Understanding Fraudster Psychology blog image

Not all fraud is created equal. Some attacks will have a disproportionate impact on your business. This comes down to who is behind the attack, their motivation, and the resources available to them.

The best fraud prevention strategies evolve from knowing what type of attack you’re dealing with. To help, we’ve built profiles of the most common types of attacks and attackers we see, to help you know what to look for.

The psychology of a fraudster

There are three primary motivations behind fraudulent activity. Opportunity, rationalization and pressure.

Many external factors influence these motivations and cause a spike in fraud. For example a global crisis like the COVID-19 pandemic, a big event like the Super Bowl, or even digitization or sign-up incentives.


Opportunity for fraudsters has increased over the last few years because so many companies have moved to online business models. Successful fraud is much more scalable online. Once a fraudster finds a loophole they can continue to exploit it again and again.

Think about opening a bank account. In a real-life situation, a person couldn’t make more than a few fake sign-up attempts without being recognized and caught. But when hidden behind a screen, fraudsters have more opportunities to launch attacks at scale.


Some fraudsters may consider ID fraud a victimless crime. If costs fall on faceless corporations rather than individual people, or they assume that businesses can afford small losses, fraudsters might rationalize that they’ve caused no real or long-term harm.


For many, fraud is driven by genuine financial pressure. The pandemic was hard on businesses and individuals alike. Many people lost their jobs and are facing financial hardship. When backed into a corner, for many, fraud is the only option.

Fraudster profiles: who’s attacking your business?

While the psychology behind fraudsters’ rationale helps us understand why they might be conducting an attack, their behavior also suggests the type of fraudster attacking your business and the level of threat they pose. 

Novice fraudster blog image

Meet fraudster number 1: The novice

  • Profile: An individual or small group of individuals who attempt one-off attacks. They will have minimal experience and few resources to hand. It might simply be someone trying their luck — for example, someone underage trying to buy age-restricted goods — or they might be facing external pressures such as financial difficulty.

  • Volume and frequency: While individuals or groups might only carry out one attack at a time, businesses will see a lot of these types of attacks.

  • Sophistication: Easy

  • Impact, if successful: Low

  • What to look for: Obvious signs of fraud, for example, information on an identity document that doesn’t match the sign-up details. Or identity documents that have inconsistent data between the front and back.

Fraud opportunist blog image

Meet fraudster number 2: The opportunist

  • Profile: An individual or group who takes advantage where they see opportunity. For example, attempting to sign up multiple times when a business offers an incentive like a sign-up bonus.

  • Volume and frequency: High volume tied to a specific event, such as when a business offers sign-up bonuses or new joiner campaigns.

  • Sophistication: Easy to medium

  • Impact, if successful: Medium to high

  • What to look for: An influx of account openings during specific campaigns, or when there is a spike in a certain market, for example, crypto price fluctuations. An indicator of fraud might be large numbers of the same document type, issuing country, or repeated information (such as email address or name) across different applications.

Organized fraud ring blog image

Meet fraudster number 3: The organized fraud ring

  • Profile: Sophisticated, large-scale operations, often undertaken by a criminal gang. Our CEO, Mike Tuchen, writes about the idea of 'fraud corporations' in his Forbes article: Meet The Organizations Built To Exploit You: Stopping Fraud Corporations. They will have the resources to conduct sophisticated fraud such as deepfakes, 2D and 3D masks. They might also resort to techniques like coercion.

  • Volume and frequency: Businesses will see fewer of these types of attacks, but they are the ones that can cause the most damage in the shortest space of time.

  • Sophistication: Medium to hard

  • Impact, if successful: High

  • What to look for: The reusing of information and/or document type, as well as inconsistencies in the document data. Other signals might also be significant. For example, if the same background in every submitted photo of the ID or selfie is the same, this could be a sign that fraudsters are attempting to attack a business en masse. Finally, device and network data might appear suspicious when analyzed against the regular patterns.

How to protect your business from fraud

Any fraud prevention strategy is never going to stop 100% of fraud. Staying ahead of fraudsters is an arms race. They’re always developing new attack vectors, so the measures you put in place to protect your business also need to evolve. This is your best chance to catch as much fraud as possible, and to learn from any fraud you do see to help evolve your strategy.

Below are just some of the steps you can put in place to best protect your business and your bottom line.

  • Partner with Industry-leading experts: Your best protection against fraud will come from partnering with industry-leading experts who have connections to global intelligence agencies, are compliant with regulations, and can help you navigate privacy and legal requirements. Any partners should also have an innovative mindset and a handle on the latest fraud trends. This means that alongside that partner you’ll be able to adapt to fraud as it first develops and evolves in the market. 

  • Adopt innovation: Fraud techniques and technologies are always improving, so your identity solution needs to be fueled by the same innovation. The world has never been more digital, and your customers have higher expectations than ever before. Fraudsters are looking to capitalize on this move. New fraud techniques are constantly being discovered and developed - and once fraudsters find one that works, they will exploit it at scale. Your identity verification solution should empower you to adapt to this changing fraud landscape. Learn more about Atlas™, Onfido's proprietary AI.

  • Layer up identity verification and signals: Layering identity processes, for example combining a person’s ID with their physical biometrics, helps businesses build strong assurance in their users’ real identities. Document verification is the first line of defense against fraud. And adding Biometric verification helps protect against stolen IDs, and can deter fraudsters who don't want to put their face to a name. Forrester’s Total Economic Impact™ of Onfido study found that businesses who use Onfido’s identity verification solution see on average a 27% increase in fraudulent accounts detected

Identity Fraud Report

Find out about the latest fraud trends and techniques.

Take a look at our report