Tag: fraud defense

Debt collectors need to find, contact and work with people to collect on unpaid accounts. That can be challenging enough. But when synthetic identity fraud accounts are mixed into your collection portfolio, you'll waste resources trying to collect from people who don't even exist. What is synthetic identity fraud? Synthetic identity fraud happens when fraudsters mix real and fake identity information — such as a stolen Social Security number (SSN) with a fake name and date of birth — to create an identity. Fraudsters occasionally try to quickly create and use synthetic IDs to commit fraud. But these are often more complex operations, and the fraudsters spend months or years building synthetic IDs. They might then use or sell an identity once it has a thick credit file, matching identification documents and a robust social media presence. The resulting fraud can have a significant impact on lenders. By some estimates, annual synthetic fraud losses for consumer loans and credit cards could be as high as $11 billion.1 Total annual losses are likely even higher because organizations may misclassify synthetic fraud losses — or not classify them at all — and fraudsters also target other types of organizations, such as business lenders and medical care providers Recognizing synthetic identities and fraud losses Organizations can ideally detect and stop synthetic IDs at account opening. If a fraudster slips past the first line of defense, fraud detection tools that aren't tailored for synthetic identity fraud might not flag the account as suspicious. This is especially true when fraudsters make several on-time payments, mirroring a legitimate account holder's behavior, before stopping payments or busting out. Sometimes, these past-due accounts get sent to collections before being written off as a credit loss. That creates new issues. Debt management and collections systems can help collections departments prioritize outreach and minimize charge-offs. But if you add fraudulent accounts to the mix, you wind up throwing away your time and resources. Even when you properly classify these written-off accounts as fraud losses, it can be hard to distinguish between first-party fraud by a legitimate consumer and synthetic identity fraud losses. However, the distinction can be important for optimizing your credit risk strategy. Detection is the key to prevention Keeping synthetic fraud out of collection portfolios requires a multi-layered approach to fraud management. You need systems to help stop synthetic fraud at the front door and ongoing account monitoring throughout the customer lifecycle. You also want fraud solutions that use data from multiple sources to recognize synthetic identities, such as credit bureau, public records, consortium and behavioral data. Experian's industry-leading fraud and identity solutions Experian's synthetic identity fraud and identity resolution solutions make it a leader in the space. These include: Sure Profile™uses credit, public record and identity-specific data to create a composite history of a consumer's identity and generate a risk score. You can automate risk-based decisions based on the score, and you'll have access to the underlying Sure Profile attributes. CrossCore® is a cloud-based identity and fraud management platform that you can connect to Experian, third-party and internal tools to get a 360-degree view of your accounts throughout the customer lifecycle. Experian partners with the Social Security Administration to offer an electronic Consent Based Social Security Number Verification (eCBSV) service, which can help you determine if an SSN, name and date of birth match. It can be an important part of a step-up verification when risk signals indicate that an identity might not be legitimate. View our tip sheet to learn more about keeping fraudulent accounts out of your collection portfolio. Download now 1Experian (2022). Preventing synthetic identity fraud

In the first six months of 2021, there was $590 million in ransomware-related activity, which exceeds the value of $416 million reported for the entirety of 2020 according to the S. Treasury's Financial Crimes Enforcement Network. Constant economic pressure coupled with the ever-increasing volume of data online have created an environment that’s ripe for attacks, leaving businesses and consumers vulnerable to attacks and theft. What are ransomware attacks? Ransomware is a subset of malicious software, AKA malware, that either threatens to publish or block access to data or a computer system. It often takes the form of a cyberattack where criminals take over an organization’s computer network. Once they’ve assumed control, the hackers demand a ransom to restore access to the illicitly encrypted data. Additionally, ransomware attacks and data breaches are now becoming more closely linked, with sensitive data including employees’ personal information, HR records, and more being filtered out and distributed during or after the attack. In fact, Experian has found that 7 of 10 data breaches involve ransomware. The negative impact of ransomware attacks According to the Identity Theft Resource Center, the average ransom demand in 2021 was $5.3 million, a 518% increase from the 2020 average. Experian’s latest Data Breach Response Guide found that businesses were hit with ransomware attacks every 11 seconds in 2021. These attacks also take up to 20% longer to begin breach notifications, leaving businesses even more vulnerable. In addition to the monetary loss and the time spent responding to and recovering from the attack, businesses also stand to suffer reputational damage, because consumer sentiment is that companies are responsible for protecting data. Having a plan in place makes a sizeable impact though, with 90% of consumers being more forgiving of companies that had a response plan in place prior to a breach. How to protect against ransomware attacks Experian’s 2022 Future of Fraud Forecast predicts that ransomware will be a significant fraud threat for companies as fraudsters will look for a sizeable ransom to cede control and potentially steal data from the hacked company. Preparing for the possibility of an attack includes training your staff to spot the signs of a phishing attempt, having a response plan in place, and leveraging partner solutions. To learn more about how Experian helps businesses protect against the fallout of a ransomware attack, visit us, and be sure to read about our other Future of Fraud predictions about cryptocurrency and Buy Now, Pay Later fraud. Request a call Future of Fraud Forecast

Cryptocurrency scams are on the rise as digital currencies gain popularity. The decentralized nature of these currencies makes them equally attractive to both legitimate consumers and fraudsters. Businesses may find themselves in a difficult position as they seek to prevent cryptocurrency-related fraud and help protect consumers. What are cryptocurrency scams? Cryptocurrencies are virtual currencies often based on and secured by blockchain technology. However, this does not always translate into security for the individual consumer. Many individuals fall victim to either cryptocurrency investment scams or cryptocurrency theft. Cryptocurrencies are not yet well-regulated or backed by a sovereign entity, leaving consumers open to threats when purchasing funds. The deregulated nature of the currencies makes it easy for scammers to build what appear to be legitimate cryptocurrency projects before disappearing, similar to pump-and-dump stock schemes. Additionally, scammers will perpetrate romance or other relationship-based scams and convince the victim to send them funds in cryptocurrency form. Cryptocurrency theft follows a few traditional fraud patterns: The fraudster may use phishing or social engineering to steal credentials. A crime ring might leverage malware or keystroke loggers to do the same thing. A scammer might present a “reward” to an unsuspecting consumer and require access to their wallet in order to “gift” the reward. Scammers consistently find new ways to trick unsuspecting consumers, including a recent scam relying on QR codes to steal funds converted to cryptocurrency via an ATM. Other common scams utilize imposter websites, fake mobile apps, bad tweets, or scamming emails to steal information and funds. The impact of scams on consumers According to the FTC, investment cryptocurrency scam reports have skyrocketed, with nearly 7,000 people reporting losses totaling more than $80 million from October 2020 to March 2021, with a media loss of $1,900. In 2020 the Better Business Bureau Scam Tracker Risk Report ranked cryptocurrency scams as the seventh riskiest. In 2021, they jumped to the second riskiest scam. In Michigan alone 31 cryptocurrency scams were reported from January 2020 to March 2022, with reported loses from $350 all the way to $41,000. The impact of scams on businesses While the true impact of cryptocurrency scams on businesses is hard to measure, it’s easy to identify several areas for concern. First is the opportunity for the theft of personally identifiable information (PII) during a fraudulent cryptocurrency transaction. Once fraudsters have stolen funds, they may also funnel them through a legitimate business and turn them into a regulated form of currency for easy of use. Businesses with legitimate cryptocurrency interactions may also suffer from spoofed apps or websites, causing reputational damage when consumers are taken in by a scam. Preventing the fallout from scams As companies debate accepting cryptocurrency as a form of payment, it’s important to consider that funds may be stolen or accessed by a malicious party. One way to protect your organization is to have a strong device identification strategy that can help ensure the entity accessing an account and the funds within is the true owner. By layering in this protection with other fraud defenses, businesses can be better prepared as consumer payment preferences shift. Additionally, financial institutions and other organizations should keep consumers informed about how to protect their own data and signs of scams. To learn more about how Experian is helping businesses develop and maintain effective fraud and identity solutions, visit us or request a call. And keep an eye out for additional in-depth explorations of our Future of Fraud Forecast. Request a call Future of Fraud Forecast