Fraudsters have all but eliminated indicators used to detect fake identities on line, reports Socure, a predictive analytics provider. The difference between authentic and fake identities is minuscule at best.
Sunil Madhu, chief strategy officer for Socure, said that "while differences in fraudster behavior certainly remain, they have become subtle enough, that relying on a handful of variables is no longer sufficient."
Socure's report is based on actual detected fraud attempts from the company's client base. The study considered hundreds of indicators. Here are some of the more interesting ones:
- Mobile Numbers. When offering a phone number, fraudsters tended to use a "burner" or pre-paid number as opposed to those numbers from one of the top four carriers.
- Boys’ Names. Fraudsters tend to use common male names, like “John” or “David.”
- No Social Media Accounts. 80% of fraudulent identities have no associated social media accounts.
- Device Mislocation. Most fake IDs use IP addresses inconsistent with their actual location.
- No Age. Unless they’re required to do so, fraudsters don't usually provide an age.
- Address Mismatches. Fraudsters use inconsistent information with incorrect zip codes or house numbers.
- Name-to-Email Match. By using a misleading but valid email address, fraudsters can receive a confirmation and avoid detection.
With fraudsters getting better at what they do, we need to get better at securing our data through the use of the proper software defenses. Even more important is training employees to be smarter than the scammers, and tailored, interactive training can help there.
Help Net Security has the story: https://www.helpnetsecurity.com/2018/10/05/identity-fraudsters/