What is Synthetic Identity Theft?

It may sound like something out of a bad science fiction movie, but the threat posed by synthetic identity theft is all too real. Despite its strange sounding name, synthetic identity theft does not involve replicants or body doubles, and the threat it poses is to your finances.

In many ways, synthetic identity theft is similar to the traditional form, but there are a few significant twists. While traditional identity theft generally focuses on stealing everything about a targeted individual, including their name, date of birth, credit card information, synthetic identity theft takes more of a mix and match approach.

Instead of hijacking an existing identity and posing as the victim, the perpetrators of synthetic identity theft attacks create brand new identities out of whole cloth. They do so using actual information, like compromised Social Security numbers and bank account information, but the identities they create are entirely unique.

In order to protect yourself from the growing threat of synthetic identity theft, it is helpful to know exactly how it works. In a typical case of synthetic identity theft, the perpetrator combines real data from various sources, including information purchased from the dark web, hacked files and even documents stolen from your household bin. Armed with this information, the criminal then combines this legitimate data with fake information, all with the goal of creating a brand new identity.

Once that phony identity has been established, it can be used to steal money in various ways, including opening fraudulent credit card accounts which are in turn used to make purchases. Some criminals even obtain real loans using their phony credentials, potentially costing the bank many thousands of pounds.

The reason the scam works so well is that much of the information is legitimate. The perpetrator may, for instance, have a real Social Security number, one that is then tied to an entirely new identity. In many cases, banks and credit card issuers have no way of knowing that the information is fraudulent, especially if the stolen Social Security number belongs to a real person with a stellar credit history.

Some perpetrators of synthetic identity theft scams go even further, opening seemingly legitimate bank accounts and credit cards with their stolen and made up information. Once those accounts are established, they use them responsibly – for a time. Then having lulled the banks and credit card issuers into a false sense of security, they strike, racking up thousands of dollars in charges they have no intention of ever paying back.

For those in the banking industry, synthetic identity theft can be far more insidious, and far more difficult to uncover, than other forms of financial crime. In traditional identity theft, the victim’s entire financial life is hijacked. Even if they do not know about the theft until months later, eventually they uncover the crime and report it to the banks, credit card companies and other institutions with which they do business.

That alerts these institutions that something is amiss, but synthetic identity theft offers no such warnings. Since the identity is new, albeit phony, banks may not realise they have been victimised for quite some time, and by then the financial institution could be out tens of thousands of pounds or more.

The threat of synthetic identity theft is very real, and it is growing in popularity. Since this insidious form of financial fraud so often flies under the radar, it is a tempting one for hackers and other criminals. The best way to protect yourself is to safeguard all your personal data, from your bank account to your credit cards and employment documents.