Guide to Synthetic Identity Fraud: Prevention & Detection
Last Updated: December 15, 2022 by Bence Jendruszak
Criminals have found new ways to create convincing-looking identities – and one is synthetic identity fraud, fueled by the 14 million identities that are stolen each year.
They are combined with fake and generated data to help criminals achieve more – as well as with each other to create new personas. This is what makes fighting synthetic identity fraud so challenging.
But this isn’t as hard as it sounds with the right risk management tools. Let’s break it down below.
What Is Synthetic Identity Fraud?
Simply put, synthetic ID fraud is any fraudulent activity that uses a synthetic ID – a combination of fake and real-person data coming together to form a new identity. This real information is often sourced from stolen identities itself.
A Frankenstein’s monster of an identity, a synthetic ID is always stitched together from various parts of other identities – real or fake. It can also be made of multiple people’s personally identifiable information (PII), without any fake or made-up data. For instance, a real social security number from one person combined with another’s credit card details.
The applications are myriad, from opening new accounts to bypassing KYC verification checks and getting fraudulent transactions approved.
Synthetic Identity Types
Synthetic IDs can be:
- Manipulated: combining real user documents and fake, made-up data
- Blended: combining real information from multiple sources
- Manufactured: for instance, a social security number that is randomized to fall within the right range
ou always want to know who your customer really is. SEON’s digital footprinting uses our online presence to assess who they are.
Find a Better Way
How Does Synthetic Identity Fraud Work?
Fraudsters create synthetic IDs to bypass various identity checks. Here is an example of how a synthetic ID can be used for bank fraud:
- A fraudster buys personal information on the dark web.
- They generate fake information and combine it with some of the PII, for instance a social security number.
- They use the resulting identity to apply for a credit card.
- They borrow money and repay diligently for a while.
- When the limit is raised, they max the card and disappear.
- The bank tries to collect the money… and there’s nobody there.
Synthetic identity fraud can be harder to detect than standard identity fraud because it contains elements of real ID documents. These can help pass verification, whereas purely fake profiles are easily flagged.
How Dangerous Is Synthetic Identity Fraud?
Per the 2021 Future of Fraud Forecast, synthetic ID fraud (or synthetic identity theft) is the fastest-growing type of financial crime. Based on Experian’s own definition, it accounts for 80% of credit card fraud losses, and nearly 20% of chargebacks incurred by merchants.
Not only that, but according to the Federal US Reserve, synthetic identity fraud was the fastest-growing type of fraud in the US in 2019, too – while 85–95% of all synthetic ID fraud cases were not flagged by those legacy security systems. According to the same research, it is a particular problem in the US because of the country’s reliance on static personally identifiable information, including Social Security numbers (SSNs).
For consumers, the consequences are even direr. You may find that a stolen ID results in:
- Loans taken out in your name (and unpaid, resulting in a default)
- Lower credit score
- Potential legal action against you
- At worse, criminal convictions.
Fighting to clear your name of these misdeeds is also costly, both in terms of lost resources and emotional damage. It may take months or even years before you can finally convince the legal system that a fraudster targeted you using your ID details – up to 200 hours, according to a report from the SANS Institute.
How to Protect Yourself From Identity Theft
Fraudsters tend to acquire IDs online in one of five ways:
- Data leaks: your information held by a third party is leaked online (or, more typically, the darknet).
- Account takeovers: a fraudster infiltrates one of your online accounts and mines it for personal information.
- Phishing: you fall prey to an elaborate scam that pushes you to release personal information. If the information is a login name and password, an account takeover attack can happen, which takes us back to the second type of exploit.
- Social engineering: a criminal befriends you or finds a way to get to know you in order to get you to reveal personal information. Common tactics include fake job posts, romance scams or marketplace scams.
- Cyberattack: last but not least, you may be targeted by malicious software, such as a trojan virus or keylogger, designed to steal personal information held on your computer.
While there is very little you can do about a data leak (except minimize the amount of personal information you give out to third-party companies), all of the other exploits can be mitigated with common sense and basic security measures. These include:
- Creating unique, complex passwords: you may use a password manager or browser feature designed to create hard-to-guess passwords. Avoiding reusing the same passwords is key to reducing risk.
- Be suspicious of online/phone interactions: it’s a sad reality, but any kind of online interaction with strangers could potentially link to social engineering. Exercise due diligence, whether you’re using a dating app, selling items on an online marketplace, or making a payment to a new online store for the first time.
- Deploy cybersecurity and fraud prevention tools: antivirus, 2FA, encryption… These tools are easier to leverage than you might think, even for the less tech-savvy.
- Regularly review your credit reports: one of the earliest signs of identity theft will be suspicious financial activity. Credit monitoring can help flag inaccuracies and prevent further damage before it’s too late.
- Be mindful when handing out PII: any online or offline interaction that requires you to submit personally identifiable information (PII) should be carefully considered, whether it’s a social security number (SSN) or a copy of your passport, or even your full name on social media.
- Consider your relatives’ ID: criminals have been known to stoop as low as to steal children’s IDs to open credit lines in their name. Some parents take preventive action by freezing child credit reports.
How to Detect & Prevent Synthetic Identity Fraud
There’s no magic bullet when it comes to synthetic identity fraud detection. You’ll need a multi-layered approach, ideally combining several technologies that include robust device fingerprinting, data enrichment and digital footprint analysis.
Let’s look at exactly how SEON can help by breaking these down one by one:
With Device Fingerprinting
If fraudsters are successful once, they tend to target the same companies multiple times. The challenge for them isn’t to create hundreds or thousands of synthetic IDs; it’s to make it look like each of these is connecting to your site as a new and legitimate user.
A device fingerprinting module can identify those tools that a fraudster will use to spoof different users and devices to give off the appearance of unrelated shoppers. With it, you can instantly flag:
- proxy usage
- Tor connections
- VPN use
- strange browser setups
- suspicious hardware configuration
The key here is not just to focus your attention on strange configurations of software and hardware, but also to highlight connections between users.
By frictionlessly logging each device setup as a unique ID, you can notice patterns that could point to bot use, or assign fraud scores to individual IP addresses.
Once SEON’s platform has found several users that could be fake accounts of one criminal, the platform flags them in an easy to visualize format:
With Digital Footprint Analysis
Another highly successful technique to stop synthetic ID fraud? Online digital footprint analysis for fraud prevention.
This includes email and phone number analysis, to see if their details appear legitimate – but one of the most effective techniques is undoubtedly social and online platform lookup.
With a reverse email address or phone number search, you can see whether the user’s digital footprint looks legitimate.
SEON can check 50+ social media networks and online platforms and a growing number of platforms in emerging markets. This has three key benefits:
- You can use their social media profiles to confirm their identity.
- An absence of an online footprint may point to fraud.
- The types of social media networks users are subscribed to can also help with credit scoring.
- Granular information sourced, such as the number of Airbnb trips taken, can point to high-value customers or the exact opposite – high-risk customers.
With Behavior Analysis via Velocity Rules
Last but not least, it’s not just about looking at data points, but about understanding user behavior. This is particularly important for the more sophisticated attacks, and those perpetrated by money mules who use their real IDs.
At SEON, this is examined via custom rules, machine learning rules and velocity rules. These aren’t necessarily complex but can analyze a wide variety of data points, including timeframes.
Here are some examples:
- How quickly did the user go through the entire KYC process?
- How quickly did they complete the user authentication stage?
- Did they enter their social security number in one keystroke?
- How many times has a similar browser/hardware setup appeared in the last few days?
- How frequently does the user request to raise their credit limit?
Of course, the sky’s the limit with the kind of data you want to examine. But the key here is that you can identify suspicious behaviors, even from fraudsters who have already managed to infiltrate your platform.
A whitebox machine learning system is particularly adept at catching matching behavior from fraudsters who have passed the KYC stage.
If you are consistent in your reporting and use enough feedback mechanisms, you can begin understanding behavioral patterns that may point to the most undercover and sophisticated fraud.
What Kind of Stolen Data Is Used in Synthetic ID Fraud?
Identity theft and fraud go hand-in-hand. Criminals will stop at nothing to acquire records that help them create fake profiles. This includes stealing:
- Tax-related information: In the US especially, tax information from the IRS can be used to recover extra personal data.
- Medical identity theft: Medical information is also often used to apply for prescription drugs or to file insurance claims under someone else’s name.
- Child identity theft: Proof that fraudsters will stoop as low as they can: Children’s records are often used to apply for credit cards or online loans. This works because their credit scores are either high or nonexistent, and it will take many years before anyone realizes the information was compromised.
Synthetic ID Fraud Trends in 2023 & Beyond
This type of identity fraud is on the rise because fraudsters have access to a growing number of options and tools to access stolen identities and generate new, synthetic ones.
When Experian released its Future of Fraud Forecast in January 2023, it predicted that synthetic identity fraud – what the company calls the use of a “Frankenstein” identity – will continue to be a significant threat.
In fact, synthetic ID fraud is likely to be a mainstay over the years that follow 2023, especially when you consider the ease with which fraudsters can access resources that will help them carry out such a crime.
Let’s take a look at some examples of the fraud trends making synthetic ID fraud such a problem.
Data Breaches Mean IDs Are Easier to Source
Sourcing ID documents is child’s play for fraudsters. They can hop on the dark web and purchase huge lists from leaked databases, at surprisingly competitive rates.
Interestingly, existing email data breaches also help conduct passive identity verification at SEON.
However, as it leads to identity theft and identity fraud, such a data leak is likely to cause a vicious cycle of account takeovers, fake account openings, and a rise in the number of synthetic IDs.
More People Are Willing to Sell IDs
Adding to the challenge of widely available stolen documents, many people willingly sell or rent out their IDs in exchange for a fee.
Fraudsters offer to buy personal details or to borrow people’s bank accounts to enable synthetic identity fraud. Here are a few options:
- Money mules: A money mule is a person who transfers stolen money on behalf of others. This is also referred to as “smurfing” or “squaring”. Under 25s are particularly at risk. Money mules may find themselves complicit in money laundering schemes.
- Bank drop: A bank drop is the account that money mules will use to receive and transfer illicit funds.
- Rent-an-ID: In the underground economy, we’ve seen a proliferation of services that blatantly ask people to rent out their documents, in exchange for payment. Collaborators often realize once they’ve shared their fullz (their details), they can never stop criminals from using them, no matter what their agreement was.
The takeaway? 2023 continues to show that there’s no shortage of resources available to stitch together the perfect synthetic ID, tailored to defraud your online services.
What’s more, without the proper precautions in place, it will sadly continue indefinitely. In fact, the not-too-distant future can be outright unsettling to think of if our increasing reliance on biometrics can be exploited by fraudsters.
Consider, for example, that the IEEE (Institute of Electrical and Electronics Engineers) has already expressed its concerns about how biometric information that lands in the wrong hands could continue to help criminals to use deepfakes to trick authentication checks, approve unwanted payments, and more.
SEON is more than just a software solution, it is your business partner in fraud fighting
Book a Demo
The Rise of Fake ID Services
What if fraudsters run into heavier KYC checks in the form of document uploads?
This is barely an inconvenience. They can simply purchase a document from a forging service – which are plentiful, affordable, and surprisingly effective.
Can’t provide the right documentation? No problem. A growing number of clearnet services also photoshop IDs for fraudsters, helping them bypass KYC checks using photo IDs.
Better Detection With a Multi-Layered Approach
Criminals have access to a growing number of resources to create synthetic IDs. For targeted companies, it’s not enough to simply implement static ID checks and fraud rules, and leave them to run on autopilot.
However, you don’t have to waste all your resources on intensive manual reviews for identity proofing. Using sophisticated risk tech, you can combine tools to create a net that will filter out bad users, and only allow in those who will help your company reach its goals.
Frequently Asked Questions
If you notice strange payments on your statement or start receiving suspicious emails, it’s possible some of your ID documents have been stolen and used for synthetic IDs.
To create a synthetic identity, you need some kind of real document to begin with. It could be a name, address or social security number. The fraudster then modifies or tweaks the information for their need.
Synthetic IDs are harder to detect than made-up, completely fake IDs because they contain an element of truth (the person’s ID documents). This is why fraudsters use them to bypass KYC checks or for fraudulent transactions, among others.
You might also be interested in reading about:
- SEON: Best Fraud Detection Software
- SEON: Guide to Ecommerce Fraud Detection
- SEON: Digital Onboarding Solutions & Tools Guide
Learn more about:
Data Enrichment | Browser Fingerprinting | Fraud Detection API | Fraud Detection with Machine Learning & AI
Related Source for this article:
- BBC: I was a teenage ‘money mule’
- Federal Reserve: Synthetic ID Fraud in the US Payment System
- Comparitech: Identity theft facts & statistics: 2019-2022
- Experian: Experian’s 2023 Future of Fraud
- IEEE: DeepFake Detection for Human Face Images and Videos: A Survey
Showing all with `` tag
AML & CFT: Combating Money Laundering & Financial Terrorism Financing
What You Need to Know About KYC for Online Lending
How to Detect Money Laundering in Ecommerce
What Is Layering In Money Laundering & How Does It Work?
See a live demo of our product
Bence Jendruszák is the Chief Operating Officer and co-founder of SEON. Thanks to his leadership, the company received the biggest Series A in Hungarian history in 2021. Bence is passionate about cybersecurity and its overlap with business success. You can find him leading webinars with industry leaders on topics such as iGaming fraud, identity proofing or machine learning (when he’s not brewing questionable coffee for his colleagues).
Sign up for our newsletter
The top stories of the month delivered straight to your inbox