Synthetic Identity Fraud Explained

Introduction to synthetic identity fraud

Identity-based attacks are a type of cyberattack that leverage compromised identities to gain access to a system or network. These are eight of the most common types of identity-based attacks:

1. Phishing

2. Credential stuffing

3. Golden ticket attacks

4. Kerberoasting

5. Man-in-the-middle (MITM) attacks

6. Pass-the-hash attacks

7. Password spraying

8. Silver ticket attacks

They are difficult to detect, and are incredibly widespread. According to the Bureau of Justice Statistics, in 2021, approximately 23.9 million people in the U.S. experienced some form of identity theft. These attacks often only come to light when victims report the theft of their identities.

More recently, however, malicious actors have sidestepped the traditional methods of using an existing person’s information, turning instead to synthetic identity fraud. Synthetic identity fraud involves the integration of stolen and generated details to create synthetic identities. In this article, we’ll look at the nature and impact of synthetic identity fraud, along with prevention strategies.

What is synthetic identity fraud?

Traditionally, identity theft involves the appropriation and misuse of an existing person's identity. Synthetic identity fraud, on the other hand, involves constructing a fabricated identity that is a mash-up of both authentic and fabricated details. The resulting identity appears legitimate on paper but does not represent an actual person.

Fraudsters often build these synthetic identities over time. They establish credit histories and lay down financial footprints to make them appear more credible. Since this form of fraud doesn’t rely on stealing a single, existing identity, it is often more successful at evading traditional fraud detection measures.

What components typically go into a synthetic identity?

• Fabricated information, which can encompass entirely fictitious details, such as made-up names, addresses, or dates of birth.
• Real information, which often includes stolen or compromised data, such as driver's license numbers, social security numbers, or even legitimate addresses.

Combining fabricated and real information makes synthetic identities difficult to detect and trace, presenting a complex challenge for defenders.

Common methods of obtaining data

How do fraudsters gather the information they need to compose a synthetic identity? They often exploit vulnerabilities in data security and individual privacy:

• Data breaches: Large-scale data breaches expose vast amounts of personal information, which fraudsters then exploit to build synthetic identities.
• Social engineering: Fraudsters may manipulate individuals into divulging personal information through deceptive psychological tactics, leveraging motivators like love, money, and fear. 
• Social media: Bad actors leverage tools like social media to gather a plethora of information available from accounts that they can later exploit using social engineering tactics. 
• Dark web: Stolen data is often sold on the dark web, providing a ready source of information for creating synthetic identities.

Detection and prevention challenges

The nature of synthetic identities—with their complex blend of real and fabricated information—allows them to slip quietly into the financial ecosystem, often evading traditional fraud detection mechanisms. Synthetic identity fraud presents unique challenges in detection and prevention:

• Blending in: Synthetic identities are designed to mimic legitimate behaviors, making them difficult to distinguish from real identities.
• Credit building: Fraudsters may patiently build up a credit score for synthetic identities over time, making them appear more legitimate.
• Verification difficulties: Traditional verification methods often struggle to identify synthetic identities, as they may not trigger typical fraud alerts.

Impacts of synthetic identity fraud

Synthetic identity fraud can bring far-reaching consequences that ripple through various sectors of society. The impact of this crime extends beyond financial institutions. It also affects businesses, individuals, and even the overall trust in digital systems.

Financial losses

Financial institutions are often the primary victims, as synthetic identity fraud may lead to fraudulent loans or unpaid credit lines. Businesses also face losses from fraudulent transactions and chargebacks, impacting their operations and profitability.

Individuals whose real data make up part of a synthetic identity may also find themselves affected. They might be bound to debt cycles and struggle through credit disputes to repair their credit scores.

Reputation damage

Companies that fall prey to synthetic identity fraud will face more than just direct financial losses. They might also experience the following:

• Compromise of consumer trust
• Negative publicity
• Customer attrition
• A tarnished brand image

This kind of damage will negatively affect the company's market position and future growth.

Consumer confidence 

Consumer confidence—in financial institutions, online platforms, and digital transactions—will also take a hit. As fraud becomes more sophisticated and harder to detect, individuals may become wary of sharing personal information or engaging in online activities, and this hinders the growth of e-commerce and digital services. This erosion of trust can impact innovation and economic development, as businesses and consumers hesitate to embrace new technologies and services due to security concerns.

Strategies for combating synthetic identity fraud

Addressing synthetic identity fraud demands innovative and comprehensive strategies.

Advanced analytics 

Organizations can leverage AI/ML algorithms to analyze vast datasets, identifying subtle patterns and anomalies that often signal the presence of synthetic identities. Advanced analytics tools can examine transaction histories, credit applications, and behavioral data to flag suspicious activities, including:

• Unusually rapid credit building
• Inconsistent spending patterns
• The use of multiple identities with shared attributes

By learning and adapting continuously, these systems can detect evolving fraud tactics and improve the accuracy of identifying synthetic identities in real time.

Enhanced verification processes 

Implementing robust identity verification measures is essential to deterring synthetic identity fraud. Multi-factor authentication (MFA) requires users to present multiple forms of identification—not just a username and password. MFA significantly reduces the risk of unauthorized account access. 

Incorporating biometric authentication methods like fingerprint scanning or facial recognition can add an extra layer of security, making it harder for fraudsters to pose as legitimate users. However, biometrics may not prevent synthetic identities created solely for credit applications or financial fraud since these often bypass user-level authentication.

Where appropriate, stringent Know Your Customer (KYC) protocols require individuals to provide valid documentation and undergo thorough background checks, further impeding the utilization of synthetic identities.

Collaboration 

Synthetic identity fraud is a complex problem that transcends organizational boundaries. Therefore, collaboration among various stakeholders is important to combat this threat effectively. 

• Financial institutions can share data on suspicious activities and confirmed synthetic identities through secure platforms, thereby working collectively to expose fraudulent networks.
• Government agencies can provide access to authoritative data sources, such as birth records or social security numbers, to verify the authenticity of identities. 
• Businesses can contribute by sharing their fraud detection insights and experiences.

Fighting synthetic identity fraud with CrowdStrike 

Synthetic identity fraud involves intricate data manipulation and it’s a significant threat requiring a comprehensive defense. The repercussions of this new kind of fraud include financial losses, reputational harm, and a decline in consumer trust.

Combatting this threat requires organizations to understand the nuances of synthetic identity fraud so that they can implement robust countermeasures. Advanced analytics, stringent verification processes, and inter-organization collaboration all contribute to mitigating risk and ensuring the integrity of financial systems.

CrowdStrike's Falcon® Identity Protection provides a powerful solution. With its advanced, AI-native real-time data analysis and proactive prevention measures, Falcon Identity Protection can detect and block suspicious activities, thwarting fraudsters before they inflict damage. 

Additionally, CrowdStrike Falcon® Adversary OverWatch provides credential monitoring to identify compromised credentials on the dark web and for sale in underground markets. Then, with Falcon Identity Protection, the admin can automate a password reset, 2FA challenge, disable the account, and more so it all happens in real-time.