New Account Fraud: Who’s on the Other Side?

Amy Donaghue

By: Karen Sylvester, AAP, APRP, CAMS, CRCM, NCP, Director, Compliance Education

Fraudsters are constantly looking for ways to swindle money from any source possible, and one of the methods used to get their hands on these funds is new account fraud. And, while it’s imperative that your organization is aware that this is happening, it may not be so easy to spot.

New account fraud, also known as account opening fraud, is when fraudsters use stolen or synthetic identities to open new accounts, intending to max out credits limits before disappearing into the night, usually within 90 days. As financial institutions have evolved their services based on the usage of online banking, it has also created an increase in new account fraud. Fraudsters have also adjusted operations to exploit new weaknesses and boost profits.

Fraudsters will seek out and exploit the weakness in a financial institution’s processes and security defenses. Existing anti-fraud prevention methods used during the new client onboarding process often create friction, negatively affecting the user experience to the point where legitimate prospects may quit the application process because it is too cumbersome. So, many financial institutions take the risk rather than lose potential new accounts and, unfortunately, fraudsters know this is happening.

New account fraud isn’t easily spotted. Just because an applicant can answer all the out-of-wallet questions, it doesn’t mean the information isn’t stolen. On the dark web, legitimate identities can be bought for nearly nothing. Many individuals (or businesses) do not know their information has landed in the wrong hands. Making the identity process even more complicated, identities may be manipulated, so as the individual details are verified, the details may not belong to one person.

Financial institutions often rely on third-party information to validate the information. Once the information is stolen, then manipulated, the verification process becomes even harder. The fraudsters work diligently to create and update the information, opening the account and using the account before the financial institution can detect the fraud and prevent losses.

Fraudsters use a process called ‘cash-cycling’. Cash-cycling is when money is circulated between fraudulent accounts to imitate legitimate financial activity. This activity happens using account-to-account or person-to-person money transfers. As a result, traditional security measures will likely consider these accounts to be completely genuine, whereby the financial institution may open additional services.

The only way to combat new account fraud is by taking a holistic, multi-layered approach to security. By recognizing your standard user’s normal online interactions compared to both legitimate behavior and that of fraudulent accounts, it is possible to weed out fraudsters before the loss is significant.

Resources for Staying on Top of Fraud Scams

Looking for additional information on new account fraud? Check out these events and resources: