Fraud rings image

From Dante’s Inferno to repeat offenders — what do epic poetry and fraud have in common? And what fraud prevention strategies can modern businesses adopt to escape the hellfire circle of fraud rings?

A lot has changed since the 14th century, particularly the advent of computers. But the attitude toward fraud has not. The most famous fraud ring predating computers and the internet is arguably one found in Dante Alighieri’s epic poem, The Divine Comedy. 

The first part of the Divine Comedy is Inferno, detailing Dante’s journey through hell, guided by the poet Virgil, as he passes through the nine circles of hell. The circles of hell are depicted as concentric, gradually increasing in wickedness, and it is in the eighth circle — before the ninth and final circle where the devil himself resides — where we find the Hell of the Fraudulent and Malicious. 

Having arrived upon the monster Greyon (himself the personification of fraud possessing the face of an honest man, but the tail of a scorpion) Dante meets the occupants of the ditches that make up the eighth circle; Barrators, Counsellors of Fraud, Falsifiers, Imposters, Counterfeiters and Thieves. The latter endure their own identity theft as punishment for stealing people’s identities and possessions in life.

Fast forward 700 years and the fraud rings of today are still made up of imposters, counterfeiters and thieves, working with an arsenal of cybertools to attack and defraud, creating hell for consumers in the digital economy. Fraud rings are perpetrators of identity fraud, attacking people’s livelihoods, their life-savings and violating and stealing the very thing that makes individuals unique — their identity.

What is a fraud ring?

Whereas in Inferno the Fraudulent and Malicious are separated by ditches, each experiencing their own punishment, today we see fraudsters working together, in vast hyper-connected networks. They traverse regions, devices, locations, identities and industries. In fact, they have evolved and become so organized that they mirror legitimate enterprises. Our CEO, Mike Tuchen, explores the concept of a 'fraud corporation' in more depth in his piece for Forbes: Meet The Organizations Built To Exploit You: Stopping Fraud Corporations. The Procurement Department recruits money mules from social media, while Research & Development evolve and innovate attacks, working out, for example, how to apply Remote Access Attacks on mobile devices after seeing their success on desktop devices. The Marketing Department can run ad scams or operate vast email phishing campaigns, while there are even call centres running number spoofing scams. Make no mistake, they are organized, smart, connected and constantly innovating.

Not only are they organized, but they know where to put their efforts. Normally they opt for the path of least resistance where they can cash out with minimum effort on their part.

Identifying fraud rings: the tell-tale signs

From simple fraud in Inferno, to easy, scalable attacks today

Drawing on another parallel with Inferno, where the Fraudulent and Malicious were punished because they were all guilty of ‘Simple Fraud,’ today's fraudsters are similarly leveraging low sophistication, scalable attack methods. 

In Onfido’s 2023 Identity Fraud Report, ‘low-sophistication’ fraud has surged a dramatic 37% year-on-year, with this type of low-lift fraud characterized by simple, subtle tweaks to document numbers or identity information like name or date of birth. Crucially, fraud rings leverage these ‘low sophistication’ identity attacks with the resources and manpower to scale attacks at speed to target platforms and services en masse. 

Repeat information, repeat faces, repeat fraud

Choosing quantity over quality and working 24/7, fraud rings can make hundreds, if not thousands, of copies of the same document, but tweak minor details each time. For example, the documents might all have the same face and personal information, with the exception of the document number, which changes by one number each time the document is submitted anew. Or vice versa, the document numbers might all be the same, but the name on the document varies each time.

Diagram showing normal user behaviour, suspicious activity, and the activity of a fraud ring.

This kind of repeatable fraud is a considerable threat — not just the attack in and of itself; simple, easy to scale and easy for businesses to miss — but this type of fraud takes resources and manpower away from other, more sophisticated attacks which are likely to result in much bigger fraud losses. 

So how can businesses protect against low sophistication, repeatable fraud, as well as the fraud rings who are leveraging such attacks at scale?

Detecting and preventing fraud rings

A multi-layer approach to fraud detection is a necessity in today's complex, cybercrime landscape. Businesses need to be able to dial up defenses in response to emerging threats and new regulations, for example, while preserving a seamless user experience for end users. For scalable, repeat fraud, businesses need to compare new applications to historic onboarded data; Onfido’s Repeat Attempts looks at document data, comparing what has been submitted with what has been seen historically in order to detect repeat ID document use. It was with Repeat Attempts that one leading payments company identified 95 fraud rings in just three months, with the same document number having been submitted 300 times with different attributes.

However, as we know, when fraudsters hit a blocker on one path, they are quick to adapt and attack on another. If a solution like Repeat Attempts stops them on the document side, they will likely move efforts and try to spoof the biometrics, or try to infiltrate another touchpoint on the customer journey. Fraud really is a real-life game of whack-a-mole. Layering a solution like Repeat Attempts with a solution like Onfido’s Known Faces, that compares the submitted photo ID with hundreds of thousands of historic faces already onboarded, provides a robust, formidable offense against repeat offenders — chief among them, fraud rings.

Does the punishment fit the crime? Tackling identity fraud head-on

There is one last startling difference between the Fraudulent and the Malicious in Inferno, and today’s fraudsters. In Inferno they were being punished for their awful deeds, whereas today there is a significant problem in convicting those who cause considerable harm through fraud.

In the UK, just 4,924 fraud offenses resulted in a charge last year out of more than five million scams reported by victims. This equates to just 0.1% of all fraud resulting in prosecution. With fraud prosecutions at less than one in 100, the failure to fight fraud could actually be luring more criminals to it, which is why we in the industry must band together, collaborate, share insights and fraud data. Becoming a cohesive network of fraud fighters to take on the organized networks of fraud rings is the best chance we have at successful fraud prevention.

Discover more fraud trends and techniques

Download our Identity Fraud Report 2023 to get the latest insights into the techniques that fraudsters are using to attack your business.

Read report