ClickCease

8 Major Fraud Types and How to Mitigate Them

Fitzwilliam Anderson
January 12, 2023

In today’s digital-first world, fighting fraud can feel like a Sisyphean task. Just when you think you’ve got fraud under control, another new and dangerous fraud vector emerges. Fortunately, fighting fraud doesn’t have to be overwhelming. Because the vast majority of fraud vectors targeting businesses and consumers today fall into one of the 8 major types covered below, determining the best way to prevent the fraud vector from hurting your business is easy. Let’s explore 8 major fraud types and discuss how enabling advanced digital identity solutions such as cryptographic authentication can help prevent them. 

Fraud Type 1: Identity Theft

Identity theft, aka true name fraud, occurs when a fraudster impersonates a real person, often by stealing their social security number.

How can Prove help? Often, the fraudster will enter the victim’s real information (name, birthday, social security number, etc.) but replace the victim’s real phone number with their own “burner” phone number. Prove Auth can prevent identity theft fraud by determining that the fraudster is not the rightful owner nor in possession of the victim's phone (physical device) during the transaction.

Additional Resources:

Fraud Type 2: First-party Fraud

A common form of first-party fraud occurs when an individual makes an expensive purchase and then falsely disputes the purchase as fraudulent with their credit card company to avoid paying for the purchase. Some fraud experts claim that first-party fraud is more prevalent than third-party fraud vectors like identity theft. 

How can Prove help?  Prove Auth makes it much harder for individuals to falsely dispute charges as it can produce detailed evidence that shows when a user’s verified phone number is associated with the transaction. 

Additional Resources:

Fraud Type 3: Bot Attacks

Fraudsters generate scripts to sign up for online accounts in bulk, often using non-fixed VOIPs in the process. A fraudster uses bot attacks to create thousands of phony accounts, often using real data from victims, for a variety of malicious purposes. 

How can Prove help? Bot Attacks are prevented by confirming proof of possession of each phone number used by an end consumer. Additionally, phone ownership confirms the identity of a consumer is linked to a specific phone number.

Additional Resources:

Fraud Type 4: Physical Theft of Phone

Physical theft of phones is not as scalable as the other frauds listed because it involves a criminal stealing a phone from somebody which is risky and often time-consuming. However, it does happen. After the phone is stolen, the victim will go to their mobile carrier to purchase a new phone and request a legitimate SIM SWAP.

How can Prove help? Trust Score and Trust Score+ can detect when the carrier suspends the phone line and performs a legitimate SIM Swap. Phones with recent SIM swaps earn a lower Trust Score and can be flagged. 

Additional Resources:

Fraud Type 5: Account Takeover Type 1 (Port Attacks)

In this scenario, a fraudster impersonates the victim and ‘ports’ or switches the victim’s phone number from one carrier to another. After gaining control of the victim’s phone number, the fraudster can complete 2FA controls and gain access to a victim’s banking, crypto, and other important accounts to transfer the funds into their personal accounts. 

How can Prove help? Trust Score and Trust Score+ will detect when a victim's phone number is taken over through a SIM swap via a Port-out attack. This attack is more common in taking over existing accounts versus at account creation. This capability is included in the base Trust Score.

Additional Resources:

Fraud Type 6: Account Takeover Type 2 (SIM Swap Fraud)

A SIM swap scam takes place when a fraudster impersonates a victim and requests a device swap within the same carrier. The victim’s phone will be deactivated and the fraudster’s device will begin accepting phone calls and SMS from that number. This is called a SIM swap. After gaining control of the victim’s phone number, the fraudster can complete 2FA controls and gain access to a victim’s banking, crypto, and other important accounts to transfer the funds into their personal accounts. 

How can Prove help? Trust Score+ will detect when a victim's phone number is taken over, through a SIM swap via a device swap attack at the existing carrier. This attack is more common in taking over existing accounts versus at account creation. 

Additional Resources:

Fraud Type 7: Synthetic Identity Fraud

A fraudster will create a synthetic or false identity by combining both real data from a victim with a fictitious social security number. 

How can Prove help? Identity Verify can detect synthetic identities in banking and credit reporting agency (CRA) systems that do not have corresponding synthetic data held by the MNOs

Additional Resources: 

Type 8: Known Fraudster

Most fraudsters are prolific. They don’t just target one victim, they target hundreds or even thousands of victims. When they target a victim, they often take over multiple accounts– crypto, banking, investment accounts, etc. 

How can Prove help? Trust Score and Trust Score+ can detect bad actors and suspect phones that have been used in financial crimes as we launch the Prove fraud network. In addition, we are analyzing the correlation between phone number tenure and recycling behavior to catch known fraudsters and abusers.

The fight against fraud can be challenging, but it is not impossible. By understanding the various types of fraud that exist and using cryptographic authentication-based digital identity solutions like the ones offered by Prove, businesses can protect themselves and prevent fraud from occurring in the first place.

For more information or to schedule a consultation with a fraud prevention expert, contact us.

Tags:
fraud

Keep reading

See all blogs
Comparing Identity Verification Providers for Developers

Developers know identity verification is an essential element of effective digital onboarding and the customer lifecycle. Choosing the right one can feel like navigating a maze of features and complexity. 

Nicholas Dewald
November 15, 2024
Document Verification: An Outdated Identity Check in the Digital Age

In an age where our smartphones have become almost like extensions of ourselves, the identity assurance achieved through smartphone possession and data is a natural evolution.

Leandro Margulis
November 13, 2024
Gig Economy Fraud: Can Digital Identities Be the Solution?

Rodger Desai, CEO of Prove, a leading identity verification solution provider, offers a unique perspective on the rising fraud in the gig economy, advocating for robust digital identity verification as a key defense mechanism.

Brad Rosenfeld
November 6, 2024