It feels like a never-ending race and a battle to one-up one another: the battle against fraudsters. While the equipment we have to detect and prevent these fraudsters has been improving substantially over the previous decade, fraudsters always seem to find a way to get through eventually.
One of the latest tactics is synthetic identity fraud, a unique type of fraud in which fraudsters combine fake and legitimate information to create brand-new identities rather than just stealing someone else’s identity.
We’re not talking about a lone wolf hiding in their basement trying to make a quick grab at what they can, either. These are the actions of large-scale criminal organizations that know exactly what they’re up to. They are sophisticated, methodical and patient, and right now as many as 85% to 95% of synthetic identity fraudsters are easily slipping through risk detection systems that are failing to notice them.
According to GIACT Chief Experience Officer David Barnhardt, “They are doing the same things we are: always evolving their tactics to meet the newest technology and offers out there. Whenever a new thing in security comes along, they come out and see if they can beat it.” He went on to say, “When I was working in banking, we knew for certain that with any new initiative we rolled out, we would be attacked for six months and would have to tweak our approach every day. What they’ve learned is that they don’t have to rob a bank in person – they can do it with malware, make more money and get away with it.”
Synthetic Identity Fraud Is Rising
When looking into GIACT’s analysis, as much as $6 billion was stolen by synthetic fraudsters taking legitimate, personally-identifying information in 2016 alone, and that amount has been rising in the years since.
By establishing synthetic identities, fraudsters can open bank accounts and cards and act as if they’re legitimate customers, allowing them to make purchases slowly and quietly at first, sometimes for as long as a year while they build strong credit scores, before then going all out.
How to Defeat Synthetic Identity Fraud
It’s unfortunate, but there aren’t really any special ways to get rid of identity fraudsters. It would seem like, for now at least, they’re here to stay. What we do have, though, are tips and tricks for fighting fraud. Always remember though – the fraudsters are always thinking outside the box and always trying to get a step ahead. Therefore the industry has had to keep on its toes and come up with many creative ways of keeping ahead of the fraudsters.
Bernhardt also commented upon the advantages that fraudsters have. Should the levels of data breaches someday get down to 0, there’s always going to be data that fraudsters will find useful on social media. With this data, it’s possible that fraudsters could put together a functional profile from which they could commit synthetic identity fraud.
Ultimately, there’s no special answer to making this problem go away. We just need to remain vigilant and do all we can and continue to evolve to keep the fraudsters at bay while protecting the security of sensitive information.
Project Sand Dollar went live just two days after people across the Bahamas celebrated Christmas with a traditional dinner of baked ham, rice and peas, and potato salad. Central bank officials explained that although there is a
This specific group typically uses the most basic hacking tools combined with the software already present on their victims’ systems. Two-factor authentication is incredibly difficulty to bypass since it uses unique forms of identification. Fox-IT has stated that APT20 found a way, currently unknown, to compromise the 2FA for virtual private networks possibly via vulnerabilities in the the corporate and government enterprise application platform known as JBoss. Essentially, they found a way to bypass the credentials necessary to access their victim’s VPN accounts and the computer systems attached to those networks. APT20 then focused their efforts on locating and hacking additional linked systems that held the credentials necessary for them to find and retrieve additional private data. The attack was designed to help them find higher and higher levels of authentication to access higher and higher levels of information. For example, they targeted password managers/vaults and then used the passwords they found to continue their data search and retrieval. Once they were finished, they did everything possible to delete all footprints of their actions to prevent detection.
Even though online shopping accounted for a little less than 15% of the overall sales volume, it should be noted that the Cyber Monday shopping event continued to grow, particularly in the consumer electronics segment, which experienced a boost of 10.7% on a year-over-yer basis. Specialty apparel was the segment that shoppers expressed greater interest in compared to 2018, but even department stores posted a nice growth of 6.9% despite industry analysts warning that the heyday of American shopping malls is behind us.
According to security reasearcher Bob Diachenko, who discovered the unsecured Elasticsearch dabatase along with Comparitech, it may not have belonged to Facebook, rather a cybercriminal organization.
Year on year,
Having joined PayPal in 2013 after their purchase of his
Sign on to a processing partner where they provide outstanding training and support. You’ll need to not only learn their products inside and out, but you’ll also need marketing tools to get the word out. Your partner’s customer service has to be there for your merchants – otherwise, you know who will also be customer service. And, of course, they need to pay you what you deserve with expediency and transparency.