This post comes from Bob Sullivan at partner site Credit.com.
Digital criminals inventing and exploiting identities out of thin air, rather than impersonating real consumers, are a fast-growing menace, according to a new report from fraud-fighting firm ID Analytics.
This relatively new form of identity fraud, called synthetic identity fraud, involves criminals using random Social Security numbers, mismatched names and birthdays, and other personal characteristics that they slowly nurture into full-blown identities that can be used to obtain credit cards, cellphones and more.
Fraud rates for this kind of crime are up more than 100 percent since 2010, ID Analytics says in its white paper, “The Long Con: Analysis of Synthetic Identities.”
The firm found that fully 2 percent of the applications for credit cards and cellphone accounts used invented identities.
While consumers don’t end up with impersonators from this crime, they certainly can suffer from collateral damage. A criminal picking a random Social Security number might unintentionally victimize the number’s rightful user, for example.
“The truth is it’s just not that hard to create synthetic identities,” said Stephen Coggeshall, chief analytics and science officer at ID Analytics. “Synthetic identity fraud is a significant and growing problem as fraudsters continue to find new ways to commit crimes despite technological advances.”
Synthetic fraud is tricky to discover because there often is no victim to cry foul. When a criminal uses a stolen credit card to make a fraudulent purchase, the cardholder is often the first to know, and to report the crime. That line of defense is nonexistent in synthetic fraud.
Making matters worse: Rules that changed the way new Social Security numbers are issued have made life easier for these criminals. Until 2011, SSNs were issued using a distinct (and predictable) pattern, and the Social Security Administration would publish blocks of numbers that had been issued, making validity checks easy. Now the numbers are generated randomly, making verification distinctly more difficult.
“Before 2011 we could look at an SSN we’d never seen before and we could tell immediately if it was valid, if it had really been issued,” Coggeshall said. “The change in the way numbers are issued plugged some holes but opened up others.”
In a dramatic example of the places synthetic fraud is wreaking havoc, ID Analytics said it worked with an unnamed state tax agency recently and found that over the span of three years, roughly 1.4 percent of the tax return population appeared to be synthetic. These synthetic identities were used to obtain tax refunds totaling $20 million.