In order to understand how to combat fraud, we sometimes have to think like fraudsters. To that end, we’ve previously purchased travel tickets on the dark web. Today, we’ll apply for a loan with stolen ID.
An important disclaimer: This article is not a guide, and we do not condone illegal activity. Our platform is designed to fight against fraud, which is why we sometimes have to step into fraudsters’ shoes to understand how they work.
Start Using the Dark Web
Like with many other illegal online activities, it starts with the dark web. This is the collection websites on the internet that are encrypted, non-indexed by search engines, and require specific tools and software to access.
The darkweb’s main appeal is that it provides anonymity. Using the TOR browser, you can visit special .onion addresses that are only accessible via its hidden service protocol. Alternatively, fraudsters can use I2P, which makes use of a peer-to-peer-like routing structure.
It is where you will find most illegal marketplaces. However, it should be noted that some marketplaces regularly appear on the clear net, which means you can access them with a standard web browser (Chrome, Safari, Firefox, etc..)
Why Target Loan Companies on the Dark Web?
We’ve already written a complete article on why fraudsters love payday and fastloan companies. But according to the description of a fraudster guide, this is how they see it in their own words:
“Payday and installment loan companies are generally low security as they charge such high interest rates and want to process as many loans as possible. Also due to their nature they are quick to pay out. This makes them ideal targets for loan fraud, and our guide will show you how to make EASY MONEY! Not just limited to payday loans, this guide also works EASY with other loan companies.”
Step by step to Apply for a Loan with Stolen ID
While we didn’t actually go through the illegal process ourselves, we gathered enough evidence to prove that loan fraud is rampant. This is how easily we could find everything we needed:
Step 1: Learn & Install TOR Browser
After installing the Tor browser, we had no problem accessing a few known darknet marketplaces. Just browsing the products available revealed that beginner guides abound.
Step 2: Buy “Fullz”
Fraudsters have coined the term fullz, referring to a full combo of personal ID details. They usually include a first name, last name, ID documents and optionally a credit card (CC) number.
Step 3: Purchase Credit Information
Of course, loan companies try to protect themselves from scams by deploying credit scoring systems. Unfortunately, fraudsters have a way around it. They simply purchase background and credit information with pre-existing high credit scores for their applications, which they pay with a stolen credit card to avoid unnecessary expenses.
Step 4: Hide & Validate Your IP
Another common way to flag fraudsters is to block suspicious IP addresses. Once again, this is easily fooled simply by purchasing a validated IP address, as shown here with this screenshot of Socks5. It allows anyone to buy from hundreds of UK-based residential IPs:
You can read more about IP lookup tools here.
Step 5: Purchase a Bank Account
Loan companies will pay directly into a bank account. Fraudsters can simply purchase one from an illegal marketplace. It will sometimes provide a credit or debit card along with the required IBAN number:
Step 6: Get a Verified Phone Number
Most online companies will implement 2FA authentication these days, which requires a phone number. Fraudsters can easily download apps from the App or Play store to generate numbers on a “burner” phone – one that is designed not to leave a trace.
Step 7: Validate Personal ID with Photoshop
At this time, fraudsters have already found everything they need. But loan companies sometimes require extra document verification proof showing at least basic information. Since it’s unlikely fraudsters already have the exact paperwork they need, they can simply use an online service that photoshops the right paperwork for them.
Step 8: Cash out via Crypto Exchange
Finally, fraudsters will need to wire the loan to the bank drop. Cashing the money out from the bank drop is really easily nowadays. This usually means sending it to a cryptocurrency exchange, where they can buy bitcoins or other currencies, which can be used to continue purchasing goods or more fraud tools.
How to Prevent Your Business from Loan Fraud?
At every step of our research, we were amazed at how easy it would be to defraud loaning companies. No wonder, it is one of the most targeted verticals by fraudsters.
But if you are in the industry, don’t despair. Using a combination of tools and processes, you should already have enough data points to create a much more precise of who your borrowers are:
- While some points are falsifiable, it’s harder to falsify all of them all of the time. By checking the connections between data points, a good integrated system can find red flags that would otherwise be invisible. This can stem from device fingerprinting, IP scanning or even a user email address.
- A strong precaution is also to maximize what can be done at the credit scoring stage. Using the right combination of tools, it is possible to improve your fraud detection rate without sacrificing user experience.
- Data enrichment: while it is particularly efficient at the credit scoring stage, it’s also possible to perform quick data enrichments for manual review with a tool like SEON’s Intelligence tool.
- Staying on top of fraud trends and doing your own research can also go a long way in understanding attack patterns and preventing them.
Finally, at SEON, we are continuously striving to educate fraud managers and organization leaders on the best practices to combat fraud.
See a live demo of our product
Get our latest newsletter
Join over 6000 companies in getting the latest fraud-fighting tips