His name is Michael Smith. He lives in Houston, Texas, in a single-family home. He was born on August 17th, 1991.
And he is 100% fake. According to a new study released by Socure, this profile is the most likely to be used in a synthetic identity.
The study, authored by legendary synthetic expert Mike Cook, warns that if synthetic identity fraud continues to go unchecked, losses will double from the estimated $2.48 billion this year to nearly $5 billion in 2024.
Synthetic Identity – It Started With Tumbling
In the report, Socure outlines the history of synthetic identity, which had its roots in practice called “Tumbling”.
Tumbling could be called the early predecessor to synthetic identity. The term credit tumbling would involve borrowers making small adjustments to their names and social security numbers to throw off the credit bureau’s identity linking system.
The term was actually borrowed from another type of fraud called Card Tumbling, where fraudsters armed with Mod 10 checking software could create thousands of valid card numbers by correctly guessing the sequence of card numbers by starting with a single valid card number. It was called Mod 10 because 1 valid card number could be generated for every sequence of 10 numbers.
In 2004, Synthetic Emerged As The Fraud Type That Would Later Grow To Be America’s Fastest Growing Financial Crime
In 2004, the term “Synthetic Identity” was coined by Mike Cook (now with Socure) to better describe this type of identity theft that did not involve a real victim.
Since his company was so busy then, he had to perform much of his research and analysis on fraud patterns late into the night. On this particular night, he worked from 3 am to 8 am analyzing how breached data was being used by fraudsters after the information was stolen.
He noticed an unusual pattern that included SSN tumbling, linking elements, similar names, and transposed similar first/last names on many different applications. He decided to write a whitepaper on what he had discovered in the network and wanted to come up with a term that would describe the fraud and capture the imagination of the reader. He had just finished watching the movie Aliens the night before and remembered the character Lance Bishop who was a synthetic human.
So, he created the term “Synthetic Identity” because the identity was created in much the same way the Android was created in Aliens.
Synthetic Profiles Emerged Using The Most Common Names
One of the more enlightening aspects of the report from Socure is the deep analysis their engineers and data scientist performed on historical data.
The scientist found that the most common names used on applications using synthetic identities closely matched the most common names from the Social Security Administration’s (SSA) most popular birth names.
Socure’s conclusion was that fraudsters choose ordinary common information to blend in and escape detection.
Sundays Are Synthetic Day Because Fraud Fighters Are Off Work
While using common information is a mainstay for synthetic fraudsters, they employ other tactics, according to Socure.
According to the report, synthetic fraudsters “choose Sunday as the day of the week to submit applications because it’s known to be the day when fraud staffing is at its lowest.”
Synthetic Identity Is Shifting To DDA – An Estimated 2,480,000 Fake Accounts
According to Socure, “the problem of synthetic fraud will not go away on its own. Quite the opposite. It is exhibiting shifting patterns and increasing in scope.”
Fraudsters have moved beyond attacking traditional credit granting products like credit cards into DDA and Securities accounts, and the stats prove it out – in 2021, the FTC Sentinel showed a 122% increase in new account fraud on DDA accounts.
Synthetic fraud has shifted to DDA now because it allows them to create money mule accounts and move illicit funds through those accounts with little fear of being caught.
And millions of synthetic identities are now hiding in plain view in bank accounts here in the US – an estimated 2.48 million based on their analysis. And the annualized loss impact of those fake accounts is $2.4 Billion.
The Current Loss Estimates on Synthetic Are Far Too Low – Synthetic Is Actually Running At $5 Billion Annually.
There are no standard industry measurements on the impact of synthetic identity, so AITE- Novarica’s estimates are often used as a proxy for losses.
Their estimates are approximately $2.4 billion this year for credit cards only. Socure argues that this number should be doubled. They believe that the $2.48 Billion should be added to the AITE’s estimate, making the total annual impact close to $5 Billion.
The COVID Impact Was Severe On Synthetic Identity Impact
Stimulus programs had dire consequences on the proliferation of synthetic identity creation.
Socure data scientists performed an extensive analysis of historical data and determined that there were significant spikes in both “fabricated” and “manipulated” identities in March through August of 2020 on DDA accounts – the same time that government programs were being rolled out en-masse.
A spike in synthetic identity creation on lending products also occurred during COVID but peaked later between January through August 2021.
Investment accounts were also drilled by higher synthetic identity attempts during the same time period.
A 10-Point Proposal To Eradicate Synthetic Identity
Socure doesn’t just raise the alarm bell in the report, they also provide a 10-point proposal on how to eradicate the problem.
It includes a compelling and thought-provoking list of ideas and tactics that I do believe could work. It’s definitely worth a read!
Go To This Link To Download
While I can’t share all of the cool charts and graphs, you can go and get them yourself.
There are so many insightful gems in the Socure report. Head to this download link and request a copy to read the whole analysis yourself.