I would think somebody would have to have proper credentials in order to goto their bank and claim a transaction is fraudulent.

In which case they would be using their real name and information.  Isn't this traceable back to their bank?  Hard to use TOR and proxies at a physical bank location.

I hope the cyber police do a full back trace and put somebody in jail.