Language

Account Takeovers

Synthetic ID Fraud: Wake Up to the Threat of Sleeper Cells

December 3, 2018

When most people think of sleeper cells, images of spy thrillers and international intrigue are what come to mind. In the world of fraud prevention, however, sleeper cells represent the clear and present threat of a synthetic ID fraud attack lying in wait.

Sleeper cells consist of accounts that are intentionally aged (or ‘farmed’) to lend the air of credibility required to carry out synthetic ID fraud.

What is synthetic ID fraud?

Fraudsters only need minimal “true” information to commit synthetic ID theft. Fraudsters don’t need 100 percent of someone’s personal information. Which is the appeal:They can simply synthesize it.

Synthetic identity fraud relies on the use of an identity that has been created in one of three ways:

  • Pair a legitimate social security number (SSN) with a fake name
  • Use an “inactive” social security number with a real name (typically a child or deceased person)
  • Completely fabricate both SSN & name

Rethinking account tenure controls

Fraudsters know that you have controls based on the tenure of an account. In order to outflank these controls, they create accounts and “sit” on them for enough time for them to appear legit.

That time could be 3 months, or 6 months. The actual amount of time will be based around how much they have tested your control points. And you can bet they have tested them, much more than you know.

At the end of they day, fraudsters are attempting to give you an impression that these accounts represent “good customers” with tenure, so your controls become irrelevant. It’s like trying to find a needle in a stack of needles.

That’s why it pays dividends to determine your fraud risk exposure. How much could you lose to an attack by these sleeper cells?

Determine your average fraud loss, per account

Then, determine the percentage of accounts that are potential sleeper cells, or otherwise “at risk” based on tenure.

Think of it this way: If your average fraud loss is USD$2,000 and even as little as .5% of your account portfolio is at risk (let’s say that‘s 100 accounts total), losses would represent USD$200,000. That’s nothing to shake a stick at.

Some additional food for thought: the Association of Certified Fraud Examiners estimates that organizations suffer annual fraud losses of up to 5% of revenue.

Define good behavior

It’s likely that fraudsters know your business just as well as you do.

They know that you utilize several controls based around the tenure of the account and are aware that you expect fraud to happen in the first few months that an account exists.

To stay a step of head of them, consider merging your tenure controls with transaction value. This means simply having a six-month-old account, with minimal activity, should not factor into fraud controls. Instead, you should consider that a new customer.

Think of tenure as something closely associated with significant transaction amounts. For example, if an account has existed for six months and has USD$5,000 in transactions associated with it, then it can be considered legitimate.

Combining account tenure with a meaningful transaction amount constitutes a control that is very hard for fraudsters to replicate. This way, you can select your trustworthy population and segment it against the rest of your transactions. Then you can reduce controls and focus on accounts that are potentially risky.

In conclusion

If your organization is like most, there’s no time to waste when addressing synthetic IDs.

Fraudsters are highly motivated to innovate their approaches as rapidly as possible, and it’s important to implement processes which address the continued rise of synthetic ID fraud from multiple engagement points.

I invite you to follow me on LinkedIn

Follow Emailage on LinkedIn and Twitter (@emailage)

Click here to discover how to get secure, intelligent risk assessment using an email address. 

close-link
close-link
close-link