Dictionary

Third Party Fraud

What Is Third Party Fraud?

Third party fraud involves the use of an individual’s (or a company’s) details to commit financial crime. Often known as “identity theft”, third party fraud is alarmingly common. In 2021 alone, around 15 million Americans were victims of third party fraud, and the number of cases has been known to double year on year.

Third party fraud is committed by all types of criminals – from individuals trying to use a stolen credit card or take out a loan in somebody else’s name, to organized crime groups committing fraud on an industrial scale.

While third party fraud often involves the theft of somebody’s personal details, criminals also sometimes make use of synthetic identities, specifically created for fraudulent activity.

The direct victims of third party fraud are the financial institutions, retailers, and ecommerce stores that are targeted, and the people whose identities are stolen. Incidents of fraud have a significant financial, emotional, and practical impact. 87% of fraud victims report emotional distress after such incidents.

How Is Third Party Fraud Different from First and Second Party Fraud?

To comprehend how third party fraud differs from first and second party fraud, it helps to understand the other types:

  • First party fraud is perpetrated by a person or company in their own name. Examples include falsifying information for credit applications, claiming dishonest refunds, or disputing legitimate transactions in the hope of obtaining a chargeback – a process called chargeback recovery.
  • Second party fraud also involves the use of an individual or company’s details, but the fraud is committed by somebody who is given those details voluntarily. For example, somebody may allow their own account to be used for money muling, or work together with a fraudster in a “fake merchant” scam, paying for products and services from a non-existent company.

In both cases above, the legitimate holder of the details (or accounts) used to commit the fraud is in some way involved. With third party fraud, the crime takes place without the knowledge of the victim, using illegally obtained details.

Fight Fraud Faster with SEON

Partner with SEON to reduce fraud rates in your business with real-time data enrichment, machine learning, and advanced APIs.

Ask an Expert

Types of Third Party Fraud

There are many varied types of third party fraud, and fraudsters constantly work to find new and inventive ways to extract financial gain from their victims.

Some of the most common types of third party fraud include:

  • Account takeovers: These involve criminals gaining access to bank accounts, making purchases, or diverting funds.
  • Credit card fraud: Involving anything from stolen physical cards to skimmed and cloned cards, credit card fraud is a type of third party fraud that involves making illegal purchases or obtaining cash advances.
  • New account fraud: This involves fraudsters opening new accounts using stolen personal details. (New account fraud can also involve synthetic identities or combinations of false and genuine information. This is known as identity manipulation.)
  • Loan stacking: This involves fraudsters applying for multiple loans under an assumed identity, pocketing the funds, and then failing to make repayments.
  • Benefit and tax fraud: Criminals may apply for government benefits in somebody else’s name. They may also file false tax returns and apply for rebates.

For all of the third party fraud types above, there are also many nuanced subtypes of such attacks. For example, there are lots of ways for criminals to obtain the personal details needed to perpetuate third party fraud, from phishing and social engineering to physical theft and the use of the dark web to purchase compromised account details.

Examples of Third Party Fraud

Here are some real-life examples of third party fraud:

  • In 2017, fraudster Kenneth Gibson opened around 8,000 false PayPal accounts in the names of employees of a company he worked for in Nevada. He evaded detection by only moving around small amounts of money, which he withdrew via an ATM. It was his repeated trips to the ATM that finally led to the discovery of the fraud – which had been committed using an automated script.
  • Anthony Lemar Taylor managed to steal the identity of golfer Tiger Woods, initially by fraudulently obtaining a driver’s license in his name. He used the stolen identity to purchase goods worth around $17,000, including a car and a 70-inch TV. He was controversially sentenced to a 200-year jail sentence under California’s “Three Strikes” law.
  • In 2018, a fraudster called David Matthew Read went on a $169,000 “shopping spree” using a replacement American Express Black card that he managed to obtain in the name of actress Demi Moore.

All of the examples above were high-profile, and in all of those cases, the perpetrators were caught and sentenced. However, a vast amount of third party fraud goes unpunished; and in fact, it often remains both undetected and unreported.

Organizations such as banks, credit reference agencies, and card providers often report on new trends in third party fraud.

For example, in January 2023, Experian reported that third party fraud was growing in relation to current accounts, savings, card, and loan accounts.

One particular trend at the time of writing is an evolution in fraudsters’ methods to obtain the personal data they need to carry out their scams. Trends include fake job adverts, messages purporting to be from family members, fake investment schemes, and messages about bogus Government assistance grant schemes.

Other trends include scams that seek to take advantage of the popularity of cryptocurrency investments, as well as the use of underground fraud as a service (FaaS) schemes. These allow criminals to scale up their operations by hiring botnets or buying “off the shelf” malware.

Reduce Fraud by 80% with Innovative Fraud Detection by SEON

SEON offers unique digital footprint analysis and robust anti-fraud functionality in a fully modular fraud solution with the support of a team of experts.

Ask an Expert

How to Prevent Third Party Fraud

Preventing identity fraud is something that both individuals and the companies that serve them need to consider.

Basics like maintaining complex and unique passwords, installing cybersecurity software, and exercising caution when using insecure wireless networks all remain important. User education is also critical. A huge proportion of third party fraud incidents originate with human error, so the more people who are trained to recognize phishing emails and fake websites, the harder it is for fraudsters to operate.

Businesses must think about third party fraud detection on both a process and technical level. Technology is half the battle, but equally important are staff training and cyber awareness.

Just as fraudsters work hard to devise inventive new ways to commit third party fraud, tech companies constantly innovate with new fraud prevention solutions. Some utilize machine learning and other forms of artificial intelligence (AI), or they harness the power of Open Source Intelligence (OSINT) to allow additional automated checks of customer details.  

Fraudsters are always looking for their next big pay-off. Those they target must be aware of this and be proactive in order to stay one step ahead.