Tag: synthetic identity fraud

Today’s fast-paced, digital-first hiring environment calls for a more comprehensive approach to pre-employment screening. With growing pressure on employers and HR teams to make swift, accurate, and secure hiring decisions, having access to the tools and data to enhance efficiency and security is more important than ever. By evolving beyond traditional screening methods, background screeners can better meet these needs and deliver added value to their clients.  Fraud remains a significant challenge. In fact, fraud scams resulted in a staggering $485.6 billion in losses in 20231 — and hiring teams aren’t exempt from these risks. Fraudulent resumes, synthetic identities, and the risk of non-compliance with evolving regulations create a challenging landscape for pre-employment verifications. What if there was a way to make smarter, faster, and more secure hiring decisions? This article explores how background screeners can optimize pre-employment verification processes, reduce fraud risks, and ensure compliance — all while delivering a positive candidate experience. What is pre-employment screening? Employers conduct pre-employment screenings to thoroughly evaluate job candidates and make informed hiring decisions. It’s designed to verify key details about candidates, such as their identity, employment history, and references among others to assess their suitability for a role and ensure compliance with industry regulations. Enhancing traditional screening processes For decades, pre-employment background checks have been a cornerstone of the hiring process. While effective, many traditional methods face challenges in keeping up with the evolving demands of modern hiring. Delays in hiring: Background checks can oftentimes rely on manual processes, which could extend timelines leading to delays of days or even weeks. This not only slows down hiring cycles but can make it harder for employers to compete for top talent in a tight labor market. Errors and inaccuracies: Human errors, incomplete data, and inconsistencies across systems can lead to missed insights or red flags. Fraudulent activity: As hiring becomes increasingly digital, identity theft and synthetic identities present growing challenges to verifying candidate-provided data.  Regulatory challenges: With regulations like the Equal Employment Opportunity Commission (EEOC) and Fair Credit Reporting Act (FCRA), companies must navigate complex compliance requirements to avoid legal and financial repercussions. 1 in 3 HR professionals report losing top candidates due to slow pre-employment screening processes.2 These challenges highlight the opportunity to build on existing screening practices with tools that enhance speed, provide actionable insights and prevent fraud. Adapting to the evolving fraud landscape Employment fraud is becoming increasingly sophisticated, fueled by trends like the rise of remote work and digital applications. In fact, the employment sector accounted for 45% of all false document submissions in 2023, making it the most targeted industry for fraud.3 From fake references and degrees to synthetic identities created using stolen personal information, the risks are higher than ever. Synthetic identity fraud: This form of fraud — where fake identities are created by combining real and fabricated data — makes up more than 80% of all new account fraud.4 Fake credentials: Many candidates falsify qualifications or work histories to enhance their chances of securing a role. Compliance risks: Failure to verify candidate information accurately can result in legal penalties, brand reputation damage, or internal security breaches. Modernizing pre-employment screening The good news? Experian offers advanced solutions that complement existing screening processes, empowering background screeners to deliver more efficient, secure and reliable results for their clients looking to higher faster, and with greater confidence.  Gain a more holistic view of a candidate’s risk profile: Experian’s nationwide database contains files on more than 245 million credit-active consumers, providing the most current, accurate, and comprehensive information available in the industry. Conduct real-time identity verification: Leverage a range of identity verification solutions to authenticate and verify a candidate’s identity by accessing a breadth set of non-credit and credit data sources to create a robust social footprint that defines each consumer as unique individuals. Integrate advanced fraud detection: Powered by purpose-built analytics and machine learning algorithms, Experian’s fraud detection tools can detect synthetic identities, inconsistencies, and other red flags while ensuring a seamless candidate experience. Enhance compliance efforts: Experian’s solutions are designed to help businesses navigate complex compliance requirements with ease. Fraud prevention playbook in preemployment Uncover essential strategies for fraud prevention and identity verification in employment screening. Download now The pre-employment screening landscape is evolving, and staying ahead requires tools that enhance the efficiency and effectiveness of your processes. Experian’s advanced solutions are designed to complement your existing screening services, helping you reduce fraud risks, maintain compliant, and deliver data-driven insights that empower smarter hiring decisions. Get started today Ready to transform your pre-employment verification process with fraud mitigation and identity verification solutions? Explore our innovative solutions today. Learn more 1 Nasdaq finds scams led to $486 billion in losses in 2023, 2024. 2 Research reveals Candidates’ Frustrations with Hiring Process, 2024. 3 Employment Identity Fraud: Do You Know Who You’re Hiring, 2024. 4 Report: Synthetic identity fraud is growing, 2024.

A tale of synthetic ID fraud Synthetic ID fraud is an increasing issue and affects everyone, including high-profile individuals. A notable case from Ohio involved Warren Hayes, who managed to get an official ID card in the name of “Santa Claus” from the Ohio Bureau of Motor Vehicles. He also registered a vehicle, opened a bank account, and secured an AAA membership under this name, listing his address as 1 Noel Drive, North Pole, USA. This elaborate ruse unraveled after Hayes, disguised as Santa, got into a minor car accident. When the police requested identification, Hayes presented his Santa Claus ID. He was subsequently charged under an Ohio law prohibiting the use of fictitious names. However, the court—presided over by Judge Thomas Gysegem—dismissed the charge, arguing that because Hayes had used the ID for over 20 years, "Santa Claus" was effectively a "real person" in the eyes of the law. The judge’s ruling raised eyebrows and left one glaring question unanswered: how could official documents in such a blatantly fictitious name go undetected for two decades? From Santa Claus to synthetic IDs: the modern-day threat The Hayes case might sound like a holiday comedy, but it highlights a significant issue that organizations face today: synthetic identity fraud. Unlike traditional identity theft, synthetic ID fraud does not rely on stealing an existing identity. Instead, fraudsters combine real and fictitious details to create a new “person.” Think of it as an elaborate game of make-believe, where the stakes are millions of dollars. These synthetic identities can remain under the radar for years, building credit profiles, obtaining loans, and committing large-scale fraud before detection. Just as Hayes tricked the Bureau of Motor Vehicles, fraudsters exploit weak verification processes to pass as legitimate individuals. According to KPMG, synthetic identity fraud bears a staggering $6 billion cost to banks.To perpetrate the crime, malicious actors leverage a combination of real and fake information to fabricate a synthetic identity, also known as a “Frankenstein ID.” The financial industry classifies various types of synthetic identity fraud. Manipulated Synthetics – A real person’s data is modified to create variations of that identity. Frankenstein Synthetics – The data represents a combination of multiple real people. Manufactured Synthetics – The identity is completely synthetic. How organizations can combat synthetic ID fraud A multifaceted approach to detecting synthetic identities that integrates advanced technologies can form the foundation of a sound fraud prevention strategy: Advanced identity verification tools: Use AI-powered tools that cross-check identity attributes across multiple data points to flag inconsistencies. Behavioral analytics: Monitor user behaviors to detect anomalies that may indicate synthetic identities. For instance, a newly created account applying for a large loan with perfect credit is a red flag. Digital identity verification: Implement digital onboarding processes that include online identity verification with real-time document verification. Users can upload government-issued IDs and take selfies to confirm their identity. Collaboration and data sharing: Organizations can share insights about suspected synthetic identities to prevent fraudsters from exploiting gaps between industries. Ongoing employee training: Ensure frontline staff can identify suspicious applications and escalate potential fraud cases. Regulatory support: Governments and regulators can help by standardizing ID issuance processes and requiring more stringent checks. Closing thoughts The tale of Santa Claus’ stolen identity may be entertaining, but it underscores the need for vigilance against synthetic ID fraud. As we move into an increasingly digital age, organizations must stay ahead of fraudsters by leveraging technology, training, and collaboration. Because while the idea of Spiderman or Catwoman walking into your branch may seem amusing, the financial and reputational cost of synthetic ID fraud is no laughing matter. Learn more

Finding a reliable, customer-friendly way to protect your business against new account fraud is vital to surviving in today's digital-driven economy. Not only can ignoring the problem cause you to lose valuable money and client goodwill, but implementing the wrong solutions can lead to onboarding issues that drive away potential customers. The Experian® 2023 Identity and Fraud Report revealed that nearly 70 percent of businesses reported fraud loss in recent years, with many of these involving new account fraud. At the same time, problems with onboarding caused 37 percent of consumers to drop off and take their business elsewhere. In other words, your customers want protection, but they aren't willing to compromise their digital experience to get it. You need to find a way to meet both these needs when combating new account fraud. What is new account fraud? New account fraud occurs any time a bad actor creates an account in your system utilizing a fake or stolen identity. This process is referred to by different names, such as account takeover fraud, account creation fraud, or account opening fraud. Examples of some of the more common types of new account fraud include: Synthetic identity (ID) fraud: This type of fraud occurs when the scammer uses a real, stolen credential combined with fake credentials. For example, they might use someone's real Social Security number combined with a fake email. Identity theft: In this case, the fraudster uses personal information they stole to create a new scam account. Fake identity: With this type of fraud, scammers create an account with wholly fake credentials that haven't been stolen from any particular person. New account fraud may target individuals, but the repercussions spill over to impact entire organizations. In fact, many scammers utilize bots to attempt to steal information or create fake accounts en masse, upping the stakes even more. How does new account fraud work? New account fraud begins at a single weak security point, such as: Data breaches: The Bureau of Justice reported that in 2021 alone, 12 percent of people ages 16 or older received notifications that their personal information was involved in a data breach.1 Phishing scams: The fraudster creates an email or social media account that pretends to be from a legitimate organization or person to gain confidential information.2 Skimmers: These are put on ATMs or fuel pumps to steal credit or debit card information.2 Bot scrapers: These tools scrape information posted publicly on social media or on websites.2 Synthetic ID fraud: 80 percent of new account fraud is linked to synthetic ID fraud.3 The scammer just needs one piece of legitimate information. If they have a real Social Security number, they might combine it with a fake name and birth date (or vice versa.) After the information is stolen, the rest of the fraud takes place in steps. The fake or stolen identity might first be used to open a new account, like a credit card or a demand deposit account. Over time, the account establishes a credit history until it can be used for higher-value targets, like loans and bank withdrawals. How can organizations prevent new account fraud? Some traditional methods used to combat new account fraud include: Completely Automated Public Turing Tests (CAPTCHAs): These tests help reduce bot attacks that lead to data breaches and ensure that individuals logging into your system are actual people. Multifactor authentication (MFA): MFA bolsters users' password protection and helps guard against account takeover. If a scammer tries to take over an account, they won't be able to complete the process. Password protection: Robust password managers can help ensure that one stolen password doesn't lead to multiple breaches. Knowledge-based authentication: Knowledge-based authentication can be combined with MFA solutions, providing an additional layer of identity verification. Know-your-customer (KYC) solutions: Businesses may utilize KYC to verify customers via government IDs, background checks, ongoing monitoring, and the like. Additional protective measures may involve more robust identity verification behind the scenes. Examples include biometric verification, government ID authentication, public records analysis, and more. Unfortunately, these traditional protective measures may not be enough, for many reasons: New account fraud is frequently being perpetrated by bots, which can be tougher to keep up with and might overwhelm systems. Institutions might use multiple security solutions that aren't built to work together, leading to overlap and inefficiency. Security measures may create so much friction in the account creation process that potential new customers are turned away. How we can help Experian's fraud management services provide a multi-layered approach that lets businesses customize solutions to their particular needs. Advanced machine learning analytics utilizes extensive, proprietary data to provide a unique experience that not only protects your company, but it also protects your customers' experience. Customer identification program (CIP) Experian's KYC solutions allow you to confidently identify your customers via a low-friction experience. The tools start with onboarding, but continue throughout the customer journey, including portfolio management. The tools also help your company comply with relevant KYC regulations. Cross-industry analysis of identity behavior Experian has created an identity graph that aggregates consumer information in a way that gives companies access to a cross-industry view of identity behavior as it changes over time. This means that when a new account is opened, your company can determine behind the scenes if any part of the identity is connected to instances of fraud or presents actions not normally associated with the customer's identity. It's essentially a new paradigm that works faster behind the scenes and is part of Experian's Ascend Fraud Platform™. Multifactor authentication solutions Experian's MFA solutions utilize low-friction techniques like two-factor authentication, knowledge-based authentication, and unique one-time password authentication during remote transactions to guard against hacking. Synthetic ID fraud protection Experian's fraud management solutions include robust protection against synthetic ID fraud. Our groundbreaking technology detects and predicts synthetic identities throughout the customer lifecycle, utilizing advanced analytics capabilities. CrossCore® CrossCore combines risk-based authentication, identity proofing, and fraud detection into one cloud platform, allowing for real-time decisions to be made with flexible decisioning workflows and advanced analytics. Interactive infographic: Building a multilayered fraud and identity strategy Precise ID® The Precise ID platform lets customers choose the combination of fraud analytics, identification verification, and workflows that best meet their business needs. This includes machine-learned fraud risk models, robust consumer data assets, one-time passwords (OTPs), knowledge-based authentication (KBAs), and powerful insights via the Identity Element Network®. Account takeover fraud represents a significant threat to your business that you can't ignore. But with Experian's broad range of solutions, you can keep your systems secure while not sacrificing customer experience. Experian can keep your business secure from new account fraud Experian's innovative approach can streamline your new account fraud protection. Learn more about how our fraud management solutions can help you. Learn more References 1. Harrell, Erika. "Just the Stats: Data Breach Notifications and Identity Theft, 2021." Bureau of Justice Statistics, January 2024. https://bjs.ojp.gov/data-breach-notifications-and-identity-theft-2021 2. "Identity Theft." USA.gov, December 6, 2023. https://www.usa.gov/identity-theft 3. Purcell, Michael. "Synthetic Identity Fraud: What is It and How to Combat It." Thomson Reuters, April 28, 2023. https://legal.thomsonreuters.com/blog/synthetic-identity-fraud-what-is-it-and-how-to-combat-it/

This article was updated on March 4, 2024. If you steal an identity to commit fraud, your success is determined by how long it takes the victim to find out. That window gets shorter as businesses get better at knowing when and how to reach an identity owner when fraud is suspected. In response, frustrated fraudsters have been developing techniques to commit fraud that does not involve a real identity, giving them a longer run-time and a bigger payday.  That's the idea behind  synthetic identity (SID) fraud — one of the fastest-growing types of fraud.  Defining synthetic identity fraud Organizations tend to have different  definitions of synthetic identity fraud, as a synthetic identity will look different to the businesses it attacks. Some may see a new account that goes bad immediately, while others might see a longer tenured account fall delinquent and default. The qualifications of the synthetic identity also change over time, as the fraudster works to increase the identity’s appearance of legitimacy. In the end, there is no person to confirm that fraud has occurred, in the very best case, identifying a synthetic identity is inferred and verified. As a result, inconsistent reporting and categorization can make tracking and fighting SID fraud more difficult.  To help create a more unified understanding and response to the issue, the Federal Reserve and 12 fraud experts worked together to develop a definition. In 2021, the  Boston Federal Reserve  published the result, “Synthetic identity fraud is the use of a combination of personally identifiable information to fabricate a person or entity to commit a dishonest act for personal or financial gain."1 To break down the definition, personally identifiable information (PII) can include:  Primary PII:  Such as a name, date of birth (DOB), Social Security number (SSN) or another government-issued identifier. When combined, these are generally unique to a person or entity. Secondary PII:  Such as an address, email, phone number or device ID. These elements can help verify a person or entity's identity.   Synthetic identities are created when fraudsters establish an identity from scratch using fake PII. Or they may combine real and fake PII (I.e., a stolen SSN with a fake name and DOB) to create a new identity. Additionally, fraudsters might steal and use someone's SSN to create an identity - children, the  elderly  and incarcerated people are popular targets because they don't commonly use credit.4 But any losses would still be tied to the SID rather than the victim. Exploring the Impact of SID fraud The most immediate and obvious impact of SID fraud is the fraud losses. Criminals may create a synthetic identity and spend months  building up its credit profile, opening accounts and increasing credit limits. The identities and behaviors are constructed to look like legitimate borrowers, with some having a record of on-time payments. But once the fraudster decides to monetize the identity, they can apply for loans and max out credit cards before ‘busting out’ and disappearing with the money.  Aite-Novaric Group estimates that SID fraud losses totaled $1.8 billion in 2020 and will increase to $2.94 billion in 2024.2 However, organizations that do not identify SIDs may classify a default as a credit loss rather than a fraud loss.  By some estimates, synthetic identity fraud could account for up to 20 percent of loan and credit card charge-offs, meaning the annual charge-off losses in the U.S. could be closer to $11 billion.3 Additionally, organizations lose time and resources on collection efforts if they do not identify the SID fraud.  Those estimates are only for unsecured U.S. credit products. But fraudsters use synthetic identities to take out secured loans, including auto loans.   As part of schemes used to steal relief funds during the pandemic, criminals used synthetic identities to open demand deposit accounts to receive funds. These accounts can be used to launder money from other sources and commit peer-to-peer payment fraud. Deposit account holders are also a primary source of cross-marketing for some financial institutions. Criminals can take advantage of vulnerable onboarding processes for deposit accounts where there’s low risk to the institution and receive offers for lending products. Building a successful SID prevention strategy Having an effective SID prevention strategy is more crucial than ever for organizations. Aside from fraud losses, consumers listed identity theft as their top concern when conducting activities online. And while 92% of businesses have an identity verification strategy in place, 63% of consumers are "somewhat confident" or "not very confident" in businesses' ability to accurately identify them online. Read: Experian's 2023 Identity and Fraud Report Many traditional fraud models and identity verification methods are not designed to detect fake people. And even a step up to a phone call for verification isn't enough when the fraudster will be the one answering the phone. Criminals also quickly respond when organizations update their fraud detection methods by looking for less-protected targets. Fraudsters have even signed their SIDs up for social media accounts and apps with low verification hurdles to help their SIDs pass identity checks.5  Understand synthetic identity risks across the lifecycle  Synthetic Identities are dynamic. When lending criteria is tightened to synthetics from opening new accounts, they simply come back when they can qualify. If waiting brings a higher credit line, they’ll wait. It’s important to recognize that synthetic identity isn’t a new account or a portfolio management problem - it’s both.    Use analytics that are tailored to synthetic identity  Many of our customers in the financial services space have been trying to solve synthetic identity fraud with credit data. There’s a false sense of security when criteria is tightened and losses go down—but the losses that are being impacted tend to not be related to credit. A better approach to synthetic ID fraud leverages a larger pool of data to assess behaviors and data linkages that are not contained in traditional credit data.  You can then escalate suspicious accounts to require additional reviews, such as screening through the Social Security Administration's Electronic Consent Based SSN Verification (eCBSV) system or more stringent document verification.  Find a trusted partner  Experian's interconnected data and analytics platforms offer lenders turnkey identity and synthetic identity fraud solutions. In addition, lenders can take advantage of the risk management system and continuous monitoring to look for signs of SIDs and fraudulent activity, which is important for flagging accounts after opening. These tools can also help lenders identify and prevent other common forms of fraud, including account takeovers, e-commerce fraud, child identity theft fraud and elderly fraud. Learn more about our synthetic identity fraud solutions. Learn more 1Federal Reserve Bank (2021). Defining Synthetic Identity Fraud 2Aite Novarica (2022). Synthetic Identity Fraud: Solution Providers Shining Light into the Darkness 3Experian (2022). Preventing synthetic identity fraud 4The Federal Reserve (2022). Synthetic Identity Fraud: What Is it and Why You Should Care? 5Experian (2022). Preventing synthetic identity fraud 

Fraud and identity theft in the automotive industry continue to make headlines with the result bringing significant monetary losses for dealers. In 2022, more than 60% of automotive dealerships filed cases of identity theft losing three or more vehicles, with 84% saying there has been a noticeable increase in identity fraud since the pandemic. Even though dealers understand that fraud is on the rise, 66% stated they lacked adequate identity fraud protections [1]. In a recent episode of the Used Car Dealer Podcast, host Zach Klempf, spoke with Kanchana Sundaram, Experian's senior director of product and innovation for automotive, to discuss Fraud Protect, a new tool from Experian that helps dealers combat fraud. During the interview, Kanchana highlighted how dealers can use Fraud Protect to better identify potentially fraudulent behavior, without slowing down the sales process and still maintaining a positive experience for both them and the consumer. By leveraging the latest technology and advanced analytics, dealers are able to detect some of the most common fraud types that include: Third-party fraud: Fraudsters steal an individual’s identity to purchase a vehicle First-party fraud: A person knowingly misrepresents their identity or provides false information, often with the intention of not paying for the vehicle Synthetic identity fraud: Fraudsters create fake identities and build credit profiles over time before using them to finance a vehicle they do not intend to pay for The episode is now available across all major podcast platforms, click the link to watch: YouTube To learn more about Fraud Protect, visit Experian’s auto fraud prevention solutions webpage. For more information on the Used Car Dealer Podcast, visit https://www.sellyautomotive.com/podcast Facebook – @SellyAutomotive ‘X’ – @SellyAutomotive LinkedIn – @SellyAutomotive 1. https://www.elendsolutions.com/research/2022-Identity-Fraud-Survey-Report/

Spoiler alert: Gen AI is everywhere, including the top of Experian’s list of fraud trends 2024. “The speed and complexity of fraud attacks due to new technology and sophisticated fraudsters is leaving both businesses and consumers at risk in 2024,” said Kathleen Peters, chief innovation officer at Experian Decision Analytics in North America. “At Experian, we’re constantly innovating to deliver data-driven solutions to help our customers fight fraud and to protect the consumers they serve.” To deter fraudulent activity in 2024, businesses and consumers must get tactical for their fraud fighting strategies. And for businesses, the need for more sophisticated fraud protection solutions leveraging data and technology is greater than ever before. Experian suggests consumers and businesses watch out for these big five rounding out our fraud trends 2024. Generative AI: Generative AI accelerates DIY fraud: Experian predicts fraudsters will use generative AI to accelerate “do-it-yourself” fraud ranging from deepfake content – think emails, voice and video – as well as code creation to set up scam websites. A previous blog post of ours highlighted four types of generative AI used for fraud, including fraud automation at scale, text content generation, image and video manipulation and human voice generation. The way around it? Fight AI fraud with AI as part of a multilayered fraud prevention solution. Fraud at bank branches: Bank branches are making a comeback. A growing number of consumers prefer visiting bank branches in person to open new accounts or get financial advice with the intent to conduct safer transactions. However, face-to-face verification is not flawless and is still susceptible to human error or oversight. According to an Experian report, 85% of consumers report physical biometrics as the most trusted and secure authentication method they’ve recently encountered, but the measure is only currently used by 32% of businesses to detect and protect against fraud. Retailers, beware: Not all returns are as they appear. Experian predicts an uptick in cases where customers claim to return their purchases, only for the business to receive an empty box in return. Businesses must be vigilant with their fraud strategy in order to mitigate risk of lost goods and revenue. Synthetic identity fraud will surge: Pandemic-born synthetic identities may have been dormant, but now have a few years of history, making it easier to elude detection leading to fraudsters using those dormant accounts to “bust out” over the next year. Cause-related and investment deception: Fraudsters are employing new methods that strike an emotional response from consumers with cause-related asks to gain access to consumers’ personal information. Experian predicts that these deceptive cause-related methods will surge in 2024 and beyond. How businesses and consumers feel about fraud in 2024 According to an Experian report, over half of consumers feel they’re more of a fraud target than a year ago and nearly 70% of businesses report that fraud losses have increased in recent years. Business are facing mounting challenges – from first-party fraud and credit washing to synthetic identity and the yet-to-be-known impacts generative AI may have on fraud schemes. Synthetic identity fraud has been mentioned in multiple Experian Fraud Forecasts and the threat is ever growing. As technology continues to enhance consumers’ connectedness, it also heightens the stakes for various fraud attacks. As highlighted by this list of fraud trends 2024, the ways that fraudsters are looking to deceive is increasing from all angles. “Now more than ever, businesses need to implement a multilayered approach to their identity verification and fraud prevention strategies that leverages the latest technology available,” said Peters. Consumers are increasingly at risk from sophisticated fraud schemes. Increases in direct deposit account and check fraud, as well as advanced technologies like deepfakes and AI-generated phishing emails, put consumers in a precarious position. The call to action for consumers is to remain vigilant of seemingly authentic interactions. Experian can help with your fraud strategy To learn more about Experian’s fraud prevention solutions, please visit https://www.experian.com/business/solutions/fraud-management.  Download infographic Watch Future of Fraud webinar

This article was updated on February 12, 2024. The Buy Now, Pay Later (BNPL) space has grown massively over the last few years. But with rapid growth comes an increased risk of fraud, making "Buy Now, Pay Never" a crucial fraud threat to watch out for in 2024 and beyond. What is BNPL? BNPL, a type of short-term financing, has been around for decades in different forms. It's attractive to consumers because it offers the option to split up a specific purchase into installments rather than paying the full total upfront. The modern form of BNPL typically offers four installments, with the first payment at the time of purchase, as well as 0% APR and no hidden fees. According to an Experian survey, consumers cited managing spending (34%), convenience (31%), and avoiding interest payments (23%) as main reasons for choosing BNPL. Participating retailers generally offer BNPL at point-of-sale, making it easy for customers to opt-in and get instantly approved. The customer then makes a down payment and pays off the installments from their preferred account. BNPL is on the rise The fintech and online-payment-driven world is seeing a rise in the popularity of BNPL. According to Experian research, 3 in 4 consumers have used BNPL in 2023, with 11% using BNPL weekly to make purchases. The interest in BNPL also spans generations — 36% of Gen Z, 43% of Millennials, 32% of Gen X, and 12% of Baby Boomers have used this payment method. The risks of BNPL While BNPL is a convenient, easy way for consumers to plan for their purchases, experts warn that with lax checkout and identity verification processes it is a target for digital fraud. Experian predicts an uptick in three primary risks for BNPL providers and their customers: identity theft, first-party fraud, and synthetic identity fraud. WATCH: Fraud and Identity Challenges for Fintechs Victims of identity theft can be hit with charges from BNPL providers for products they have never purchased. First-party and synthetic identity risks will emerge as a shopper's buying power grows and the temptation to abandon repayment increases. Fraudsters may use their own or fabricated identities to make purchases with no intent to repay. This leaves the BNPL provider at the risk of unrecoverable monetary losses and can impact the business' risk tolerance, causing them to narrow their lending band and miss out on properly verified consumers. An additional risk lies with fraudsters who may leverage account takeover to gain access to a legitimate user's account and payment information to make unauthorized purchases. READ: Payment Fraud Detection and Prevention: What You Need to Know Mitigating BNPL risks Luckily, there are predictive credit, identity verification, and fraud prevention tools available to help businesses minimize the risks associated with BNPL. Paired with the right data, these tools can give businesses a comprehensive view of consumer payments, including the number of outstanding BNPL loans, total BNPL loan amounts, and BNPL payment status, as well as helping to detect and apply the relevant treatment to different types of fraud. By accurately identifying customers and assessing risk in real-time, businesses can make confident lending and fraud prevention decisions. To learn more about how Experian is enabling the protection of consumer credit scores, better risk assessments, and more inclusive lending, visit us or request a call. And keep an eye out for additional in-depth explorations of our Future of Fraud Forecast. Learn more Future of Fraud Forecast

This article was updated on November 9, 2023. Fraud – it’s a word that comes up in conversations across every industry. While there’s a general awareness that fraud is on the rise and is constantly evolving, for many the full impact of fraud is misunderstood and underestimated. At the heart of this challenge is the tendency to lump different types of fraud together into one big problem, and then look for a single solution that addresses it. It’s as if we’re trying to figure out how to un-bake a terrible cake instead of thinking about the ingredients and the process needed to put them together in the first place. This is the first of a series of articles in which we’ll look at some of the key ingredients that create different types of fraud, including first party, third party, synthetic identity, and account takeover. We’ll talk about why they’re unique and why we need to approach each one differently. At the end of the series, we’ll get a result that’s easier to digest. I had second thoughts about the cake metaphor, but in truth it really works. Creating a good fraud risk management process is a lot like baking. We need to know the ingredients and some tried-and-true methods to get the best result. With that foundation in place, we can look for ways to improve the outcome every time. Let’s start with a look at the best known type of fraud, third party. What is third-party fraud? Third-party fraud – generally known as identity theft – occurs when a malicious actor uses another person’s identifying information to open new accounts without the knowledge of the individual whose information is being used. When you consider first-party vs third-party fraud, or synthetic identity fraud, third-party stands out because it involves an identifiable victim that’s willing to collaborate in the investigation and resolution, for the simple reason that they don’t want to be responsible for the obligation made under their name. Third-party fraud is often the only type of activity that’s classified as fraud by financial institutions. The presence of an identifiable victim creates a high level of certainty that fraud has indeed occurred. That certainty enables financial institutions to properly categorize the losses. Since there is a victim associated with it, third party fraud tends to have a shorter lifespan than other types. When victims become aware of what’s happening, they generally take steps to protect themselves and intervene where they know their identity has been potentially misused. As a result, the timeline for third-party fraud is shorter, with fraudsters acting quickly to maximize the funds they’re able to amass before busting out. How does third-party fraud impact me? As the digital transformation continues, more and more personally identifiable information (PII) is available on the dark web due to data breaches and phishing scams. Given that consumer spending is expected to increase1, we anticipate that the amount of PII readily available to criminals will only continue to grow. All of this will lead to identity theft and increase the risk of third-party fraud. More than $43 billion in total losses was reported due to identity theft and fraud in the U.S. in 2022.2 Solving the third-party fraud problem We’ve examined one part of the fraud problem, and it is a complex one. With Experian as your partner, solving for it isn’t. Continuing my cake metaphor, by following the right steps and including the right ingredients, businesses can detect and prevent fraud. Third-party fraud detection and prevention involves two distinct steps. Analytics: Driven by extensive data that captures the ways in which people present their identity—plus artificial intelligence and machine learning—good analytics can detect inconsistencies, and patterns of usage that are out of character for the person, or similar to past instances of known fraud. Verification: The advantage of dealing with third-party fraud is the availability of a victim that will confirm when fraud is happening. The verification step refers to the process of making contact with the identity owner to obtain that confirmation and may involve identity resolution. It does require some thought and discipline to make sure that the contact information used leads to the identity owner—and not to the fraudster. In a series of articles, we’ll be exploring first-party fraud, synthetic identity fraud, and account takeover fraud and how a layered fraud management solution can help keep your business and customers safe and manage third-party fraud detection, first-party fraud, synthetic identity fraud, and account takeover fraud prevention. Let us know if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to create robust fraud prevention solutions. Contact us 1 Experian Ascend Sandbox 2 2023 U.S. Identity and Fraud Report, Experian.

Debt collectors need to find, contact and work with people to collect on unpaid accounts. That can be challenging enough. But when synthetic identity fraud accounts are mixed into your collection portfolio, you'll waste resources trying to collect from people who don't even exist. What is synthetic identity fraud? Synthetic identity fraud happens when fraudsters mix real and fake identity information — such as a stolen Social Security number (SSN) with a fake name and date of birth — to create an identity. Fraudsters occasionally try to quickly create and use synthetic IDs to commit fraud. But these are often more complex operations, and the fraudsters spend months or years building synthetic IDs. They might then use or sell an identity once it has a thick credit file, matching identification documents and a robust social media presence. The resulting fraud can have a significant impact on lenders. By some estimates, annual synthetic fraud losses for consumer loans and credit cards could be as high as $11 billion.1 Total annual losses are likely even higher because organizations may misclassify synthetic fraud losses — or not classify them at all — and fraudsters also target other types of organizations, such as business lenders and medical care providers Recognizing synthetic identities and fraud losses Organizations can ideally detect and stop synthetic IDs at account opening. If a fraudster slips past the first line of defense, fraud detection tools that aren't tailored for synthetic identity fraud might not flag the account as suspicious. This is especially true when fraudsters make several on-time payments, mirroring a legitimate account holder's behavior, before stopping payments or busting out. Sometimes, these past-due accounts get sent to collections before being written off as a credit loss. That creates new issues. Debt management and collections systems can help collections departments prioritize outreach and minimize charge-offs. But if you add fraudulent accounts to the mix, you wind up throwing away your time and resources. Even when you properly classify these written-off accounts as fraud losses, it can be hard to distinguish between first-party fraud by a legitimate consumer and synthetic identity fraud losses. However, the distinction can be important for optimizing your credit risk strategy. Detection is the key to prevention Keeping synthetic fraud out of collection portfolios requires a multi-layered approach to fraud management. You need systems to help stop synthetic fraud at the front door and ongoing account monitoring throughout the customer lifecycle. You also want fraud solutions that use data from multiple sources to recognize synthetic identities, such as credit bureau, public records, consortium and behavioral data. Experian's industry-leading fraud and identity solutions Experian's synthetic identity fraud and identity resolution solutions make it a leader in the space. These include: Sure Profile™uses credit, public record and identity-specific data to create a composite history of a consumer's identity and generate a risk score. You can automate risk-based decisions based on the score, and you'll have access to the underlying Sure Profile attributes. CrossCore® is a cloud-based identity and fraud management platform that you can connect to Experian, third-party and internal tools to get a 360-degree view of your accounts throughout the customer lifecycle. Experian partners with the Social Security Administration to offer an electronic Consent Based Social Security Number Verification (eCBSV) service, which can help you determine if an SSN, name and date of birth match. It can be an important part of a step-up verification when risk signals indicate that an identity might not be legitimate. View our tip sheet to learn more about keeping fraudulent accounts out of your collection portfolio. Download now 1Experian (2022). Preventing synthetic identity fraud

Banking uncertainty creates opportunity for fraud The recent regional bank collapses left anxious consumers scrambling to withdraw their funds or open new accounts at other institutions. Unfortunately, this situation has also created an opportunity for fraudsters to take advantage of the chaos. Criminals are exploiting the situation and posing as legitimate customers looking to flee their current bank to open new accounts elsewhere. Financial institutions looking to bring on these consumers as new clients must remain vigilant against fraudulent activity. Fraudsters also prey on vulnerable individuals who may be financially stressed and uncertain about the future. This creates a breeding ground for scams as fear and uncertainty cloud judgment and make people more susceptible to manipulation. Beware of fraudulent tactics Now, it is more important than ever for financial institutions to be vigilant in their due diligence processes. As they navigate this period of financial turbulence, they must take extra precautions to ensure that new customers are who they say they are by verifying customer identities, conducting thorough background checks where necessary, and monitoring transactions for any signs of suspicious activity. Consumers should also maintain vigilance — fraudulent schemes come in many forms, from phishing scams to fake investment opportunities promising unrealistic returns. To protect yourself against these risks, it is important to remain vigilant and take precautions such as verifying the legitimacy of any offers or investments before investing, monitoring your bank and credit card statements regularly for suspicious activity, and being skeptical of unsolicited phone calls, emails, or text messages. Security researcher Johannes Ulrich reported that threat actors are jumping at the opportunity, registering suspicious domains related to Silicon Valley Bank (SVB) that are likely to be used in attacks. Ulrich warned that the scammers might try to contact former clients of SVB to offer them a support package, legal services, loans, or other fake services relating to the bank's collapse. Meanwhile, on the day of the SVB closure, synthetic identity fraud began to climb from an attack rate of .57 to a first peak of 1.24% on the Sunday following the closure, or an increase of 80%. After the first spike reduced on March 14, we only saw a return of an even higher spike on March 21 to 1.35%, with bumps continuing since then. As the economy slows and fraud rises, don’t let your guard down The recent surge in third-party attack rates on small business and investment platforms is a cause for concern. There was a staggering nearly 500% increase in these attacks between March 7th and 11th, which coincided with the release of negative news about SVB. Bad actors had evidently been preparing for this moment and were quick to exploit vulnerabilities they had identified across our financial system. They used sophisticated bots to create multiple accounts within minutes of the news dropping and stole identities to perpetrate fraudulent activities. This underscores the need for increased vigilance and proactive measures to protect against cyber threats impacting financial institutions. Adopting stronger security measures like multi-factor authentication, real-time monitoring, and collaboration with law enforcement agencies for timely identification of attackers is of paramount importance to prevent similar fraud events in the future. From frictionless to friction-right As businesses seek to stabilize their operations in the face of market turbulence, they must also remain vigilant against the threat of fraud. Illicit activities can permeate a company's ecosystem and disrupt its operations, potentially leading to financial losses and reputational damage. Safeguarding against fraud is not a simple task. Striking a balance between ensuring a smooth customer experience and implementing effective fraud prevention measures can be a challenging endeavor. For financial institutions in particular, being too stringent in fraud prevention efforts may drive customers away, while being too lenient can expose them to additional fraud risks. This is where a waterfall approach, such as that offered by Experian CrossCore®, can prove invaluable. By leveraging an array of fraud detection tools and technologies, businesses can tailor their fraud prevention strategies to suit the specific needs and journeys of different customer segments. This layered, customized approach can help protect businesses from fraud while ensuring a seamless customer experience. Learn more

There’s an undeniable link between economic and fraud trends. During times of economic stress, fraudsters engage in activities specifically designed to target strained consumers and businesses. By layering risk management and fraud prevention tools, your organization can manage focus on growing safely. Download infographic Review your fraud strategy  

With fraud expected to surge amid uncertain economic conditions, fraudsters are preparing new deception techniques to outsmart businesses and deceive consumers. To help businesses prepare for the coming fraud threats, we created the 2023 Future of Fraud Forecast. Here are the fraud trends we expect to see over the coming year: Fake texts from the boss: Given the prevalence of remote work, there’ll be a sharp rise in employer text fraud where the “boss” texts the employee to buy gift cards, then asks the employee to email the gift card numbers and codes. Beware of fake job postings and mule schemes: With changing economic conditions, fraudsters will create fake remote job postings, specifically designed to lure consumers into applying for the job and providing private details like a social security number or date of birth on a fake employment application. Frankenstein shoppers spell trouble for retailers: Fraudsters can create online shopper profiles using synthetic identities so that the fake shopper’s legitimacy is created to outsmart retailers’ fraud controls. Social media shopping fraud: Social commerce currently has very few identity verification and fraud detection controls in place, making the retailers that sell on these platforms easy targets for fraudulent purchases. Peer-to-peer payment problems: Fraudsters love peer-to-peer payment methods because they’re an instantaneous and irreversible way to move money, enabling fraudsters to get cash with less work and more profit “As fraudsters become more sophisticated and opportunistic, businesses need to proactively integrate the latest technology, data and advanced analytics to mitigate the growing fraud risk,” said Kathleen Peters, Chief Innovation Officer at Experian Decision Analytics in North America. “Experian is committed to continually innovating and bringing solutions to market that help protect consumers and enable businesses to detect and prevent current and future fraud.” To learn more about how to protect your business and customers from rising fraud trends, download the Future of Fraud Forecast and check out Experian’s fraud prevention solutions. Future of Fraud Forecast Press Release

What is elder abuse fraud? Financial abuse is reportedly the fastest-growing form of elder abuse, leaving many Americans vulnerable to theft scams, and putting businesses and other organizations on the frontlines to provide protection and help prevent fraud losses.   Financial elder abuse fraud occurs when someone illegally uses a senior’s money or other property. This can be someone they know, or a third party – like fraudsters who are perpetrating romance scams Older consumers and other vulnerable digital newbies were prime targets for this type of abuse during the start of the pandemic when many of them became active online for the first time or started transacting in new ways. This made them especially attractive targets for social engineering (when a fraudster manipulates a person to divulge confidential or private information) and account takeover fraud. While most of us have become used to life online (in fact, there’s been a 25% increase in online activity since the start of the pandemic), some seniors still have risky habits such as poor password maintenance, that can make them more attractive targets for fraudsters. What is the impact of elder abuse fraud? According to the FBI’s Internet Crime Complaint Center (IC3), elder abuse fraud cost Americans over the age of 60 more than $966 million in 2020. In addition to the direct cost to consumers, elder abuse fraud can leave organizations vulnerable to the fallout from data breaches via account takeover, and lost time and money spent helping seniors and other vulnerable Americans recoup their losses, reset accounts, and more. Further, the victim may associate the fraud with the bank, healthcare provider, or other businesses where the account was taken over and decide to stop utilizing that entity all together. How can organizations prevent elder abuse fraud? Preventing elder abuse fraud can take many forms. Organizations should start with a robust fraud management solution that can help prevent account takeover, first-party, synthetic identity fraud, and more. This platform should also include the ability to use data analysis to detect and flag sudden changes in financial behavior, online activities, and transaction locations that could indicate abuse or takeover of the account. With the right fraud strategy in place, organizations can help prevent fraud and build trust with older generations. Given that 95% of Baby Boomers cite security as the most important aspect of their online experience, this step is too important to miss.   To learn more about how Experian is helping organizations develop and maintain effective fraud and identity solutions, be sure to visit us or request a call. Contact us  

Between social unrest across the globe, the lingering pandemic, and the digital transformation brought on by the health crisis, the fraud landscape has expanded dramatically for businesses and consumers alike. According to Experian’s latest global identity and fraud report, 93% of U.S. companies have mid-to-high concern for fraud, and 81% say that their worries about fraud have increased over the past 12 months. Monitoring unused or dormant accounts for fraud is often a warning directed at consumers. However, it’s now advice an increasing number of businesses are wishing they’d followed, as growing synthetic identity (SID) fraud is fueling a dramatic increase in losses—SID related charge-offs ballooned to $20 billion in 2021 alone, according to the Federal Reserve Bank of Boston. The threat of SIDs SIDs are made to look like an actual consumer, combining both real and fake data to form a new composite identity. They typically evolve using a combination of tactics that include: Identifying and creating relationships with businesses that have a high tolerance for identity discrepancies. These include businesses whose products expose the business to low fraud risk and/or products offered to market segments where identity verification is expected to be challenging. Either of these enable an SID to be planted among consumer data sources. Attaching the SID to existing accounts and relationships that belong to other consumers. Often these existing accounts were established by collusive criminals or by using other SIDs, but there are also ways for legitimate consumers to collect ‘rent’ in exchange for adding other consumers to existing accounts. Either approach improves the SID’s appearance of credit worthiness. Progressively building the SID’s independent ability to access larger and larger amounts of credit until they spend quickly and default on all obligations, leaving no one for the victimized businesses to pursue. “They’re difficult to identify because of the combination of real and fake data and because there’s no actual victim reporting an identity theft. As a result, businesses typically have trouble separating SID losses from credit losses,” said Chris Ryan, Experian’s go-to-market lead for fraud and identity. “SID fraud isn’t committed haphazardly.  It’s carefully planned and executed—and it adapts to policy changes. Some businesses change their underwriting policy or focus on early-lifecycle account activity like purchases, payments, and requests for additional credit to reduce SID losses that occur immediately after an account is opened. SIDs can adapt to this. If six months of responsible account behavior earns a credit line increase or the ability to spend large amounts in a single billing cycle, the perpetrators are willing to wait,” Ryan said. “It’s something businesses and lenders need to be on guard for, especially with the fast-paced holiday shopping season ahead,” he said. Addressing SIDs Solving the increasingly complex problem of SID fraud requires a thoughtful approach. The institutions seeing success at preventing multi-faceted fraud are using a layered approach to identifying and mitigating fraud. Here are three steps lenders can take today to prevent SID fraud across your portfolio: Use data and analytics that extend beyond credit to evaluate identities and their histories more completely. Apply those analytics across the lifecycle from marketing and origination to portfolio management recognizing that SID risk is not restricted to a single lifecycle stage. Have a rigorous verification process that escalates to document verification or the Social Security Administrations Electronic Consent Based SSN Verification (eCBSV) process For more information on how you can leverage a multi-layered approach to fraud in your business, visit our fraud and identity solutions hub or request a call to discuss customizing a solution for your company.

With consumers continuing to take a digital-first approach to everything from shopping to dating and investing, fraudsters are finding new and innovative ways to commit fraud. To help businesses anticipate and prepare for the road ahead, we created the 2022 Future of Fraud Forecast. Here are the fraud trends we expect to see over the coming year: Buy Now, Pay Never: Buy now, pay later lenders will see an uptick in identity theft and synthetic identity fraud. Beware of Cryptocurrency Scams: Fraudsters will set up cryptocurrency accounts to extract, store and funnel stolen funds, such as the billions of stimulus dollars swindled by criminals. Double the Trouble for Ransomware Attacks: Fraudsters will not only ask for a hefty ransom to cede control back to the companies they’ve hacked but also steal and leverage data from the hacked company. Love, Actually?: Romance scams will continue to see an uptick, with fraudsters asking victims for money or loans to cover fabricated travel costs, medical expenses and more. Digital Elder Abuse Will Rise: Older consumers and other vulnerable digital newbies will be hit with social engineering and account takeover fraud. “Businesses and consumers need to be aware of the creativity and agility that fraudsters are using today, especially in our digital-first world,” said Kathleen Peters, Chief Innovation Officer at Experian Decision Analytics in North America. “Experian continues to leverage data and advanced analytics to develop innovative solutions to help businesses prevent fraudulent behavior and protect consumers.” To learn more about how to protect your business and customers from rising fraud trends, download the Future of Fraud Forecast and check out Experian’s fraud prevention solutions. Future of Fraud Forecast Read Press Release