If people weren’t worried enough about protecting their identities, now comes “synthetic identity fraud,” the Frankenstein monster of ID theft where crooks cobble together bits and pieces of different people’s identities to pull off their crimes.
“One example of how it works is when a thief will take your Social Security number and blend it with someone else’s address and a fake name to create a fictitious identity,” says Stephen Hyduchak, CEO of Aver (www.goaver.com), an identity-verification service.
Synthetic identity fraud isn’t really new, but it’s been growing rapidly in the last few years to become the fastest-growing financial crime. While these identity thieves can use an adult’s Social Security number, they often target children because they aren’t currently using their Social Security numbers and likely won’t discover the subterfuge until the day, several years from now, when they accept their first summer job or apply for a credit card.
“The thieves will use these manufactured identities to apply for government benefits, open bank and credit card accounts, apply for loans or utility services, or even rent a place to live,” Hyduchak says.
And, unfortunately, many banks and businesses aren’t doing a good job of making sure they are actually dealing with who they think they are dealing with, he says. As a result, Equifax reports that synthetic identification fraud now accounts for 80% of all credit card fraud losses, and nearly one-fifth of credit card charge-offs.
Hyduchak says there are steps consumers can take to protect themselves and their identities, such as avoid using debit cards whenever possible and don’t put their date of birth and place of birth on social media.
With synthetic ID fraud, though, the onus largely falls on businesses, which need to do a better job of protecting their customers, he says.
Hyduchak says there are a few clues that could indicate to businesses something is amiss with the person they are dealing with:
Criminals often use common male names. In the United States, for example, you can’t get more common than a name like John Smith, and fraudsters use that to their advantage because it’s hard to distinguish people with common names from each other, Hyduchak says. “Using the data and statistics to play the odds, the criminals use this to trick reports,” he says.
Fraudsters don’t have much social footprint. Hyduchak says his team has noticed that fraudsters usually don’t take the time to build much of a social media profile with their fake identifications. “Linkedin profiles with less than two work histories and no college experience are immediate flags,” he says. “Many do not even have a social media profile of any nature.”
Applications lack birthdates. In some cases, identity thieves don’t like to give definitive birthdates. “That’s because a search of the common name they are impersonating turns up a lot of individuals with the same name, meaning the ages are all over the map,” Hyduchak says. “The bad actors try to play the odds and hope to get through compliance systems.”
Name and email addresses don’t match. Most adults use an email address that is some variation of their first and last names, perhaps with a number or a middle initial added if someone else already had the email address. “When a name does not match the email, it is something else that is a flag for identity fraud,” Hyduchak says.
“Even though each of these pieces can be ambiguous and subjective, they can be a strong indicator of fraud,” Hyduchak says. “It’s imperative that banks and businesses have some sort of identity-verification system in place to protect both themselves and their customers.”