Synthetic Identity Fraud: The Ghost in the Machine

The Perfect Crime?

Imagine a criminal who doesn't steal your identity but creates a new one using parts of yours. Synthetic identity fraud involves combining real information (like a Social Security number) with fake details (name, address) to create a "Frankenstein" identity.

How It Works

1. Creation: The fraudster pairs a stolen SSN (often from a child or deceased person) with a fake name.
2. Cultivation: They apply for credit. The application is rejected, but it creates a credit file.
3. Validation: They add the synthetic identity as an authorized user on a legitimate account (piggybacking) to build a credit score.
4. Bust-Out: Once the credit limit is high, they max out cards and loans, then vanish.

Detection Challenges

Because the identity is partially real, traditional KYC (Know Your Customer) checks often fail. The "person" looks real on paper.

Fighting Back with Data

• Behavioral Biometrics: Analyzing how the user interacts with the form (typing speed, mouse movements).
• Email Risk Scoring: Synthetic identities often use new or disposable emails. Checking email reputation is a key defense.
• IP Geolocation: Does the applicant's IP address match their stated address? Our IP Scanner can verify location consistency.

Related Reading

• Deepfake Threats in Enterprise Security
• Biometric Authentication Spoofing
• The Dark Web vs. Deep Web
• Email Reputation Guide
• Bot Detection & Account Takeover