typically in near proximity. But this isn't the case in today's tech-driven world. The dark web's efficiency, anonymity, and ability to connect sources has made it a reliable market for stolen checks and a thriving ecosystem for fraud. And, with an increased demand for more stolen checks, we are seeing a major increase in mailbox and mail carrier robberies.

Hackers will stop at nothing to gain access to your customer's accounts and funds.

The market for stolen checks has grown so much in recent years that postal carriers are being robbed for their universal mailbox keys and their trucks full of mail. In the Boston area alone, 10 assaults against U.S. Postal Service letter carriers since July 2022 have involved the stealing of the keys, giving thieves access to even more mail.

This is not to mention the occasional "inside job":

In addition, while most postal employees are honest, a few rogue ones are doing their part to fuel the check-fraud increase. A former mail carrier in Alabama was recently sentenced for stealing checks worth more than $40,000 along his route. Prosecutors said the former worker was selling the checks over the dark web.

Tech Solutions for Check Fraud Detection AND Prevention

Finally, the report reinforces the idea that technology is crucial in detecting suspicious check transactions and reduce false positives. However, there is no single solution that can prevent all of check fraud on its own.

We've covered in many of our previous posts how a combination of behavioral analytics systems -- used to monitor account transactions and identify anomalous behaviors -- and image forensic AI -- used to interrogate the check images to identify counterfeits, forgeries, and alterations -- is a strong combination of technologies that can detect a majority of check fraud. However, there are solutions providers out there, like Q6 Cyber, that take your fraud prevention a step further.


Until the Post Office and law enforcement agencies are able to curb theft of stolen mail and stolen checks, financial institutions need to be wary of the next logical source: the dark web. Monitoring the dark web to spot account information being shared -- or physical checks and images of stolen checks being sold -- will assist financial institutions in stopping losses before an attempt occurs.

Technology for prevention, in conjunction with technology for detection, will best enhance the ability for financial institutions to fight fraud.

Leave a Comment