Understanding and Preventing Synthetic Identity Fraud
Created By: Ann Davidson, Vice President of Risk Consulting Allied Solutions, LLC
Phishing scams, data breaches, hacks and physical theft are just a few of the techniques cybercriminals use to steal consumers’ private information. Synthetic identity fraud is one type of fraud tactic that financial institutions need to be on the lookout for. In these cases, the fraudsters create a “synthetic” identity that combines fabricated information with stolen consumer information, such as names, birthdays, Social Security numbers and/or addresses. This synthetic identity is then used to fraudulently open new credit cards, debit cards or loans with the aim of racking up as much money as possible once the funds from these accounts are available to them.
The key to preventing synthetic identity fraud attacks like this one is to adopt strong authentication requirements for any new account, loan, or card opening requests, whether online or in the branch. This is going to be especially important this year, as there will be a lift in fraud attempts resulting from the devastating amount of consumer data that was compromised during last year’s Equifax breach.
Synthetic identity Fraud Prevention checklist:
- Use multiple layers of authentication to validate the identity of a consumer requesting to open an account online or in a branch. Request information aside from what was compromised during the Equifax breach.
- Many of your consumers’ social security numbers may have been exposed during the breach, so don’t rely solely on social security numbers to authenticate a consumer’s identity.
- Consider performing additional authentication layers prior to offering/selling products or services to the new consumer.
- Advise your consumers to shred/destroy documents with any personal or financial information and to never share these documents with anyone.
- Educate employees and consumers about social engineering & phishing scams, and advise that they take extra caution when receiving a phone call or email that asks for any personal or financial information.
- Consider performing a test mailing to the address used by the new consumer to help authenticate your new consumer. Have a timeframe on this before you offer any new products or services.
- When obtaining a credit report on a new consumer, review it closely for any oddities that may indicate identity theft or synthetic identity theft.
- If fraud is suspected, let your consumers know they can place a credit freeze at the credit bureaus to prevent further credit requests performed without their consent.
- Advise that your consumers use complex passwords to prevent access to their online accounts.
- Tell your staff and consumers to monitor accounts on a daily basis to watch for any unauthorized or suspicious activity.
Scammers will stop at nothing to get your consumers’ information. To effectively thwart their attempts, you and your consumers will need to stay vigilant about the ways in which you protect private information to keep these cybercriminals at bay and reduce these fraud exposures.
Sign-up for Allied's newsletter to receive ongoing insights and education on various fraud and security related topics.
This checklist is for informational purposes only and is not to be considered legal advice.
Allied Solutions is the NAFCU Services Preferred Partner for Insurance- Bond, Creditor Placed (CPI), Guaranteed Asset Protection (GAP), and Mechanical Breakdown Protection (MBP). More educational resources and partner contact information are available at www.nafcu.org/allied. Sign up for Allied Solutions’ newsletter to receive ongoing education on collateral and compliance risk management.