Get the latest identity fraud insights, trends and fraud prevention tips in our Identity Fraud Report 2023. It's estimated that fraud costs the global economy around $5.38 trillion (£4.37 trillion) — 6.4% of the world's GDP. And with most fraud now happening online (80% of reported fraud is cyber-enabled), it's crucial that businesses put defenses in place.
To help businesses be more proactive in their fight against identity fraud, we examined our own proprietary data to understand how fraudsters behave, the techniques they’re using, and what sort of attack patterns have emerged over the last year. This report collates those findings to help businesses stay one step ahead of identity fraud.
Identity fraud insights
of document fraud
increase in attempted fraud
Identity fraud is a 24/7 business
In 2022, fraud levels were consistent across 24 hours, seven days a week. Businesses are under threat from fraudulent attacks 24/7, and their defenses need to match that.
Fraud rings opt for repeat fraud attacks
Fraud rings favor repeat fraud — where fraudsters launch hundreds or thousands of attacks using the same or similar personal information. The report examines what businesses can do to combat repeat fraud.
Synthetic identity fraud remains a huge threat
Synthetic identity fraud — where real and fake data is combined — remains a big threat. Our report found that synthetic identity documents are more likely to be male than female, and fraudsters are opting to use fictional names.
Get your copy of Onfido’s 2023 Identity Fraud Report
What is the difference between identity fraud and identity theft?
Identity fraud and identity theft are two terms that are often used interchangeably, but there are some subtle differences between the two. Identity theft refers to the act of stealing someone’s personally identifiable information (PII). For example, via a data breach. This PII is then often sold on the dark web — fraudsters are able to purchase an individual’s information (including their name, date of birth, email address, Social Security number and more) for as little as $4 according to findings from Atlas VPN.
Identity fraud is when a fraudster goes on to use this stolen information for personal or financial gain, or to commit a crime. For example, creating synthetic identities to open bank accounts or obtain credit, performing phishing attacks, or using the information to take over an individual’s account and make illegal transactions.
What qualifies as identity fraud?
Any act in which a fraudster uses an individual’s stolen personal information for financial gain, or to commit a crime, qualifies as identity fraud. Such activities include using stolen or fake PII to open a bank account, open a credit application, or apply for official documents. Often, the long-term intention is to launder money or purchase illicit goods.
Fraudsters might also attempt to defraud individuals (using techniques such as phishing, or account takeover) to get them to hand over money.
What are the top three types of identity theft?
Some of the most common types of identity theft include:
- Synthetic identity theft, one of the fastest-growing types of financial crime in the US. Fraudsters use a combination of real and fake personal information to create a new identity, and go on to apply for loans, credit cards, or commit other crimes — usually for financial gain.
- Data breaches are still on the rise and can compromise anything from a customer’s address, to their date of birth, passport number or driving license number, or even images of a customer’s ID. Information gathered from data breaches empowers fraudsters to go on and commit other types of fraud — including phishing attacks, account takeover fraud, synthetic identity fraud and financial fraud.
- Financial identity theft where fraudsters use a person’s data for financial gain. For example, they might steal someone’s credit card details to make purchases, hack into a personal account and steal funds, or use personal information to open new accounts or apply for credit.
What are the first signs of identity fraud?
Some of the first warnings signs of identity fraud include:
- Unexplained withdrawals or purchases made via your bank account
- New credit cards that you didn’t apply for
- Errors on your credit reports
- Sudden changes to your credit score, or an unexpected refusal for new credit
- Collection notices for unpaid accounts or unexplained debts
How can you protect yourself from identity theft?
Individuals can help protect themselves from identity theft by doing the following:
- Keeping personal information and documents secure, whether that's physical paperwork or online.
- Monitor credit reports, medical reports, bank and credit accounts for any unusual or suspicious activity, and report any such activity straight away.
- Ask questions and double-check who you are in contact with before sharing personal information, especially if someone emails or phones you out of the blue.
- Stay alert and educate yourself about phishing and spoofing attacks. If something doesn't feel right, it's probably a scam.
- Use strong passwords and authentication steps.
How can businesses prevent identity fraud?
One step businesses can take to prevent identity fraud is to conduct identity verification at onboarding. This can be achieved in a number of ways — by verifying customer data against a variety of trusted data sources, checking identity documents, and verifying biometrics.
At Onfido, we recommend adopting a layered approach to fraud detection, including:
- Data validation: Verifying customer identities against a range of trusted data sources such as SSN, credit databases, sanctions and PEPs lists, and proof of address.
- Document verification: Check that identity documents are genuine.
- Biometric verification: Ensure that the biometric matches what is on a submitted ID.
- Fraud detection signals: Leverage passive fraud signals such as device, network and behavioral data.
What are the benefits of preventing identity fraud?
- Reduce fraud losses
Protect your revenue by stopping more fraud at the door. Safeguard your systems and customer privacy, and maintain your brand integrity, all while growing your bottom line.
- Prevent fraud without adding friction
Identify fraudsters before they access services with passive signals that offer zero friction for genuine customers and build tailored onboarding flows based on individual customer risk profiles.
- Manage your risk
Accurate reporting helps you avoid penalties and fines by ensuring risk controls and audit trails.