What is Account Takeover Fraud and How Can You Mitigate the Risk?

A new reality for screening providers Everything about the candidate checked out. Their resume reflected the right experience. Their references confirmed it. The background screening process came back clean. From outside, there was no reason to hesitate. So, the company didn’t.  But within weeks, small inconsistencies began to surface. The employee struggled in ways that didn’t match their credentials. Follow-up questions led to vague answers. Eventually, a deeper review uncovered the issue; this wasn’t just a case of exaggeration. It was candidate fraud. And increasingly, it’s not just individuals acting alone.  In a widely reported scheme, foreign operatives posed as legitimate remote IT workers, using stolen identities and AI-assisted interviews to secure jobs at major Fortune 500 companies. Once hired, access was handed off, allowing bad actors to infiltrate corporate systems and generate millions in illicit revenue. In one case, a single individual funneled over $17 million to a foreign operation. These weren’t obvious scams. The candidates passed interviews. They cleared checks. And that’s exactly the point. For background screening and verification providers, this shift presents both a challenge and an opportunity. As candidate fraud becomes more sophisticated, your clients are no longer just looking to verify records – they’re looking to trust identity itself, and they’re looking to you to help them do it. The assumption that no longer holds For decades, hiring has relied on a simple premise: verify the records, resume, and you can trust the candidate. That model worked when identity was easier to validate in person. But in today’s digital-first hiring environment, identity can oftentimes be asserted, not proven. At the same time, identity-based fraud is accelerating. Synthetic identity fraud alone accounts for billions in annual losses, and employers are increasingly encountering candidates whose identities are far more difficult to validate than their resumes. This creates a critical disconnect: Organizations are still verifying records, but those records may be tied to identities that were never legitimate to begin with. Increasingly, they’re turning to their screening partners to close that gap. The reality of candidate fraud 31% of employers have interviewed candidates using a false identity Only 19% feel confident they can detect fraud in hiring 1 in 4 companies report losses of$50K+from fraudulent hires Why candidate fraud is getting harder to see The nature of candidate fraud has fundamentally changed. At one end of the spectrum, companies are still dealing with candidates who falsify resumes, costing businesses time and money when the truth comes to light later. But at the other end, the threat has escalated dramatically. Coordinated fraud rings are now using stolen identities and AI-assisted interviews to place individuals into remote roles, sometimes without ever revealing their identity. And this isn’t slowing down. According to Gartner, by 2028, 1 in 4 candidates could be fake, driven by AI, remote hiring, and identity manipulation. For screening providers, this introduces a new level of complexity. The challenge is no longer just delivering verified records; it’s helping clients surface risks that traditional screening processes were not designed to identify. What traditional screening still gets right None of this diminishes the importance of pre-employment screening. Verifying employment history, education, and background remains a critical part of responsible hiring, and it should. But even the most thorough screening process is designed to answer a specific question: Do the records align with the identity provided? What it does not answer is the question that matters most now: Is that identity real? That gap between record verification and identity validation is where modern fraud operates. And it represents an opportunity for screeners to expand their role from record validation to helping enable stronger identity confidence. The cost of believing everything is working When fraud moves through the hiring process undetected, the consequences aren’t always immediate, but they can be significant. There are financial risks, compliance exposure and potential access to sensitive systems. But there’s also a more subtle —and often overlooked — impact: The assumption that existing processes are working as intended. When fraudulent candidates pass through screening, it reinforces confidence in processes that may not be equipped for today’s threat landscape. Over time, that false sense of security can become a vulnerability. From screening provider to strategic partner As hiring evolves, so do expectations. Employers are no longer just looking for faster background checks - they’re looking for greater confidence in who they’re hiring. This shift creates an opportunity for screening providers to move upstream in the hiring process. By introducing identity verification earlier in the workflow, providers can help clients detect candidate fraud sooner, reduce downstream risk, and strengthen the integrity of hiring decisions.  More importantly, it allows providers to differentiate their offerings in an increasingly competitive market, shifting from a transactional service to a more strategic capability. A shift in thinking: Identity before everything else To address modern candidate fraud, organizations don’t just need better tools; they need a different starting point. Instead of beginning with records, leading providers are beginning with identity. They are asking a more fundamental question earlier in the process:  Is this person who they say they are? Is this person a real, consistent and verifiable person? When that foundation is established, everything that follows becomes more meaningful. Background checks become more reliable. Verification becomes more consistent. And the ability to detect candidate fraud improves, not because the process is longer, but because it’s more informed. In this model, identifying potential fraud becomes proactive rather than reactive. Why identity verification matters more now than ever The shift to remote and digital hiring hasn’t just changed how companies hire – it’s changed how fraud occurs. Today, a significant portion of fraudulent activity targets the employment process, making it a key point of exposure for identity misuse. In fact, 45% of all false document submissions now occur in the employment sector. In many cases, candidates who falsify information still progress through hiring workflows. A study revealed that 70% of candidates who falsify information still get hired. This reinforces today’s reality: Fraud is no longer slipping through the cracks; it’s moving through the front door. How Experian helps close the identity gap Experian® helps background screeners and verification providers bridge the gap between who a candidate claims to be and who they are. By combining identity verification, fraud detection, and verification solutions, Experian enables providers to enhance their existing solutions – without disrupting their workflows. This allows you to extend your value beyond traditional screening, help clients detect candidate fraud earlier, and strengthen confidence in hiring outcomes.   The result is not just better screening, it’s a stronger strategic position in your clients’ hiring ecosystem, one that reduces risk while improving speed and confidence. Candidate fraud isn’t an edge case anymore. It reflects a broader shift in how identity works in a digital world. And while traditional screening remains essential, it may not be sufficient on its own. Because if identity is uncertain, every subsequent check is built on unstable ground. But when identity is established earlier in the process, everything that follows becomes more dependable. Don’t just verify the candidate records, verify the identityLearn how Experian helps screening providers embed identity verification at the start of the hiring journey to help detect candidate fraud earlier, reduce risk, and strengthen screening outcomes.  Explore Experian’s Fraud Prevention Playbook for Pre-Employment Screening FAQs

Fraud is evolving faster than ever, driven by digitalization, real-time payments and increasingly sophisticated scams. For Warren Jones and his team at Santander Bank, staying ahead requires more than tools. It requires the right partner. The partnership with Santander Bank began nearly a decade ago, during a period of rapid change in the fraud and banking landscape. Since then, the relationship has grown into a long-term collaboration focused on continuous improvement and innovation. Experian products helped Santander address one of its most pressing operational challenges: a high-volume manual review queue for new account applications. While the vast majority of alerts in the queue were fraudulent and ultimately declined, a small percentage represented legitimate customers whose account openings were delayed. This created inefficiencies for staff and a poor first impression of genuine applicants. We worked alongside Santander to tackle this challenge head-on, transforming how applications were reviewed, how fraud was detected and how legitimate customers were approved. In addition to fraud prevention, implementing Experian's Ascend PlatformTM, with its intuitive user experience and robust data environment, has unlocked additional value across the organization. The platform supports multiple use cases, enabling collaboration between fraud and marketing teams to align strategies based on actionable insights. Learn more about our Ascend Platform

For lenders, the job has never been more complex. You’re expected to protect portfolio performance, meet regulatory expectations, and support growth, all while fraud tactics evolve faster than many traditional risk frameworks were designed to handle. One of the biggest challenges of the job? The line between credit loss and fraud loss is increasingly blurred, and misclassified losses can quietly distort portfolio performance. First-party fraud can look like standard credit risk on the surface and synthetic identity fraud can be difficult to identify, allowing both to quietly slip through decisioning models and distort portfolio performance. That’s where fraud risk scores come into play. Used correctly, they don’t replace credit models; they strengthen them. And for credit risk teams under pressure to approve more genuine customers without absorbing unnecessary losses, understanding how fraud risk scores fit into modern decisioning has become essential. What is a fraud risk score (and what isn’t it) At its core, a fraud risk score is designed to assess the likelihood that an applicant or account is associated with fraudulent behavior, not simply whether they can repay credit. That distinction matters. Traditional credit scores evaluate ability to repay based on historical financial behavior. Fraud risk scores focus on intent and risk signals, patterns that suggest an individual may never intend to repay, may be manipulating identity data, or may be building toward coordinated abuse. Fraud risk scores are not: A replacement for credit scoring A blunt tool designed to decline more applicants A one-time checkpoint limited to account opening Instead, they provide an additional lens that helps credit risk teams separate true credit risk from fraud that merely looks like credit loss. How fraud scores augment decisioning Credit models were never built to detect fraud masquerading as legitimate borrowing behavior. Consider common fraud scenarios facing lenders today: First-payment default, where an applicant appears creditworthy but never intends to make an initial payment Bust-out fraud, where an individual builds a strong credit profile over time, then rapidly maxes out available credit before disappearing Synthetic identity fraud, where criminals blend real and fabricated data to create identities that mature slowly and evade traditional checks In all three cases, the applicant may meet credit criteria at the point of decision. Losses can get classified as charge-offs rather than fraud, masking the real source of portfolio degradation. When credit risk teams rely solely on traditional models, the result is often an overly conservative response: tighter credit standards, fewer approvals, and missed growth opportunities. How fraud risk scores complement traditional credit decisioning Fraud risk scores work best when they augment credit decisioning. For credit risk officers, the value lies in precision. Fraud risk scores help identify applicants or accounts where behavior, velocity or identity signals indicate elevated fraud risk — even when credit attributes appear acceptable. When integrated into decisioning strategies, fraud risk scores can: Improve confidence in approvals by isolating high-risk intent early Enable adverse-actionable decisions for first-party fraud, supporting compliance requirements Reduce misclassified credit losses by clearly identifying fraud-driven outcomes Support differentiated treatment strategies rather than blanket declines The goal isn’t to approve fewer customers. It’s to approve the right customers and to decline or treat risk where intent doesn’t align with genuine borrowing behavior. Fraud risk across the credit lifecycle One of the most important shifts for credit risk teams is recognizing that fraud risk is not static. Fraud risk scores can deliver value at multiple stages of the credit lifecycle: Marketing and prescreen: Fraud risk insights help suppress high-risk identities before offers are extended, ensuring marketing dollars are maximized by targeting low risk consumers. Account opening and originations: Real-time fraud risk scoring supports early detection of first-party fraud, synthetic identities, and identity misuse — before losses are booked. Prequalification and instant decisioning: Fraud risk scores can be used to exclude high-risk applicants from offers while maintaining speed and customer experience. Account management and portfolio review: Fraud risk doesn’t end after onboarding. Scores applied in batch or review processes help identify accounts trending toward bust-out behavior or coordinated abuse, informing credit line management and treatment strategies. This lifecycle approach reflects a broader shift: fraud prevention is no longer confined to front-end controls — it’s a continuous risk discipline. What credit risk officers should look for in a fraud risk score Not all fraud risk scores are created equal. When evaluating or deploying them, credit risk officers should prioritize: Lifecycle availability, so fraud risk can be assessed beyond originations Clear distinction between intent and ability to repay, especially for first-party fraud Adverse-action readiness, including explainability and reason codes Regulatory alignment, supporting fair lending and compliance requirements Seamless integration alongside existing credit and decisioning frameworks Increasingly, credit risk teams also value platforms that reduce operational complexity by enabling fraud and credit risk assessment through unified workflows rather than fragmented point solutions. A more strategic approach to fraud and credit risk The most effective credit risk strategies today are not more conservative, they’re more precise. Fraud risk scores give credit risk officers the ability to stop fraud earlier, classify losses accurately and protect portfolio performance without tightening credit across the board. When fraud and credit insights work together, teams can gain a clearer view of risk, stronger decision confidence and more flexibility to support growth. As fraud tactics continue to evolve, the organizations that succeed will be those that can effectively separate fraud from credit loss. Fraud risk scores are no longer a nice-to-have. They’re a foundational tool for modern credit risk strategies. How credit risk teams can operationalize fraud risk scores For credit risk officers, the challenge isn’t just understanding fraud risk, it’s operationalizing it across the credit lifecycle without adding friction, complexity or compliance risk. Rather than treating fraud as a point-in-time decision, credit risk teams should assess fraud risk where it matters most, from acquisition through portfolio management. Fraud risk scores are designed to complement credit decisioning by focusing on intent to repay, helping teams distinguish fraud-driven behavior from traditional credit risk. Key ways Experian supports credit risk teams include: Lifecycle coverage: Experian award-winning fraud risk scores are available across marketing, originations, prequalification, instant decisioning and ongoing account review. This allows organizations to apply consistent fraud strategies beyond account opening. First-party and synthetic identity fraud intelligence: Experian’s fraud risk scoring addresses first-payment default, bust-out behavior and synthetic identity fraud, which are scenarios that often bypass traditional credit models because they initially appear creditworthy. Converged fraud and credit decisioning: By delivering fraud and credit insights together, often through a single integration, Experian can help reduce operational complexity. Credit risk teams can assess fraud and credit risk simultaneously rather than managing disconnected tools and workflows. Precision over conservatism: The emphasis is not on declining more applicants, but on approving more genuine customers by isolating high-risk intent earlier. This precision helps protect portfolio performance without sacrificing growth. For lenders navigating increasing fraud pressure, Experian’s approach reflects a broader shift in the industry: fraud prevention and credit risk management are no longer separate disciplines; they are most effective when aligned. Explore our fraud solutions Contact us