Synthetic Identity Fraud is increasing in popularity – learn why and how to protect your business.
Synthetic Identity Fraud is gaining in popularity among fraudsters. Keeping ahead of the criminals is getting tougher, as their techniques grow more sophisticated by the day. Traditional approaches do not work in stopping this complex fraud. For digital merchants and financial institutions, Fraud.net’s AI-based software and collaborative tools will help your company defend against this most challenging of fraud schemes.
Synthetic Identity Fraud – Not Your Parent’s Identity Fraud
Synthetic Identity Fraud uses a combination of real and false personally identifiable information (PII) to create a new identity for defrauding an organization. What makes Synthetic Identity Fraud so challenging for organizations and law enforcement is its hybrid nature. Some estimates peg credit losses due to it at 20% of the total. However, issues with identifying the fraud make any magnitude estimate likely understated.
How Did We Get Here?
Traditionally the identity utilized by criminals in a fraud scheme could be separated into two broad categories:
Fraud Type | Description | Limitation to Fraudsters |
First-party | Criminals utilize their own identities to commit fraud. | The impacted organization is unlikely to fall prey repeatedly to the same scheme by an individual, so it is typically a “one and done” attack. |
Third-party | Criminals utilize a stolen identity to commit fraud. | Once the impacted individual recognizes the theft, they will promptly report it to the company, limiting the ability to repeat fraud with that identity. |
The above limitations make the traditional identity fraud approaches less effective for criminals. These constraints are the impetus for the hybrid nature of Synthetic Identity Fraud, which bypasses the limitations of earlier approaches.
Nine Drivers of Synthetic Identity Fraud’s Popularity
Synthetic Identity Fraud is one of the fastest-growing frauds, and companies are struggling to adapt to this challenging scheme. Below are the leading drivers for the popularity of the fraud:
- A major contributor to the fraud’s growth is the increasing frequency and size of data breaches. We estimate that the pandemic has increased fraud overall by 40%, including data breaches.
- The primary catalyst for the easy availability of stolen PII from data breaches is the growing sophistication of the dark web.
- The dark web has also expedited the distribution and selling of synthetic identities.
- Synthetic fraud schemes can masquerade as “good” consumer behavior. A Federal Reserve analysis found that 70% of suspected cases temporarily exhibit typical consumer patterns.
- The difficulties detecting leads many companies to resort to just writing off cases as bad debt. This allows the fraudster to get off unscathed. Plus, it obscures the size of the issue and the ability to better understand the behaviors and signs of the fraud.
- Consumers’ desire for faster and simpler account sign-up processes is another enabler for the spread of this type of fraud. The dwindling amount of in-person account setup, along with easier online sign-up, has made utilizing it simpler for fraudsters.
- Making Synthetic Identity Fraud even more sinister is that it commonly goes unnoticed for months. Because the PII used is often only one piece of information, not the whole person, an individual’s recognition of the theft is frequently delayed or does not happen.
- The scalability of the fraud due to the advanced technology deployed by criminals has aided its growth and effectiveness. Once the scammers have determined a target, the technology empowers them to quickly scale up for numerous attacks.
- Cyber criminals’ utilization of advanced technology is also leading to new variants of the fraud to make detection even more difficult.
Synthetic Identity Creation
As opposed to traditional identity theft, Synthetic Identity Fraud can require only one piece of PII to create a synthetic identity. To begin their fraud, criminals have a variety of tactics available to develop synthetic identities:
- Traditional Identity Theft – Requires actual PII for all data elements.
- Identity Manipulation – Real PII data elements are adjusted slightly to create a new identity.
- Identity Compilation – Actual and fabricated PII data elements are compiled together to form a new identity. The most common form of synthetic identity creation.
- Identity Fabrication – A new fake identity is created without the use of any genuine PII. This approach is typically the least effective.
How Fraudsters Deploy Synthetic Identities
Unlike traditional identity theft, detection of Synthetic Identity Fraud is almost solely on the company. Companies need to proactively prevent and detect attacks. Fraudsters can utilize their synthetic persona in two decidedly different approaches:
Type | Example Usage | Timeframe | Payoff |
“Take the money and run” | Perpetrator uses the synthetic ID to obtain a credit card. They immediately make a single large purchase or cash withdrawal and then abandon the card. | Very Short – a few days | Limited – very likely deployed only once |
“Biding time until busting out” | Scammer obtains a credit card but patiently builds credit. Then, at a defined threshold, they max out spending against the credit limit, abandon the account, and default. | Extended – several months to a few years | Large – with thousands of accounts potentially in play |
Building “Credit-ability” for Synthetic Identities
The most effective Synthetic Identity Fraud criminals are the most patient – building credit and credibility over time before “busting out” and maxing out a line of credit with no intention to repay. Fraudsters are using it in creative ways across industries. But the primary target is credit applications, whether banking, credit card or other credit accounts.
To learn more, read our Synthetic Identity Fraud eBook “Why AI and Collective Intelligence are Critical to Exposing Synthetic Identity Fraud“ and contact us today to talk with our experts and receive a free demo.