Synthetic Identity Fraud: The Unseen Threat and Its Cost to Businesses

Highlights: 

• Synthetic identity fraud is a rapidly escalating, complex threat, with losses jumping 50% from 2022 to 2023, resulting in unrecoverable financial losses, strained operations, reputational damage, and potential regulatory penalties for businesses.

• To counter this, businesses must adopt advanced, multi-layered fraud strategies, including leveraging machine-learning synthetic identity alerts, expanding to multi-factor authentication with mobile device verification, and consolidating identity and fraud tools into a single, streamlined app for orchestrated checks.

The staggering $100 billion cost of first-party fraud is hard to grasp — until it hits your bottom line. Then the picture snaps into focus, as the damage goes far beyond financial losses, draining internal resources, eroding customer trust, and unraveling brand credibility.

Here, we dig into one of the hardest-to-detect fraud types plaguing businesses today: synthetic identity fraud. We’ll examine the seismic impact it’s having on businesses, why it’s accelerating, and steps businesses can take now to regain control and help shut down fraudsters. 

Understanding Synthetic Identity Fraud

Unlike account takeover fraud, where criminals hijack an existing account, a synthetic identity is a new identity that’s built from the ground up using both real and fake data. For instance, it might pair a stolen Social Security Number (SSN) with made-up identifiers like name, address, and other contact details. 

Because parts of the identity—such as the SSN—are real and verifiable, these applications often sail through verification and origination, enabling the scammers to create a new account. One source estimates that 95% of synthetic identities pass the onboarding process. 

Once approved, the fraudsters sometimes might make regular payments to build up their credit portfolio and potentially maximize their financial gain. They will wait for the ideal moment to “bust out,” max out the account. 

Generative AI has further amplified the threat by enabling the creation of “deep fake” synthetic identities and documents that appear legitimate. Fake bank statements and business certificates with official-looking logos and agency seals are examples of what businesses are seeing today. It’s become such a problem that in 2024, U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) issued a formal alert to financial institutions about the growing use of deepfake media. 

As incidents rise, it’s not “if” but “when.”  

Synthetic identity fraud is becoming more complex and harder to detect and, as a result, incidents are climbing. According to the recent Digital Fraud Trends report from Equifax: 

• Synthetic identities on credit applications have increased 14% year over year since 2020, nearly 50% in four years. 

• Recycled SSNs are more than three times more likely to appear on credit applications. 

• Synthetic identities tend to default within the first six to nine months of account opening, and are up to five times more likely to become delinquent compared to average accounts. 

These days, it’s less about “if” synthetic ID will touch your business, and more about “when” and how deeply.  

Real businesses, Real Consequences 

Because synthetic identities blend real and fake data, it can be nearly impossible to track down the perpetrators. Ultimately, businesses are left with unrecoverable losses, often unsure how many more synthetic IDs remain hidden within their portfolio. 

According to industry estimates, businesses lose between $20 billion to $40 billion to synthetic identity fraud. 

The Equifax Digital Fraud Trends Report supports this trend, revealing that synthetic identity losses jumped a worrisome 50% from 2022 to 2023, with more sharp increases expected in the future. 

Apart from the painful financial losses, which can hit hard in today’s unstable economic environment, there are other intangible risks to businesses, including: 

• Strained operations, as resources are increasingly diverted to put out fraud fires. 

• Reputational damage due to fraudulent activity covered by the media or negative customer reviews that go viral on social platforms. 

• Increased regulatory scrutiny and potential penalties due to lagging Know Your Customer (KYC), Know Your Business (KYB), and anti-money laundering practices. 

Here’s How Businesses Can Act Today 

Doing nothing is no longer an option. If your fraud strategies aren’t keeping up with increasingly sophisticated synthetic identities, you’re behind it, running a losing race. 

But there are ways to catch up. Here are a few go-forward ideas to consider: 

1. Fight technology with technology 

Today’s fraudsters embrace the latest innovations to execute their scams, and businesses should do the same. Synthetic identity alerts are available today that use patent-pending machine-learning algorithms to detect synthetic identity behaviors and patterns at various entry points. For example, alerts can be integrated during account origination to identify applications that trigger an alert and automatically sort them into a manual review process. These alerts can also be powerful account management tools when used as a “back book” or “clean up” append for existing portfolios to identify existing accounts that may have been opened using synthetic identities.

2. Expand beyond SSN verification to include multi-factor authentication 

For example, advanced tools can link a user’s mobile number and device/SIM card via a dynamic, real-time hyperlink to ensure the mobile number is legitimate. If the hyperlink is forwarded to another mobile device, it won’t work. Layering in this automated, highly secure step establishes a crucial identity component—the applicant’s mobile device—as part of an expanded customer/account authentication strategy. 

3. Consolidate multiple identity and fraud tools into a single, streamlined API 

Having one-stop access to identity verification tools, synthetic identity checks, digital risk signals, and more enables the creation of customized workflows to orchestrate verification checks and step up methods at various points along the customer journey. It’s a smart approach that eliminates redundant tech integrations, reduces administrative costs, and easily scales as a business’s fraud strategies evolve.   

Synthetic identity fraud is a fast-moving threat, and every day businesses do nothing, the risk grows. As fraudsters evolve their stealthy tactics, businesses have a choice. They can continue to “react,” suffering the consequences of lost revenue, compromised operations, and potential reputational damage. Or they can step up with stronger tools and tighter controls and take back control before the next synthetic identity slips through.

Discover the suite of data-driven identity and fraud solutions from Equifax.