New account fraud is a growing problem for financial institutions. The cybersecurity analysts at FiVerity estimate that as much as 50% of new U.S. accounts in 2021 were fraudulent, an increase of 109% year on year.
New account fraud refers to a type of fraud in which a person creates a new account using a false identity. This can be done for a variety of purposes, such as obtaining credit, making fraudulent purchases, or laundering money. It’s also known as account opening fraud or account enrollment fraud.
In 2021, the Department of Labor estimated that new account fraud cost $163 billion in losses. However, most experts believe this figure is low. “To be honest, I don’t know current estimates on the percentage of fraud losses due to account opening fraud. I would venture a guess of about 30%,” Bushra Latif, vice president and bank fraud program manager at Johnson Financial Group, said in an interview.
Learning the tactics and techniques that scammers use to perpetrate new account fraud can help protect your company from loss. Here’s how new account fraud happens and some best practices for mitigating risk at your institution.
How does new account fraud work?
One of the reasons new account fraud is so difficult to prevent is that fraudsters use many tactics to accomplish their crimes. New account fraud can be monetized in many ways and apply to different types of accounts, from bank accounts to PPP loans to social media profiles. Attacks can also range from direct, targeted fraud to less direct attacks that can set the stage for downstream fraud.
Understanding how these crimes are accomplished can help your team spot the signs that account opening fraud is happening. Here are a few tactics that are commonly used to perpetrate new account fraud.
Stealing personal information
Fraudsters may steal personal information from victims through phishing attacks, data breaches, or other means. Once they have this information, they can use it to create new accounts in the victim’s name.
A fraudster may send a phishing email to a victim that appears to be from a legitimate company, such as a bank or credit card company. The email may ask the victim to click on a link and enter their personal information. Once the victim enters their information, the fraudster can steal it and use it to open new accounts.
Creating synthetic identities
Fraudsters may create synthetic identities by combining real and fake information. For example, they may use a real person’s name and Social Security number with a fake address and date of birth. Or, a fraudster may purchase stolen personal information from the dark web. They can then create synthetic identities and open new accounts using this information.
Using fake documentation
Fraudsters may use fake identification documents like driver’s licenses and passports to open new accounts. For example, a fraudster may create a fake ID using a stolen Social Security number and a photo of another person. They can then use this fake ID to open new accounts.
Exploiting a weakness in the account opening process
Fraudsters may take a vulnerability in the account opening procedures to open new accounts without providing proper identification or verification. This is more prevalent in online account opening processes, during which a fraudster could find a way to bypass verification requirements.
Using social engineering
Fraudsters may use social engineering techniques to trick victims into providing them with personal information or persuade businesses to open accounts. For instance, they may call a business and pose as a legitimate customer. They may be able to persuade the employee to open an account for them without providing proper identification or verification.
No matter what tactic is used to commit new account fraud, businesses lose money every time a fraudster opens an account in a customer’s name and then defaults on payments. Consumers can also suffer financial losses and damage to their credit reports if they are victims of new account fraud.
Common types of new account fraud
New account fraud is on the rise. This is partly because the internet has made it easier for bad actors to access customer data and credit. A good deal of customer information is available on the internet without any hacking effort needed. For example, users on social media often share their full names, birthdays, addresses, phone numbers, and photos—personal information can be scraped and used to create fake new accounts.
Likewise, lines of credit are readily available online and often approved within minutes. The web’s anonymity makes it easy for fraudsters to quickly apply for online credit cards and loans, receive funds, and vanish.
Financial institutions, lenders, banks, credit card companies, and payment services such as Venmo and PayPal are common targets for new account fraud. During the pandemic, government support, such as the PPP loans, were also popular targets for new account fraud.
Combatting new account fraud
New account fraud typically takes place within the first 90 days after an account is opened. Anti-fraud monitoring teams should focus on this window of time for signs of potential fraud. Most fraudsters wait 30 days to make a deposit and often start by making small deposits and withdrawals to make the account seem normal.
Businesses can take steps to protect themselves from new account fraud by implementing strong Know Your Customer (KYC) procedures and using fraud detection tools.
Fraud.net offers a comprehensive solution for combatting new account fraud. Our platform offers an all-in-one, AI-driven customizable toolkit that constantly updates and expands your business’ real-time risk scores, fraud detection, case management, and collective intelligence insights.
Fraud.net’s Application AI targets all types of account fraud, including new account fraud. We use machine learning, anomaly detection, geolocation, and behavioral analyses to detect high-risk sessions on your site and prevent most fraudulent logins. As a result, the customer experience is unaffected by rigorous anti-fraud measures that help keep your business safe.
Fraud.net is part of a Collective Intelligence Network built to stay ahead of evolving risks. When one company faces a new fraud scheme, all companies within the Collective Intelligence Network benefit from the new data informing our machine learning models. As a result, this continually optimizes and strengthens our platform.
To learn more about new account fraud and start protecting your institution, schedule a demo with Fraud.net today.