top of page
  • Writer's pictureTamara McKenzie

Know Your Synthetic Identity Fraud

Verifying the identity of existing account holders or opening new accounts is a costly responsibility for the financial industry. Without proper controls, it can result in significant losses, regulatory fines, and damage to reputation. As fraudsters become more sophisticated, financial services organizations struggle to prevent fraud in all its forms. In its True Cost of Fraud Study, LexisNexis found that for every $1 lost to fraud, financial services incur $4 in costs, highlighting the inadequacy of traditional verification and fraud detection methods. One major challenge for the financial sector is the need to provide efficient, positive customer experiences for account opening, application submissions, money transfers, and more, while also effectively preventing fraud. Synthetic identity fraud, in which fraudsters create fake profiles using stolen data, is a particularly pressing issue for financial institutions, and losses related to this type of activity are expected to reach $2.42 billion in 2023. To combat synthetic identities and prevent KYC and EDD fines, it's essential to find new ways to detect and prevent this type of fraud.

The Sources of Information Used by Fraudsters to Create Synthetic Identities

Fraudsters use a variety of sources to obtain the information they need to create synthetic identities. These include data breaches, malware attacks, and consumer behavior.

Data breaches have become increasingly common, with over 1,800 publicly reported breaches in the past year, an increase of 68% from the previous year. These breaches expose a large amount of personally identifiable information (PII) that ends up on the darknet, where it can be accessed by criminals. SpyCloud reported that it recaptured 13.8 billion PII assets in 2021, a 200% increase from 4.6 billion the previous year. This information can include national ID numbers, credit card details, billing and shipping addresses, dates of birth, and more, all of which can be used by fraudsters to create fake identities.

Malware attacks are also a common source of PII for fraudsters. In the first half of 2022, there were 2.8 billion malware attacks, which can infect devices and allow criminals to access all the data and activity on that system. This can include PII, credentials, web session cookies, and more, which can be used to commit fraud even after the device has been cleaned of the malware.

Consumer behavior also plays a role in the creation of synthetic identities. For example, many consumers have poor cybersecurity habits, such as reusing passwords, which can be exploited by fraudsters. According to SpyCloud, 70% of breached passwords were still in use a year later, making them vulnerable to credential-stuffing attacks. Consumers may also conduct online transactions on devices with inadequate security or lack awareness of social engineering techniques, putting themselves and the companies they do business with at risk for fraud.

How to Identify Synthetic Identities

Synthetic identity fraud can be difficult to detect, as it often occurs at account opening and may not be discovered until an account is sent to collections. A survey found that 52% of financial institutions are concerned about their ability to detect and prevent losses from synthetic identity attacks. There are two key signs to look for that can help identify synthetic identities:

Lack of information: Synthetic identities may have few or no historical records, as they are newly created using stolen information. This can cause them to pass traditional fraud detection checks, as financial institutions often rely on historical evidence to validate identities. If an applicant has no negative history or has an email or other identifying information that has never been exposed in a data breach, it could be a sign of a synthetic identity.

Excess of information: Fraudsters may use multiple emails, phone numbers, and other identifying information to create synthetic identities. If an applicant has an excessive number of such pieces of information, it could be a sign of a synthetic identity. Similarly, having multiple Social Security numbers or national IDs could be a sign of a synthetic identity, as each individual should only have one of these constant identification numbers.

Using Darknet Data to Prevent Synthetic Identity Fraud

Synthetic identity often uses stolen information to create new identities that have few or no historical records. This can allow them to bypass traditional fraud detection measures used by financial institutions. One way to improve fraud detection and prevention is by gaining visibility into the stolen data circulating in the criminal underground, also known as the darknet.

By using data from the darknet, such as breach data, stolen personally identifiable information (PII), and victim data siphoned by credential-stealing malware, financial institutions can better detect and prevent fraud. This data can be used to check for synthetic identities and other types of fraud at every step of the customer journey, including account creation, login, account modification, money transfer, and credit card application.

To stay ahead of increasingly sophisticated cyberattacks, it is important for financial institutions to have access to the same information that fraudsters use. This can help level the playing field and improve the detection and prevention of synthetic identity fraud and other types of fraud.


bottom of page