As the fastest-growing financial crime in the United States, synthetic identity fraud bears a staggering $6 billion cost to banks.1 To perpetrate the crime, malicious actors leverage a combination of real and fake information to fabricate a synthetic identity, also known as a “Frankenstein ID.”2
It’s no secret that data breaches are increasing in prevalence—in fact, this year’s number of breaches could be record-breaking, according to a report by the Identity Theft Resource Center.3 Fraudsters have taken advantage of this recent surge to obtain exposed personally identifiable information (PII), such as Social Security numbers (SSNs). Accompanied by a false name, address, and date of birth, these stolen SSNs can be used to apply for and build credit.
While the first application is typically rejected, this request creates a credit profile associated with the synthetic identity, legitimizing it from the perspective of other institutions. Repeated applications eventually lead to success for the fraudster, allowing them to secure lines of credit that they never intend to pay back.
Some immediately cash out on this opportunity, but oftentimes, there’s a long play in which the fraudster will use the account responsibly to slowly increase their credit limit. In time, they’ll enact a “bust-out” and proceed to max out the line of credit, abandoning the identity and leaving creditors with the responsibility of writing off the loss. This charge-off, on average, amounts to $15,000.4
Lenders, however, are not the only victims of synthetic identity fraud. The people who the stolen SSNs belong to experience ramifications, with many of these victims being children; a study by Carnegie Mellon’s CyLab found that children’s SSNs are 51 times more likely to be used in synthetic identity theft.5 Other individuals who are unlikely to check their credit reports, such as the elderly and homeless populations, are also recurring targets.
The ability to create an unlimited number of identities, coupled with how challenging they are to detect, makes synthetic identity fraud a popular choice among cybercriminals. But despite its growing rate, synthetic identity fraud remains nearly impossible to flag during the application process.
If you’re interested in finding out why, check out the next installments of this series, where we’ll dive into what makes synthetic identity fraud so difficult to detect and how artificial intelligence and machine learning can be applied to detect this type of fraud.