New account fraud occurs when scammers use synthetic identities to open up accounts with financial institutions, often with the end goal of illicitly obtaining access to credit cards, loans, and lines of credit.
Fraudsters may use a similar approach to target merchants and other online service providers so that they can place orders using their fraudulently-obtained credit cards.
Read MoreNew account fraud can be thought of as a three-step process. First, fraudsters concoct stolen identities using a combination of real and fake personally identifying information (PII) from one or more victims.
Then, scammers open accounts using these synthetic identities with one or more financial institutions. The goal is to secure illegal access to credit, which scammers then launder elsewhere or use to make purchases and fund their lifestyles.
Read MoreNew account fraud is disturbingly common. In fact, as many in 1 in 7 accounts are opened with fraudulent identities.
Account opening scams are so popular because they’re easy to carry out. Access to consumer data can be had for just a few dollars on the dark web. Lines of credit are similarly easy to obtain. At the same time, new account fraud is difficult to detect but easy to scale, an inequality that tilts the playing field dramatically in favor of bad actors.
Read MoreIn practice, new account fraud isn’t a one-and-done event. Because synthetic identities are easy to manufacture and reuse, scammers often open several accounts before they’re finally caught by law enforcement or criminal investigators.
New account fraudsters can also collaborate with co-conspirators via fraud rings, which can span multiple cities, states, or even countries. In many cases, fraudsters deal hundreds of thousands — or even millions — of dollars worth of fraud losses before they face justice. Worse, other criminals get away without ever being caught.
Read MoreSynthetic identities are difficult to separate from real profiles precisely because synthetic identities aren’t complete fakes.
There are some subtle clues that can help merchants and financial institutions detect scammers who attempt to create new accounts with manufactured identities. The use of “burner” emails and social security number mismatches are signs of new account fraud, as are anomalies in geolocation and IP address data.
Read MoreThe more stringent a bank or merchant’s identity verification procedures are, the more difficult it is for a fraudster to use a synthetic identity to create a new account.
Tools like device fingerprinting, biometric verification, and behavioral analysis can help you root out synthetic identities and block new account fraudsters in their tracks. While excessive friction can discourage real users from signing up, it can also keep bad actors from infiltrating your ecosystem.
Read More
Cybercriminals use phishing or social engineering attacks to steal personal data, such as names, birthdays, and Social Security numbers, then open new bank, loan, or credit accounts using stolen or synthetic identities. The new accounts are then used to make fraudulent purchases.
New account creation fraud can be hard to prevent, but more stringent customer verification using IP address checking, comparing information against profiles from other authorities, and using biometric identification can all help reveal potentially bogus accounts.
Sort of. It’s more accurate to say that hackers create code that either goes through, or works around, bank security to grab personal information. This could be used by the cybercriminal to open an account, but is more often sold on the dark web.
In the US, federal identity validation mandates make it harder to create fake accounts. That said, there are actually apps that will allow users to create realistic fake accounts. Although these are marketed as pranks, thieves use them to steal from real bank accounts.
New account fraud occurs when a fraudster opens a bank account using a stolen or synthetic identity. An example is when a fraudster uses a fake name, along with a real cardholder’s social security number obtained through phishing or data breaches, to open a new bank account and apply for credit.
The accounts can be used to make illegitimate purchases or be used to build credit for a larger scam.
Spotting phony accounts isn’t an exact science, but banks or merchants can look for red flags like newly issued identification documentation (address, driver’s license, etc.). Other signs of suspicious activity include a lack of credit history, small initial purchases or cash deposits, or using mail drops instead of street addresses.
Yes, new account fraud is a federal offense punishable by restitution, plus prison time and/or fines.
New account fraud is very common: the Association of Certified Fraud Examiners (ACFE) revealed that, in 2024, new account fraud was the second most common fraud type after pig butchering, a scam that combines tactics used in romance scams with those present in investment frauds.
