Tag: fraud

"Grandma, it’s me, Mike.” Imagine hearing the voice of a loved one (or what sounds like it) informing you they were arrested and in need of bail money. Panicked, a desperate family member may follow instructions to withdraw a large sum of money to provide to a courier. Suspicious, they even make a video call to which they see a blurry image on the other end, but the same voice. When the fight or flight feeling settles, reality hits. Sadly, this is not the scenario of an upcoming Netflix movie. This is fraud – an example of a new grandparent scam/family emergency scam happening at scale across the U.S. While generative AI is driving efficiencies, personalization and improvements in multiple areas, it’s also a technology being adopted by fraudsters. Generative AI can be used to create highly personalized and convincing messages that are tailored to a specific victim. By analyzing publicly available social media profiles and other personal information, scammers can use generative AI to create fake accounts, emails, or phone calls that mimic the voice and mannerisms of a grandchild or family member in distress. The use of this technology can make it particularly difficult to distinguish between real and fake communication, leading to increased vulnerability and susceptibility to fraud. Furthermore, generative AI can also be used to create deepfake videos or audio recordings that show the supposed family member in distress or reinforce the scammer's story. These deepfakes can be incredibly realistic, making it even harder for victims to identify fraudulent activity. What is Generative AI? Generative artificial intelligence (GenAI) describes algorithms that can be used to create new content, including audio, code, images, text, simulations, and videos. Generative AI has the potential to revolutionize many industries by creating new and innovative content, but it also presents a significant risk for financial institutions. Cyber attackers can use generative AI to produce sophisticated malware, phishing schemes, and other fraudulent activities that can cause data breaches, financial losses, and reputational damage. This poses a challenge for financial organizations, as human error remains one of the weakest links in cybersecurity. Fraudsters capitalizing on emotions such as fear, stress, desperation, or inattention can make it difficult to protect against malicious content generated by generative AI, which could be used as a tactic to defraud financial institutions. Four types of Generative AI used for Fraud: Fraud automation at scale Fraudulent activities often involve multiple steps which can be complex and time-consuming. However, GenAI may enable fraudsters to automate each of these steps, thereby establishing a comprehensive framework for fraudulent attacks. The modus operandi of GenAI involves the generation of scripts or code that facilitates the creation of programs capable of autonomously pilfering personal data and breaching accounts. Previously, the development of such codes and programs necessitated the expertise of seasoned programmers, with each stage of the process requiring separate and fragmented development. Nevertheless, with the advent of GenAI, any fraudster can now access an all-encompassing program without the need for specialized knowledge, amplifying the inherent danger it poses. It can be used to accelerate fraudsters techniques such as credential stuffing, card testing and brute force attacks. Text content generation In the past, one could often rely on spotting typos or errors as a means of detecting such fraudulent schemes. However, the emergence of GenAI has introduced a new challenge, as it generates impeccably written scripts that possess an uncanny authenticity, rendering the identification of deceit activities considerably more difficult. But now, GenAI can produce realistic text that sounds as if it were from a familiar person, organization, or business by simply feeding GenAI prompts or content to replicate. Furthermore, the utilization of innovative Language Learning Model (LLM) tools enables scammers to engage in text-based conversations with multiple victims, skillfully manipulating them into carrying out actions that ultimately serve the perpetrators' interests. Image and video manipulation In a matter of seconds, fraudsters, regardless of their level of expertise, are now capable of producing highly authentic videos or images powered by GenAI. This innovative technology leverages deep learning techniques, using vast amounts of collected datasets to train artificial intelligence models. Once these models are trained, they possess the ability to generate visuals that closely resemble the desired target. By seamlessly blending or superimposing these generated images onto specific frames, the original content can be replaced with manipulated visuals. Furthermore, the utilization of AI text-to-image generators, powered by artificial neural networks, allows fraudsters to input prompts in the form of words. These prompts are then processed by the system, resulting in the generation of corresponding images, further enhancing the deceptive capabilities at their disposal. Human voice generation The emergence of AI-generated voices that mimic real people has created new vulnerabilities in voice verification systems. Firms that rely heavily on these systems, such as investment firms, must take extra precautions to ensure the security of their clients' assets. Criminals can also use AI chatbots to build relationships with victims and exploit their emotions to convince them to invest money or share personal information. Pig butchering scams and romance scams are examples of these types of frauds where AI chatbots can be highly effective, as they are friendly, convincing, and can easily follow a script. In particular, synthetic identity fraud has become an increasingly common tactic among cybercriminals. By creating fake personas with plausible social profiles, hackers can avoid detection while conducting financial crimes. It is essential for organizations to remain vigilant and verify the identities of any new contacts or suppliers before engaging with them. Failure to do so could result in significant monetary loss and reputational damage. Leverage AI to fight bad actors In today's digital landscape, businesses face increased fraud risks from advanced chatbots and generative technology. To combat this, businesses must use the same weapons than criminals, and train AI-based tools to detect and prevent fraudulent activities. Fraud prediction: Generative AI can analyze historical data to predict future fraudulent activities. By analyzing patterns in data and identifying potential risk factors, generative AI can help fraud examiners anticipate and prevent fraudulent behavior. Machine learning algorithms can analyze patterns in data to identify suspicious behavior and flag it for further investigation. Fraud Investigation: In addition to preventing fraud, generative AI can assist fraud examiners in investigating suspicious activities by generating scenarios and identifying potential suspects. By analyzing email communications and social media activity, generative AI can uncover hidden connections between suspects and identify potential fraudsters. To confirm the authenticity of users, financial institutions should adopt sophisticated identity verification methods that include liveness detection algorithms and document-centric identity proofing, and predictive analytics models. These measures can help prevent bots from infiltrating their systems and spreading disinformation, while also protecting against scams and cyberattacks. In conclusion, financial institutions must stay vigilant and deploy new tools and technologies to protect against the evolving threat landscape. By adopting advanced identity verification solutions, organizations can safeguard themselves and their customers from potential risks. To learn more about how Experian can help you leverage fraud prevention solutions, visit us online or request a call

Money mule fraud is a type of financial scam in which criminals exploit individuals, known as money mules, to transfer stolen money or the proceeds of illegal activities. Money mule accounts are becoming increasingly difficult to distinguish from legitimate customers, especially as criminals find new ways to develop hard-to-detect synthetic identities. How money mule fraud typically works: Recruitment: Fraudsters seek out potential money mules through various means, such as online job ads, social media, or email/messaging apps. They will often pose as legitimate employers offering job opportunities promising compensation or claiming to represent charitable organizations. Deception: Once a potential money mule is identified, the fraudsters use persuasive tactics to gain their trust. They may provide seemingly legitimate explanations like claiming the money is for investment purposes, charity donations or for facilitating business transactions. Money Transfer: The mule is instructed to receive funds to their bank or other financial account. The funds are typically transferred from other compromised bank accounts obtained through phishing or hacking. The mule is then instructed to transfer the money to another account, sometimes located overseas. Layering: To mask the origin of funds and make them difficult to trace, fraudsters will employ layering techniques. They may ask the mule to split funds into smaller amounts, make multiple transfers to different accounts, or use various financial platforms such as money services or crypto. Compensation: The money mule is often promised a percentage of transferred funds as payment.  However, the promised monies are lower than the dollars transferred, or sometimes the mule receives no payment at all. Legal consequences: Regardless whether mules know they are supporting a criminal enterprise or are unaware, they can face criminal charges. In addition, their personal information could be compromised leading to identity theft and financial loss. How can banks get ahead of the money mule curve: Know your beneficiaries Monitor inbound paymentsEngage identity verification solutionsCreate a “Mule Persona” behavior profileBeware that fraudsters will coach the mule, therefore confirmation of payee is no longer a detection solution Educate your customers to be wary of job offers that seem too good to be true and remain vigilant of requests to receive and transfer money, particularly from unknown individuals and organizations. How financial institutions can mitigate money mule fraud risk When new accounts are opened, a financial institution usually doesn’t have enough information to establish patterns of behavior with newly registered users and devices the way they can with existing users. However, an anti-fraud system should catch a known behavior profile that has been previously identified as malicious. In this situation, the best practice is to compare the new account holder’s behavior against a representative pool of customers, which will analyze things like: Spending behavior compared to the averagePayee profileSequence of actionsNavigation data related to machine-like or bot behaviorAbnormal or risky locationsThe account owner's relations to other users The risk engine needs to be able to collect and score data across all digital channels to allow the financial institution to detect all possible relationships to users, IP addresses and devices that have proven fraud behavior. This includes information about the user, account, location, device, session and payee, among others. If the system notices any unusual changes in the account holder’s personal information, the decision engine will flag it for review. It can then be actively monitored and investigated, if necessary. The benefits of machine learning This is a type of artificial intelligence (AI) that can analyze vast amounts of disparate data across digital channels in real time. Anti-fraud systems based on AI analytics and predictive analytics models have the ability to aggregate and analyze data on multiple levels. This allows a financial institution to instantly detect all possible relationships across users, devices, transactions and channels to more accurately identify fraudulent activity. When suspicious behavior is flagged via a high risk score, the risk engine can then drive a dynamic workflow change to step up security or drive a manual review process. It can then be actively monitored by the fraud prevention team and escalated for investigation. How Experian can help Experian’s fraud prevention solutions incorporate technology, identity-authentication tools and the combination of machine learning analytics with Experian’s proprietary and partner data to return optimal decisions to protect your customers and your business. To learn more about how Experian can help you leverage fraud prevention solutions, visit us online or request a call

Experian’s eighth annual identity and fraud report found that consumers continue to express concerns with online security, and while businesses are concerned with fraud, only half fully understand its impact – a problem we previously explored in last year’s global fraud report. In our latest report, we explore today’s evolving fraud landscape and influence on identity, the consumer experience, and business strategies. We surveyed more than 2,000 U.S. consumers and 200 U.S. businesses about their concerns, priorities, and investments for our 2023 Identity and Fraud Report. This year’s report dives into: Consumer concerns around identity theft, credit card fraud, online privacy, and scams such as phishing.Business allocation to fraud management solutions across industries.Consumer expectations for both security and their experience.The benefits of a layered solution that leverages identity resolution, identity management, multifactor authentication solutions, and more. To identify and treat each fraud type appropriately, you need a layered approach that keeps up with ever-changing fraud and applies the right friction at the right time using identity verification solutions, real-time fraud risk alerts, and enterprise orchestration. This method can reduce fraud risks and help provide a more streamlined, unified experience for your consumers. To learn more about our findings and how to implement an effective solution, download Experian’s 2023 Identity and Fraud Report. Download the report

Banking uncertainty creates opportunity for fraud The recent regional bank collapses left anxious consumers scrambling to withdraw their funds or open new accounts at other institutions. Unfortunately, this situation has also created an opportunity for fraudsters to take advantage of the chaos. Criminals are exploiting the situation and posing as legitimate customers looking to flee their current bank to open new accounts elsewhere. Financial institutions looking to bring on these consumers as new clients must remain vigilant against fraudulent activity. Fraudsters also prey on vulnerable individuals who may be financially stressed and uncertain about the future. This creates a breeding ground for scams as fear and uncertainty cloud judgment and make people more susceptible to manipulation. Beware of fraudulent tactics Now, it is more important than ever for financial institutions to be vigilant in their due diligence processes. As they navigate this period of financial turbulence, they must take extra precautions to ensure that new customers are who they say they are by verifying customer identities, conducting thorough background checks where necessary, and monitoring transactions for any signs of suspicious activity. Consumers should also maintain vigilance — fraudulent schemes come in many forms, from phishing scams to fake investment opportunities promising unrealistic returns. To protect yourself against these risks, it is important to remain vigilant and take precautions such as verifying the legitimacy of any offers or investments before investing, monitoring your bank and credit card statements regularly for suspicious activity, and being skeptical of unsolicited phone calls, emails, or text messages. Security researcher Johannes Ulrich reported that threat actors are jumping at the opportunity, registering suspicious domains related to Silicon Valley Bank (SVB) that are likely to be used in attacks. Ulrich warned that the scammers might try to contact former clients of SVB to offer them a support package, legal services, loans, or other fake services relating to the bank's collapse. Meanwhile, on the day of the SVB closure, synthetic identity fraud began to climb from an attack rate of .57 to a first peak of 1.24% on the Sunday following the closure, or an increase of 80%. After the first spike reduced on March 14, we only saw a return of an even higher spike on March 21 to 1.35%, with bumps continuing since then. As the economy slows and fraud rises, don’t let your guard down The recent surge in third-party attack rates on small business and investment platforms is a cause for concern. There was a staggering nearly 500% increase in these attacks between March 7th and 11th, which coincided with the release of negative news about SVB. Bad actors had evidently been preparing for this moment and were quick to exploit vulnerabilities they had identified across our financial system. They used sophisticated bots to create multiple accounts within minutes of the news dropping and stole identities to perpetrate fraudulent activities. This underscores the need for increased vigilance and proactive measures to protect against cyber threats impacting financial institutions. Adopting stronger security measures like multi-factor authentication, real-time monitoring, and collaboration with law enforcement agencies for timely identification of attackers is of paramount importance to prevent similar fraud events in the future. From frictionless to friction-right As businesses seek to stabilize their operations in the face of market turbulence, they must also remain vigilant against the threat of fraud. Illicit activities can permeate a company's ecosystem and disrupt its operations, potentially leading to financial losses and reputational damage. Safeguarding against fraud is not a simple task. Striking a balance between ensuring a smooth customer experience and implementing effective fraud prevention measures can be a challenging endeavor. For financial institutions in particular, being too stringent in fraud prevention efforts may drive customers away, while being too lenient can expose them to additional fraud risks. This is where a waterfall approach, such as that offered by Experian CrossCore®, can prove invaluable. By leveraging an array of fraud detection tools and technologies, businesses can tailor their fraud prevention strategies to suit the specific needs and journeys of different customer segments. This layered, customized approach can help protect businesses from fraud while ensuring a seamless customer experience. Learn more

The fraud problem is ever-present, with 94% of businesses reporting it as a top priority, and fraudsters constantly finding new targets for theft. Preventing fraud requires a carefully orchestrated strategy that can recognize and treat a variety of types — without adding so much friction that it drives customers away. Experian’s fraud prevention and detection platform, CrossCore®, was recently named an Overall Leader, Product Leader in Fraud Reduction Intelligence Platforms, Innovation Leader and Market Leader in Fraud Reduction by KuppingerCole. CrossCore is an integrated digital identity and fraud risk platform that enables organizations to connect, access, and orchestrate decisions that leverage multiple data sources and services. CrossCore combines risk-based authentication, identity proofing, and fraud detection into a single, state-of-the-art cloud platform. It engages flexible decisioning workflows and advanced analytics to make real-time risk decisions throughout the customer lifecycle. This recognition highlights Experian’s comprehensive approach to combating fraud and validates that CrossCore offers best-in-class capabilities by augmenting Experian’s industry-leading identity and fraud offerings with a highly curated ecosystem of partners which enables further optionality for organizations based on their specific needs. To learn more about how CrossCore can benefit your organization, read the report or visit us. Learn more

The rise of the digital channel lead to a rise in new types of fraud – like cryptocurrency and buy now, pay later scams.  While the scams themselves are new, they’re based on tried-and-true schemes like account takeover and synthetic identity fraud that organizations have been working to thwart for years, once again driving home the need for a robust fraud solution.   While the digital channel is extremely attractive to many consumers due to convenience, it represents a balancing act for organizations – especially those with outdated fraud programs who are at increased risk for fraud. As organizations look for ways to keep themselves and the consumers they serve safe, many turn to fraud risk mitigation. What are fraud risk management strategies? Fraud risk management is the process of identifying, understanding, and responding to fraud risks. Proper fraud risk management strategies involve creating a program that detects and prevents fraudulent activity and reduces the risks associated with fraud. Many fraud risk management strategies are built on five principles: Fraud Risk AssessmentFraud Risk GovernanceFraud PreventionFraud DetectionMonitoring and Reporting By understanding these principles, you can build an effective strategy that meets consumer expectations and protects your business. Fraud risk assessment Fraud protection begins with an understanding of your organization’s vulnerabilities. Review your top risk areas and consider the potential losses you could face. Then look at what controls you currently have in place and how you can dial those up or down to impact both risk and customer experience. Fraud risk governance Fraud risk governance generally takes the form of a program encompassing the structure of rules, practices, and processes that surround fraud risk management. This program should include the fraud risk assessment, the roles and responsibilities of various departments, procedures for fraud events, and the plan for on-going monitoring. Fraud prevention “An ounce of prevention is worth a pound of cure.” This adage certainly rings true when it comes to fraud risk management. Having the right controls and procedures in place can help organizations stop a multitude of fraud types before they even get a foot in the door. Account takeover fraud prevention is an ideal example of how organizations can keep themselves and consumers safe. Fraud detection The only way to stop 100% of fraud is to stop 100% of interactions. Since that’s not a sustainable way to run a business, it’s important to have tools in place to detect fraud that’s already entered your ecosystem so you can stop it before damage occurs. These tools should monitor your systems to look for anomalies and risky behaviors and have a way to flag and report suspicious activity. Monitoring and reporting Once your fraud detection system is in place, you need active monitoring and reporting set up. Some fraud detection tools may include automatic next steps for suspicious activity such as step-up authentication or another risk mitigation technique. In other cases, you’ll need to get a person involved. In these cases it’s critical to have documented procedure and routing in place to ensure that potential fraud is assessed and addressed in a timely fashion. How to implement fraud risk management By adhering to the principles above, you can gain a holistic view of your current risk level, determine where you want your risk level to be, and what changes you’ll need to make to get there. While you might already have some of the necessary tools in place, the right next step is usually finding a trusted partner who can help you review your current state and help you use the right fraud prevention services that fit your risk tolerance and customer experience goals. To learn more about how Experian can help you leverage fraud prevention solutions, visit us or request a call. Learn more

There’s an undeniable link between economic and fraud trends. During times of economic stress, fraudsters engage in activities specifically designed to target strained consumers and businesses. By layering risk management and fraud prevention tools, your organization can manage focus on growing safely. Download infographic Review your fraud strategy  

With fraud expected to surge amid uncertain economic conditions, fraudsters are preparing new deception techniques to outsmart businesses and deceive consumers. To help businesses prepare for the coming fraud threats, we created the 2023 Future of Fraud Forecast. Here are the fraud trends we expect to see over the coming year: Fake texts from the boss: Given the prevalence of remote work, there’ll be a sharp rise in employer text fraud where the “boss” texts the employee to buy gift cards, then asks the employee to email the gift card numbers and codes. Beware of fake job postings and mule schemes: With changing economic conditions, fraudsters will create fake remote job postings, specifically designed to lure consumers into applying for the job and providing private details like a social security number or date of birth on a fake employment application. Frankenstein shoppers spell trouble for retailers: Fraudsters can create online shopper profiles using synthetic identities so that the fake shopper’s legitimacy is created to outsmart retailers’ fraud controls. Social media shopping fraud: Social commerce currently has very few identity verification and fraud detection controls in place, making the retailers that sell on these platforms easy targets for fraudulent purchases. Peer-to-peer payment problems: Fraudsters love peer-to-peer payment methods because they’re an instantaneous and irreversible way to move money, enabling fraudsters to get cash with less work and more profit “As fraudsters become more sophisticated and opportunistic, businesses need to proactively integrate the latest technology, data and advanced analytics to mitigate the growing fraud risk,” said Kathleen Peters, Chief Innovation Officer at Experian Decision Analytics in North America. “Experian is committed to continually innovating and bringing solutions to market that help protect consumers and enable businesses to detect and prevent current and future fraud.” To learn more about how to protect your business and customers from rising fraud trends, download the Future of Fraud Forecast and check out Experian’s fraud prevention solutions. Future of Fraud Forecast Press Release

External fraud generally results from deceptive activity intended to produce financial gain that is carried out by an individual, a group of people or an entire organization. Fraudsters may prey on any organization or individual, regardless of the size or nature of their activities. The tactics used are becoming increasingly sophisticated, requiring a multilayered fraud mitigation strategy. Fraud mitigation involves using tools to reduce the frequency or severity of these risks, ultimately protecting the bottom line and the future of the organization. Fraud impacts the bottom line and so much more According to the Federal Trade Commission, consumers reported losing more than $10 billion to fraud in 2023, a 14% increase over the previous year and the highest dollar amount ever reported. These costs extend beyond the face value of the theft to include fees and interest incurred, fines and legal fees, labor and investigation costs and external recovery expenses. Aside from dollar losses and direct costs, fraud can also pose legal risks that lead to fines and other legal actions and diminish credibility with regulators. Word of deceptive activities can also create risk for the brand and reputation. These factors can, in turn, result in a loss of market confidence, making it difficult to retain clients and engage new business. Leveraging fraud mitigation best practices As the future unfolds, three things are fairly certain: 1) The future is likely to bring more technological advances and, thereby, new ways of working and creating. 2) Fraudsters will continue to look for ways to exploit those opportunities. 3) The future is here, today. Organizations that want to remain competitive in the digital economy should make fraud mitigation and prevention an integral part of their operational strategy. Assess the risk environment While enhancing revenue opportunities, the global digital economy has increased the complexity of risk management. Be aware of situations that require people to enforce fraud risk policies. While informed, experienced people are powerful resources, it is important to automate routine decisions where you can and leverage people on the most challenging cases. It is also critical to consider that not every fraud risk aligns directly to losses. Consider touchpoints where information can be exposed that will later be used to commit fraud. Information that crooks attempt to glean from idle chatter during a customer service call can be a source of unexpected vulnerability. These activities can benefit from greater transparency and automated oversight. Create a tactical plan to prevent and handle fraud Leverage analytics wherever possible to streamline decisions and choose the right level of friction that’s appropriate for the risk, and palatable for good customers. Consumers and small businesses have come to expect a customized and frictionless experience. Employee productivity, and ultimately revenue growth, requires the ability to operate with speed and informed confidence. A viable fraud mitigation strategy should incorporate these goals seamlessly with operational objectives. If not, prevention and mitigation controls may be sidelined to get legitimate business done, creating inroads for fraudsters. Look for a partner who can apply the right friction to situations depending on your risk appetite and use existing data (including your internal data and their own data resources) to better identify individual consumers. This identification process can actually smooth the way for known consumers while providing the right protection against fraudsters and giving consumers who are new to your organization a sense of safety and security when logging in for the first time. It's equally important that everyone in your organization is working together to prevent fraud. Establish and document best practices and controls, beginning with fostering a workplace culture in which fraud mitigation is part of everyone's job. Empower and train all staff to identify and report suspicious activity and ensure they know how to raise concerns. Consider implementing ways to encourage open and swift communication, such as anonymous or confidential reporting channels. Stay vigilant and tap into resources for managing risks It is likely impossible to think of every threat your organization might face. Instead, think of fraud mitigation as an ongoing process to identify and isolate any suspected fraud fast — before the activity can develop into a major threat to the bottom line — and manage any fallout. Incorporating technology and robust data collection can fortify governance best practices. Technology can also help you perform the due diligence faster, ensuring compliance with Know Your Customer (KYC) and other regulations. As necessary, work with risk assessment consultants to get an objective, experienced view.  Learn more about fraud risk mitigation and fraud prevention services. Learn more  

What is elder abuse fraud? Financial abuse is reportedly the fastest-growing form of elder abuse, leaving many Americans vulnerable to theft scams, and putting businesses and other organizations on the frontlines to provide protection and help prevent fraud losses.   Financial elder abuse fraud occurs when someone illegally uses a senior’s money or other property. This can be someone they know, or a third party – like fraudsters who are perpetrating romance scams Older consumers and other vulnerable digital newbies were prime targets for this type of abuse during the start of the pandemic when many of them became active online for the first time or started transacting in new ways. This made them especially attractive targets for social engineering (when a fraudster manipulates a person to divulge confidential or private information) and account takeover fraud. While most of us have become used to life online (in fact, there’s been a 25% increase in online activity since the start of the pandemic), some seniors still have risky habits such as poor password maintenance, that can make them more attractive targets for fraudsters. What is the impact of elder abuse fraud? According to the FBI’s Internet Crime Complaint Center (IC3), elder abuse fraud cost Americans over the age of 60 more than $966 million in 2020. In addition to the direct cost to consumers, elder abuse fraud can leave organizations vulnerable to the fallout from data breaches via account takeover, and lost time and money spent helping seniors and other vulnerable Americans recoup their losses, reset accounts, and more. Further, the victim may associate the fraud with the bank, healthcare provider, or other businesses where the account was taken over and decide to stop utilizing that entity all together. How can organizations prevent elder abuse fraud? Preventing elder abuse fraud can take many forms. Organizations should start with a robust fraud management solution that can help prevent account takeover, first-party, synthetic identity fraud, and more. This platform should also include the ability to use data analysis to detect and flag sudden changes in financial behavior, online activities, and transaction locations that could indicate abuse or takeover of the account. With the right fraud strategy in place, organizations can help prevent fraud and build trust with older generations. Given that 95% of Baby Boomers cite security as the most important aspect of their online experience, this step is too important to miss.   To learn more about how Experian is helping organizations develop and maintain effective fraud and identity solutions, be sure to visit us or request a call. Contact us  

Between social unrest across the globe, the lingering pandemic, and the digital transformation brought on by the health crisis, the fraud landscape has expanded dramatically for businesses and consumers alike. According to Experian’s latest global identity and fraud report, 93% of U.S. companies have mid-to-high concern for fraud, and 81% say that their worries about fraud have increased over the past 12 months. Monitoring unused or dormant accounts for fraud is often a warning directed at consumers. However, it’s now advice an increasing number of businesses are wishing they’d followed, as growing synthetic identity (SID) fraud is fueling a dramatic increase in losses—SID related charge-offs ballooned to $20 billion in 2021 alone, according to the Federal Reserve Bank of Boston. The threat of SIDs SIDs are made to look like an actual consumer, combining both real and fake data to form a new composite identity. They typically evolve using a combination of tactics that include: Identifying and creating relationships with businesses that have a high tolerance for identity discrepancies. These include businesses whose products expose the business to low fraud risk and/or products offered to market segments where identity verification is expected to be challenging. Either of these enable an SID to be planted among consumer data sources. Attaching the SID to existing accounts and relationships that belong to other consumers. Often these existing accounts were established by collusive criminals or by using other SIDs, but there are also ways for legitimate consumers to collect ‘rent’ in exchange for adding other consumers to existing accounts. Either approach improves the SID’s appearance of credit worthiness. Progressively building the SID’s independent ability to access larger and larger amounts of credit until they spend quickly and default on all obligations, leaving no one for the victimized businesses to pursue. “They’re difficult to identify because of the combination of real and fake data and because there’s no actual victim reporting an identity theft. As a result, businesses typically have trouble separating SID losses from credit losses,” said Chris Ryan, Experian’s go-to-market lead for fraud and identity. “SID fraud isn’t committed haphazardly.  It’s carefully planned and executed—and it adapts to policy changes. Some businesses change their underwriting policy or focus on early-lifecycle account activity like purchases, payments, and requests for additional credit to reduce SID losses that occur immediately after an account is opened. SIDs can adapt to this. If six months of responsible account behavior earns a credit line increase or the ability to spend large amounts in a single billing cycle, the perpetrators are willing to wait,” Ryan said. “It’s something businesses and lenders need to be on guard for, especially with the fast-paced holiday shopping season ahead,” he said. Addressing SIDs Solving the increasingly complex problem of SID fraud requires a thoughtful approach. The institutions seeing success at preventing multi-faceted fraud are using a layered approach to identifying and mitigating fraud. Here are three steps lenders can take today to prevent SID fraud across your portfolio: Use data and analytics that extend beyond credit to evaluate identities and their histories more completely. Apply those analytics across the lifecycle from marketing and origination to portfolio management recognizing that SID risk is not restricted to a single lifecycle stage. Have a rigorous verification process that escalates to document verification or the Social Security Administrations Electronic Consent Based SSN Verification (eCBSV) process For more information on how you can leverage a multi-layered approach to fraud in your business, visit our fraud and identity solutions hub or request a call to discuss customizing a solution for your company.

Reports of romance scams have spiked in the past two years, partly due to the rise in popularity of online dating and social apps while Americans were isolated at home. With more consumers looking for love online, fraudsters have jumped on the chance to build intimate, trusted relationships without the immediate pressure to meet in person. And these shams seemingly paid off: from January 1 to July 31, 2021, the Federal Bureau of Investigation (FBI) Internet Crime Complaint Center received over 1,800 complaints related to an online romance scam, resulting in losses of approximately $133 million. These romance scams carry financial and security risks that impact both the targets of the fraud and the businesses with which they interact. Experian predicts that romance scams will continue to rise in 2022, leaving consumers and businesses vulnerable to attacks and theft. What is a romance scam? According to the FBI, a romance scam occurs when “a criminal adopts a fake online identity to gain a victim's affection and trust." Typically, fraudsters seek out their marks in dating or socializing settings, such as online apps, and strive to build intimacy and trust as quickly as possible. To avoid suspicion, they may claim that they travel frequently for work or give other excuses about why they can't meet in person. Their attentions are in the context of love and dating, so it's not uncommon for romance scammers to offer marriage proposals or other commitments to intensify the relationship, but the whole point of this fraud is to get their targets to send money. Sometimes fraudsters simply ask for a “loan" to cover medical expenses, an unforeseen shortfall or even travel costs to see the victim in person. Other times, they might ask for gifts or gift cards. Requests for money ­– whether through direct deposit, gift cards or credit card payments – are all red flags. Increasingly, romance scammers have tried to lure people into investment deals, including cryptocurrency. Romance scams predate the internet by centuries, but the emergence of digital technologies has made them easier to accomplish – and easier to get away with, too. Romance scams are increasing In 2020, there were around 44 million users of online dating services in the United States and this increased to 49 million users in 2021, according to Statista Research Department. By 2022, two years into the COVID-19 pandemic, that number jumped to more than 50 million, and it's projected to rise to 53.3 million by 2025. More users mean more potential targets. According to the Federal Trade Commission (FTC), romance scams hit a record high in 2021, with consumers reporting $547 million in losses that year ­– up 80 percent from 2020. The median individual loss reported to the FTC from romance scams was $2,400. With the help of modern technologies, romance scammers have added new tactics to their grift. For example, in addition to usual requests for money, a target might be asked to participate in bogus investment schemes involving cryptocurrency. In these cases, the median loss was $10,000. According to the FTC, romance scammers have conned Americans out of an estimated $1.3 billion over the past five years. Worryingly, romance scams also present a serious data risk. Damage could spread beyond financial losses into even more hazardous territory if the scammer can gain access to a target's personally identifiable information (PII) or financial data. In these cases, fraudsters might engage in identity theft to create new accounts or take over existing ones. Breaking up with romance scammers Businesses may not be susceptible to the lure of love, but they're still vulnerable when it comes to the fallout from romance scams. Companies must ensure they have a layered solution that seamlessly recognizes returning customers, while monitoring for indicators that the user presenting an identity is not actually the owner of that identity. Some warning signs include logins from a new IP address nowhere near the user's registered physical address; unusual types or frequencies of transactions; and the addition of a suspicious new authorized user to a credit card account. Businesses also have access to fraud prevention help. Using vast data resources, decades of identity and credit risk management, consumer-permissioned data and industry-leading analytics, Experian enables businesses to detect and prevent fraud by identifying credible customers. This empowers businesses to apply the appropriate amount of friction to each interaction to protect their customers, their data and themselves. To learn more about how Experian is assisting businesses with their fraud prevention efforts, visit us or request a call. And keep an eye out for additional in-depth explorations of our Future of Fraud Forecast. Future of Fraud Forecast Fraud Prevention

Across all levels of government, we are seeing a surge in digital modernization — transforming the delivery of traditional services into a contactless, digital environment. Whether it is with the Social Security Administration’s digital modernization effort, the state of California’s Vision 2023, or even at the local level with counties modernizing digital access to records for their citizens. This comes at a time when identity fraud in government services is growing at an alarming rate, with an increase of over 2,900 percent related to government benefits or document fraud in 2020 according to the FTC. A key challenge for any agency planning digital modernization is balancing access with security. This is particularly critical in an environment where over 1 billion records were exposed over a recent five-year span. Given the U.S. population is currently about 330 million, that means each citizen had an average of three breach exposures. Therefore, identity proofing must be a critical part of any agency modernization effort. National Institute of Standards and Technology Special Publication (NIST SP) 800-63 revision 3 lays out a risk assessment to help organizations determine the appropriate level of security to apply based on six areas of impact. However, identity proofing a new citizen through digital channels requires significant friction at levels above Identity Assurance Level 1 (IAL1). The stringent requirement for a biometric match in this standard at IAL2 presents a real challenge to the balance mentioned above, which has led agencies to seek alternatives that both combat the risk of fraud and identity theft and are operationally sound. Experian has been supporting the private sector in this endeavor for years, helping them effectively manage identity theft and fraud concerns while allowing seamless access to services for the vast majority of their consumers. This risk-based approach through our CrossCore® platform and multitude of options to identify and combat fraud allows agencies to deliver the security and accessibility expected by their citizens. CrossCore allows agencies to verify and identify citizens using multiple data points: Traditional personally identifiable information (name, address, Social Security number, date of birth) Email Phone number Device identification Biometrics CrossCore can instantly take the risk information from these risk signals above and initiate additional verification where there is a higher risk of identity theft or fraud, including knowledge-based verification (KBV), one-time passcode (OTP) to a trusted phone number linked to the identity being presented, or even remotely verifying identity documents (e.g., driver’s license, passport, etc.) through our new CrossCore Doc Capture solution. Just recently, Experian helped a state lottery agency implement an efficient identity proofing system to enable digital redemption of winning tickets, saving both the government and the citizens time and money. Experian’s identity, verification, and fraud solutions can help government agencies of all sizes on their journey to digital modernization. To learn more about the options available to your agency, visit us or request a call. CrossCore Doc Capture

Online transactions face a higher chance of being declined because face-to-face transactions come with a higher degree of confidence. Businesses who fail to address this problem run the risk of losing the customer permanently, damaging their reputation and bottom line. What can e-commerce marketplace merchants do to increase the approval rate of online payments without making fraud worse? Here are three tips: 1. Broaden access to data beyond what’s in the authorization stream. Merchants use a variety of solutions to prevent fraud and verify identities, but typically use very limited data to approve a transaction through the authorization stream between a merchant and issuer. The issuing bank often only compares the purchase data to the address listed on the card owner’s account, which can create discrepancies when a customer is trying to send an order to an alternate address from their primary home. That’s why it’s important for merchants to augment their decisioning with additional data sources to help inform the true customer risk profile. 2. Leverage capabilities that can assess risk for both the transaction and the individual behind it. Today, merchants leverage limited data including email address data, device information and other technologies in silos to augment their address verification capabilities. The challenge with these tools is that each judge the risk of a specific component of the transaction or the individual. Where integration is lacking, false positives are amplified. 3. Collaborate and share expertise and data across merchants and issuers. How can Experian help? Leveraging our multidimensional data, technical expertise and advanced analytics capabilities, we can help businesses frictionlessly authenticate valid customers, thus increasing revenue by increased approval rates, without increasing fraud or operating expenses. Only Experian Link™, our frictionless credit card owner verification solution can associate payment card with its owner. This solution combines Experian’s vast data assets – including over 500 million credit card account numbers on file in the U.S. across 250 million consumers – with our advanced analytics capabilities to match and assess the risk of the identity attributes presented to the merchant to the identity attributes contributed by the credit card’s issuer and to Experian’s network of credit and identity inquiries. The result: Experian Link’s patent-pending REST API simply and frictionlessly improves a merchant’s customer experience and helps increase revenue while reducing their fraud and operating expenses. Get started with Experian Link™ now. Experian Link

There’s no doubt that fraudulent transactions can end up costing businesses money , which have led many to implement risk-mitigation strategies across every stage of the purchasing journey. However, this very same protection can increase false declines, and the associated friction can create high rates of cart-abandonment and negative impacts for a business’s brand. What is a false decline? A false decline is a legitimate transaction that is not completed due to suspected fraud or the friction that occurs during verification. False declines occur when a good customer is suspected of fraud and then prevented from completing a purchase. This happens when a company’s fraud prevention solution provides inadequate insight into the identity of the customer, flagging them as a potential bad actor. The result is a missed sale for the business and a frustrating transaction and experience for the customer. Are false declines costing your business money? False declines have high revenue and cost consequences for e-commerce marketplace merchants. By denying a legitimate customer purchase at checkout, businesses risk: Loss of new sales directly impacting revenue 16% of all sales are rejected by e-commerce merchants unnecessarily costing businesses ~$11B in sales annually,1 with an estimated 70% of unwarranted friction as a contributing cause. Loss in customer loyalty and lifetime value Blocked payments can leave customers with a poor impression of your business and there’s a good chance they’ll take their business elsewhere. Tarnished business reputation Today’s customers expect businesses and online services to work seamlessly. 81% of consumers say a positive experience makes them think more highly of a brand. Therefore, your brand might take a hit if unnecessary obstacles prevent them from having a good experience. High operational overhead costs The average business manually reviews 16% of transactions for fraud risk. It is estimated that 10 minutes are needed for each review. This inefficiency can be costly as it takes time away from fraud teams who can work on higher priority or strategic initiatives. Businesses can benefit from a seamless and secure payment experience that drives real-time resolution and eliminates a majority of false declines and bottlenecks, ultimately helping increase approval rates without increasing risk. Get started with Experian Link™ - our frictionless credit card owner verification solution. Learn more 1"E-Commerece Fraud Enigma: The Quest to Maximize Revenue While Minimizing Fraud Report" Aite-Novarica Group, July 2022