Attacks/Breaches
11/14/2012
02:38 PM
Connect Directly
RSS
E-Mail
50%
50%

Study Finds More Than 10,000 ID Fraud Rings In the U.S.

Georgia, South Carolina, and Florida are among the hotspots for identity theft

The misuse of personally identifiable information (PII) can take many forms, from the filing of fraudulent bank applications with stolen information, to manipulating personal data, to game unsuspecting companies. In a new study released today, ID Analytics' ID: A Labs reveals that this murky underworld is compromised of more than 10,000 identity fraud rings that are operating in the U.S. alone -- many of which are groups of families and friends as opposed to organized crime.

The study analyzed more than 1 billion applications for wireless services, bank cards, and retail credit cards, and uncovered identity fraud rings attacking all three industries. According to the study, Georgia, Florida, and the Carolinas are hotbeds for fraudulent activities across all three industries. Wireless carriers got hit the worst, the report notes.

There are several types of identity fraud, ranging from criminals who become aware of enough information about a specific account to impersonate a victim and take unauthorized actions, to targeting a specific individual and then assuming that person's persona. There is also "synthetic identity fraud," where an identity is completely fabricated and used to commit fraud, as well as people who make subtle or slight changes to their PII in order to commit fraud.

"Another emerging fraud trend which is not identity fraud is that of 'credit muling,' which involves paying a person to use their legitimate PII with the intention to defraud," according to the report. "Note that this is not really identity fraud since the applicant is using only their correct identity information; it's just that they have no intention to repay the debt. This technique is becoming more frequent with wireless customers who have previously earned a decent credit rating."

The report offered no insight into how the fraud rings were actually stealing information. However, it did create a profile of some of the rings, many of which comprise groups of friends and family members, rather than professional crime groups. These familial-based groups often improperly share their personal information with each other and use it as part of fraud schemes.

In one example, the report cited a friends-and-family identity fraud ring in the Indianapolis area that consists of a male and female over the age of 70, a woman who is 48 with the same family name, and a second woman who is 48 with a different last name. All the members of the ring used multiple Social Security numbers and last names, and three used alternate first names and birthdays. According to the report, this ring perpetuated 345 falsified credit card applications and a fraudulent payday loan.

"In this latest research, we have taken a broader approach, looking at connections among bad people rather than studying individual activity," says Dr. Stephen Coggeshall, chief technology officer of ID Analytics, in a statement. "This information enables us to build new variables into our fraud models so we can help our customers to make better decisions and improve protection for consumers."

In the digital world, identity fraud can be used as part of larger targeted attack schemes, notes Richard Henderson, security strategist at FortiGuard Labs.

"There is definitely an identity theft component involved in the information-gathering phase of a targeted attack on corporations -- last year's successful spearphishing attack on RSA involved only four employees," he says. "Undoubtedly, a large amount of doxing or online research was spent tailoring a spear-phishing email that the targets were likely to open."

"Two-factor authentication, using either hardware tokens, software tokens, or lookup tables, is in use by major finance institutions and other high-risk systems," he adds, explaining that passwords should not be considered fool-proof. "Passwords can be easily compromised, whereas some form of two-factor authentication is not so easy to defeat. For access control to vital data, two-factor authentication should be considered as another tool in a corporation's general security strategy."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-0972
Published: 2014-08-01
The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write ...

CVE-2014-2627
Published: 2014-08-01
Unspecified vulnerability in HP NonStop NetBatch G06.14 through G06.32.01, H06 through H06.28, and J06 through J06.17.01 allows remote authenticated users to gain privileges for NetBatch job execution via unknown vectors.

CVE-2014-3009
Published: 2014-08-01
The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.0 through 11.0 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 does not properly handle FRAME elements, which makes it easier for remote authenticated users to conduct ph...

CVE-2014-3302
Published: 2014-08-01
user.php in Cisco WebEx Meetings Server 1.5(.1.131) and earlier does not properly implement the token timer for authenticated encryption, which allows remote attackers to obtain sensitive information via a crafted URL, aka Bug ID CSCuj81708.

CVE-2014-3534
Published: 2014-08-01
arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a c...

Best of the Web
Dark Reading Radio