Synthetic identity fraud is the term used to refer to the merging of factual information with fake information to create a unique identity that cybercriminals can freely exploit.
An example of factual information commonly used by cybercriminals would be Social Security numbers (SSNs) – especially SSNs of young children and the deceased, as these accounts are almost never verified. False information usually includes fake addresses, social media profiles, or all the relevant details needed to complete the financial application.
“By our estimates, synthetic identity fraud is the fastest-growing type of financial crime in the United States, accounting for ten to fifteen percent of charge-offs in a typical unsecured lending portfolio,” said global management consulting firm McKinsey & Company.
The ubiquity of social media is a major reason for the rise of synthetic identity fraud. People have abandoned their guards down and freely published their personal information online. Details such as birthplace, first car or first boyfriend or girlfriend are information that can be used to confirm one’s identity online.
Another activity being utilized by digital fraudsters is the simultaneous use of multiple identities. This allows the creation of multiple accounts and the ability to keep all of these accounts before they are detected.
There is also a successful dark-side tactic called bust-out fraud. Cybercriminals use synthetic identities for this activity to develop what appears to be a typical usage pattern and repayment history – and then “max out the card with no intention of paying the bill.”
Unfortunately, synthetic identity fraud is extremely difficult to detect and very hard to prevent. Because of its broad scope, consumers, businesses, financial institutions, and government agencies, it is very challenging for individual organizations to address the problem. All stakeholders must work together to address the financial burden of synthetic identity fraud in the U.S.
One way to prevent falling victim to synthetic identity fraud is to use very minimal personal information to complete an online transaction, and password managers that can keep passwords secure, as well as those that allow the user to know whether the page is genuine or not, should be used at all times.
For more information, read the original story in TechRepublic.