4 Ways Fraudulent Accounts Affect the Banking Industry

Fight the onslaught of fraudulent new accounts registration attempts and beat the fraudsters at their own game

fraudulent accounts

Some of the worst data breaches, recently, have exposed personally identifiable information (PII) of millions of customers across the globe to potential fraud. To make matters worse, not only are data breaches increasing in numbers, but are also becoming more sophisticated. They are the cause of one of the latest and biggest headaches besieging financial institutions globally—new account fraud.

The Identity Fraud Epidemic

Data breach, which rose 44.7% in 2017 over 2016, is one of the prime drivers fueling account fraud.1 Javelin’s 2018 Identity Fraud Study reveals that in 2017 identity frauds affected 16.7 million victims in the US, which included 1.3 million new victims.2 Fraudsters harvest personal details of customers including names, email addresses, phone numbers, credit card numbers, and social security numbers (SSNs) from these data breaches.

Of all the personally identifiable details of a customer, SSN is the most critical. This is because unlike credit card numbers that can be blocked as soon as a fraud is detected, or a phone number that can be changed, SSN has a life-long value and provides a much larger window of time to defraud the compromised customers. Fraudsters are also becoming more strategic in approach and sophisticated in their techniques. As such, they are now using these stolen SSNs and other synthetic details to open new fake accounts that can be used to facilitate synthetic frauds, laundering money, seeking loans, and launching other types of cyber attacks at an opportune time.

Even the fragmented pieces of customer details are a treasure chest for fraudsters. They use these identity elements along with fake details to build complete synthetic profiles of genuine looking customers and then use them to open new fraudulent accounts. For instance, using the available bits of stolen customer information—names and addresses—fraudsters open new fake utilities accounts, including electricity, gas, phone, and cable. While some of the utilities accounts may require SSNs, most don’t; and can be opened using just the names and addresses. The utilities bills are considered valid identification proofs and are readily accepted by banks to open new bank accounts.  Fake utilities accounts are, therefore, facilitating creation of fraudulent new bank accounts, which fraudsters use to commit serious financial crimes.

Stuffing the Coffers

Fraudsters are inflicting huge financial and reputational losses to businesses and customers alike, using multiple avenues to monetize their exploits.

  • Loans: Fraudsters are misusing the fake new accounts to seek loans. These can be any loans. However, an FTC report states that fraudsters are targeting student loans the most, probably because the credit requirements are comparatively lenient.3 In 2017, fraudulent student loans rose 121% over 2016, says FTC. The modus operandi is simple. A fraudster uses the good credit standing of the compromised customer to get approved for a loan. The credit standing does not really matter to the fraudster, as it is the customer that bears the brunt of high interest rates. Once the loan amount arrives in the new fake account, the fraudster escapes with the money, leaving the customer to repay the debt and interest, obliterating her financial life.
  • Credit Card Accounts: New accounts are often used to create new credit card accounts, as they are the easiest to open and can be monetized quickly. Pre-approved credit card emails sent to prospective customers from card-issuers are a treasure trove for fraudsters. When a card-issuer gets a filled-in application from a ‘customer’ with most of the information looking genuine, the card is issued. The genuine customer, on the other hand, is held responsible for payment of the outstanding bills. Non-payment or delayed payments can damage her credit rating and affect future lines of credits that are either not forthcoming or come at a much higher interest rate.
  • Instant Credit: Fraudsters also exploit stolen personal details of the customers to gain instant credit. All it takes to get instant credit is SSN and an identification proof. The fake new accounts help fraudsters to mimic genuine customers and get quick approvals, often taking lesser than 30 minutes.
  • Money laundering: One of the most vicious ways the new fake accounts are used is for money laundering to fund criminal enterprises such as drug cartels and global terrorists activities. Fraudsters route the stolen money to various countries through mule accounts. Money mules are usually ‘recruited’ by luring unsuspecting people through fake job postings and social media posts about quick money-making gigs. Once ‘recruited’, money mules are asked to withdraw the amount and wire it into a new account, keeping some portion of the money themselves.

What’s The Way Out?

To protect themselves and their customers from new account frauds, businesses must shut the door on fraud right at the registration stage.

Simility, a PayPal service, makes use of advanced technology and analytics to help businesses beat fraudsters at their own game. Simility’s state-of-the-art fraud detection platform uses superior machine learning models and next-generation device intelligence to nail the fraudsters while maintaining frictionless experience for genuine customers. Moreover, a verification of email or residential addresses, phone numbers, payment details, social security numbers, or social-media information against available real-world identities can help to build a series of data and history of a new user to reveal fraudulent and unethical practices. This also enables accurate identification of sleeper accounts as they become active.

With an ability to identify anomalies originating from different sources, quick and easy integration of relevant third-party data feeds, and monitoring accounts for high-risk transactions or session activity, Simility helps businesses to accurately detect fake IDs used for account registrations and reduce fake new account sign-ups in real time.

To know more on how the Simility solution can help you sieve out fraudulent account registration attempts and increase genuine new sign-ups, register now for the upcoming webinar Preventing new account fraud in a post-breach, digital world.

1. 2017 Data Breach Year-End Review, Identity Theft Resource Center, https://www.idtheftcenter.org/2017-data-breaches/.
2. 2018 Identity Fraud Study, Javelin Strategy & Research, https://www.javelinstrategy.com/press-release/identity-fraud-hits-all-time-high-167-million-us-victims-2017-according-new-javelin.
3. Consumer Sentinel Network Data Book 2017: Identity Theft Reports by Type, Federal Trade Commission, https://www.ftc.gov/policy/reports/policy-reports/commission-staff-reports/consumer-sentinel-network-data-book-2017/id-theft-reports-by-type. 
Kedar Samant

Kedar Samant

Kedar Samant is a seasoned technologist and a fraud and risk management expert. Kedar co-founded Simility and crafted the vision for Simility’s disruptive approach to fraud management. He has been key in establishing Similty’s product superiority and driving innovations. Kedar brings a wealth of experience from his prior stint at Google where he built the platform for fighting fraud and abuse across Google’s products. Prior to Google, he held technology leadership positions across industries including banking and online services.
Kedar Samant