#22: Chase Blocks Zelle Payments to Influencers, Consumer Protection, U.S. Govt Networks Exposed
This week, Chase is taking a stand on Zelle fraud, tech giants are at a crossroads on consumer protection, and a major U.S. government network exposure could give foreign adversaries a roadmap to sensitive systems. Let’s dive in.
NATE'S TAKE - FEBRUARY 25, 2025
Top Three This Week
- Chase to Block Zelle Payments to Social Media Sellers—A Sign of Bigger Problems
- Are Tech Giants Responsible for Protecting Users From Themselves?
- Push Payment Scams Are at a ‘Crisis Level’
1. Chase to Block Zelle Payments to Social Media Sellers—A Sign of Bigger Problems
Starting later this year, Chase will block Zelle transactions to individuals selling goods on social media. The decision comes as Zelle-related fraud and disputes continue to pile up, with buyers getting scammed by fake sellers and banks increasingly unwilling to eat the losses.
For fraud teams, this is another chapter in the ongoing fight over liability for scam payments. Chase’s move signals that banks may be shifting away from post-fraud reimbursement strategies and focusing on preemptive controls instead. But blocking transactions isn’t a long-term fix—scammers will adapt, switching payment methods or pushing victims toward even riskier platforms.
If major banks continue cutting off Zelle for high-risk transactions, it raises a bigger question: Are financial institutions slowly pulling back from real-time payments due to fraud liability concerns? And if so, what does that mean for the future of digital transactions?
2. Are Tech Giants Responsible for Protecting Users From Themselves?
Scams are thriving in an era of high misinformation, reduced consumer protections, and digital platforms struggling to keep fraudsters out. Even as Google, Nacha, Truist, and Zelle test new fraud controls, the bigger question remains: how much responsibility should these platforms have in protecting users from their own decisions?
And of equal concern, if the US government is comfortable trolling scam victims as “suckers” and scaling back consumer protection agencies, are we shifting toward an era where caveat emptor—the principle that buyers must beware—is the only fraud policy that matters?
None of the controls being tested prevent one of the biggest fraud enablers: human psychology. Social engineering tricks even the most skeptical users, and as fraudsters continue refining their tactics, the line between consumer responsibility and platform accountability is blurrier than ever.
Tech giants are now at a crossroads: build stronger guardrails to stop scams before they happen, or step back and let users fend for themselves. Right now, the answer isn’t clear—but the stakes have never been higher.
3. Security Researchers Sound Alarm on Recently Exposed Government Systems
Security researchers are raising alarms after a surge of U.S. government networks became publicly accessible on Shodan.io, a tool that indexes internet-connected devices. Federal mail servers, VPNs, and remote access gateways—systems that should be secured—were suddenly exposed, making foreign cyber-espionage significantly easier.
Researchers warn this could hand China and Russia a roadmap to U.S. infrastructure, allowing adversaries to identify vulnerabilities, harvest credentials, and launch targeted cyberattacks. Some of the exposed systems are tied to nuclear research facilities, the Department of Energy, and the U.S. Treasury, including a server linked to the Secure Payment System, which handles billions in federal transactions.
Compounding the issue, government networks were found interacting with AI services, suggesting large-scale data movement that could further complicate security risks. If foreign hackers intercept this data, it could lead to breaches affecting millions of Americans, with long-term consequences for both national security and financial stability.
For fraud teams, this exposure highlights how government network vulnerabilities can ripple into the private sector. Whether this was a misconfiguration or something more serious, the sheer scale of the data movement raises urgent concerns about security failures at the highest levels.
Read the full brief here: DOGE Exposes Once-Secret Government Networks, Making Cyber-Espionage Easier than Ever
Ready to get started with Spec?
Nate Kharrl, CEO and co-founder at Spec, has built leading solutions for application security and fraud challenges since the early days of the cloud era. Drawing from his cyber experience at Akamai, ThreatMetrix, and eBay, Nate helped found Spec to focus on the needs of businesses operating in a landscape of increasing AI risks. Under Nate’s leadership, Spec grew from its mid-pandemic founding to raise $30M in venture-backed funding to build solutions used by Fortune 500 companies transacting billions in online commerce. Spec’s service offerings today include protective measures for websites and APIs that specialize in defending against attacks designed to bypass bot defenses and risk assessment platforms.
Frequently Asked Questions
“With Spec, we can mitigate fraudulent activity, protect our revenue, and create a better user experience so that Indiegogo can remain a trusted crowdsourcing platform.”
Payments Manager
