by Andy Renshaw
7 minutes • Fraud & Scams • Last Updated June 9, 2025

What Is Synthetic Identity Fraud: How to Detect & Prevent Against It?

Criminals use made-up identities to steal money. That’s the reality of synthetic identity fraud. This type of fraud and money mules work hand in hand in the world of fraud and financial crime. Organized crime groups frequently exploit economic hardship and use online networks to commit fraud at scale. For this reason, synthetic identity fraud is considered the fastest-growing type of financial crime.¹ Detecting and preventing synthetic identity fraud is a critical challenge for businesses and banks as fraudsters use advanced technology to create new personas and money mules obscure stolen funds.

In this article, we’ll break down how synthetic ID fraud fuels money mule networks, the fraud patterns to watch for, and how banks can boost their fraud prevention efforts to block criminals from onboarding with manufactured identities.

Key Takeaways

Synthetic identity fraud involves fabricating a false identity to fraudulently access or establish digital accounts.
Synthetic identity fraud schemes are typically carried out over time by gathering information, mixing real and fake information, and giving the fake persona credibility.
Financial losses from synthetic ID fraud are projected to reach $23 billion by 2030.
The two primary categories of synthetic identity fraud include manipulated and manufactured.

What is Synthetic Identity Fraud?

Synthetic identity (ID) fraud is the creation of a fictitious persona for fraudulent purposes, such as opening a bank account. This fabricated identity is based on a combination of data stolen from real people and invented information. Scammers create these identities by merging the legitimate information of several random people with fake information.

Ultimately, synthetic identities are not real people, but figments of malicious imagination. Scammers often submit their own email addresses and phone numbers to control the account and withdraw money.

Synthetic Identity Fraud vs. Traditional Identity Theft

Synthetic identity fraud shares similarities with traditional identity theft but has key distinctions. Traditional identity theft, or account takeover fraud (ATO), occurs when criminals illegally access a real customer’s account and their personal information, such as name, address, birth date, and identification numbers.

In both cases, scammers can access sensitive information either by using phishing campaigns or purchasing stolen credentials on the dark web.

The key difference between synthetic identity fraud and traditional identity theft boils down to this: traditional identity theft uses a real person’s established and existing identity. Meanwhile, synthetic identity fraud invents a brand new identity using both real and fake information.

How Does Synthetic Identity Fraud Work?

Creating a synthetic identity is just the first stage of a criminal’s plan. Synthetic ID fraud involves a complex process to make the fake persona appear legitimate and believable. Ultimately, it’s a long-term scheme that can yield significant payouts for criminals, resulting in monetary losses for both financial institutions and individuals.

6 Common Tactics of Synthetic ID Fraud

Synthetic identity fraud schemes are typically carried out using several tactics:

Gathering Intel: Fraudsters start with real personal info, often focusing on things like government identification numbers. They get this data from places like data breaches, the dark web, and even social media. Sadly, they often target vulnerable populations like children, the elderly, or unhoused people since their information is less likely to be closely watched.
Merging Fake and Real Information: Next, they mix that stolen data with fake details, like a phony name, phone number, birthday, or address.
Establishing Credibility: They use the synthetic ID to apply for credit. They often get turned down at first because they lack a credit history. However, those denied applications actually start building a credit file for the synthetic ID.
Creating the Identity. Fraudsters develop and mature the synthetic identity over an extended period, sometimes spanning months or even years, slowly gaining access to higher credit limits and better financial products.
- Synthetic ID fraud can involve “piggybacking,” where a synthetic identity is added as an authorized user to an account in good standing to appear more credible.
The Bust-Out: After building a seemingly legitimate credit history and gaining borrowing power, the fraudster executes a final scheme. They maximize all available credit lines before disappearing, leaving financial institutions to absorb the resulting losses.
Repeating the Process: Sophisticated fraudsters frequently generate numerous synthetic identities concurrently, enabling them to expand their operations and maximize illegal profits. The ease with which these cybercrimes can be committed has contributed to their widespread prevalence.

Synthetic Identity Fraud: Statistics & Trends

Synthetic identity fraud has reached unprecedented levels in recent years with an estimated $5 billion lost by businesses as recently as 2024. The trend is only expected to continue as criminals leverage advanced technologies like Generative AI and deepfakes to make their synthetic personas even more convincing.

The Impact of Synthetic ID Fraud

$23 billion: Projected synthetic identity fraud losses by 2030.³
$15,000: Average value of losses from synthetic identity fraud from banks.⁴
7%: Increased rate of synthetic identity fraud losses in the first half of 2024.⁵
18%: Increased rate of synthetic ID fraud linked to account opening in early 2024 from 2023.⁶
44%: Share of respondents who say criminals are using GenAI to create deepfakes.
15M: Estimated share of US individuals who are victims of synthetic ID fraud in the past 10 years—many of whom are unaware.⁷

Types of Synthetic Identity Fraud

Synthetic identity fraud primarily falls into two categories: manipulated and manufactured.

Manipulated synthetic identity fraud involves altering one or more details of a real identity, making it relatively easy to identify.
Manufactured synthetic identity fraud, also known as “Frankenstein Fraud,” is the fastest-growing global financial crime. It involves creating a new identity by combining genuine and fabricated information. Fraudsters frequently merge core data like birth dates or identification numbers with supplementary details such as phone numbers or email addresses.

How to Detect Synthetic Identity Fraud?

Synthetic identity fraud is notoriously tricky to catch. But not all is lost. Here are some things financial institutions can do to get ahead of it and reduce their risk.

Report

Feedzai + Demyst: A Modern Response to Modern Fraud

Learn why market intelligence firm IDC describes Feedzai’s purchase of data management platform Demyst as “a modern response to an ever-growing fraud landscape that demands both precision and agility.”

Learn More

Regularly Conduct Identity Verification

It’s super important to verify government-issued IDs when new customers sign up. And banks shouldn’t just do it once; they should also re-check those IDs regularly to make sure they have the latest versions.

Implement Machine Learning

Fraud detection solutions that utilize identity clustering and other machine learning algorithms can find groups of accounts that seem to be working together, as in the case of a money mule network. This helps banks catch accounts that might have similar info but act differently, or accounts that act similarly but have different info.

Know Your Customers with Biometric Authorization

This type of authorization utilizes technology to validate a customer’s biological characteristics. Biometrics uses things like facial recognition or fingerprints to confirm a customer’s identity. This adds another layer of security, making it much harder for fraudsters to use fake IDs.

Monitor Transactions

Banks need to keep a close eye on transactions and look for anything that seems out of the ordinary for a customer. A good transaction monitoring system should let banks set up rules to watch for specific red flags that could indicate different types of fraud.

Conduct Digital Footprint Analysis

A customer’s online activity can also provide clues. Things like email addresses or phone numbers can be checked to see if they have any history. If a customer has little to no online presence, it could be a warning sign, especially since most fraudsters create new email accounts that match the fake card details they’re trying to use.

How to Prevent Synthetic Identity Theft

Financial institutions can take several key steps to both prevent synthetic identity fraud and uncover money mule networks:

Ramp Up Multi-Factor Authentication (MFA)

Requiring more than one way to verify identity is a huge deterrent. Think of it like having multiple locks on a door. This could include things like sending codes via SMS, requiring email confirmations, or using biometric authentication (like fingerprint or facial recognition). MFA makes it harder for fraudsters to access accounts, even if they somehow get past the initial verification.

Get Serious About Data Matching

Banks need to be extra diligent about cross-checking identity information across different databases. This means comparing data against credit bureaus, government records, and even telecom data. Red flags include things like mismatched addresses, multiple names linked to the same government identification number, or phone numbers with no history. These discrepancies can expose synthetic fraud attempts and also help identify mule accounts, which often exhibit these inconsistencies.

1. Suspicious Government ID Patterns

Provided government ID number does not match age or date of birth.

An ID was recently issued, yet the applicant claims a long-established credit history.

Government ID numbers are often the backbone of synthetic identity fraud. Discrepancies suggest the number is fabricated or improperly obtained.

2. Thin or Non-existent Credit History

Applicant shows almost no credit or payment history despite claiming high-income or established background.

Synthetic identities often start with “clean” credit files or files with minimal data, raising questions about authenticity.

3. Mismatch in Key Details

Address, phone number, or email doesn’t align with other known databases.

Multiple addresses associated with a single government ID.

Con artists piece together data points from various sources, leading to inconsistencies in typical ID verification checks.

4. Multiple Recent Applications

Applicant repeatedly tries to open several new accounts or lines of credit in a short time.

Fraudsters “bust-out” quickly once an identity is established, maximizing available credit before disappearing.

5. Unusual Document Characteristics

Government IDs appear digitally altered or lack standard security features.

Inconsistent fonts, layouts, or holograms.

Fake documents are often less sophisticated or have formatting issues that don’t match official records.

6. Discrepancies in Personal Data

Date of birth conflicts with government ID issuance data or credit file records.

Name variations that don’t align.

Synthetic profiles often use partially correct data mixed with false details, leading to identity data conflicts.

7. Repetitive Contact Information

Same phone number or email address used across multiple unrelated accounts.

Synthetic identities sometimes share contact points to ease management by fraud rings.

8. Recently Activated or Prepaid Phone Numbers

Phone number appears to have just been activated or belongs to a prepaid line with little account history.

Fraudsters favor easily disposable phone numbers, which are difficult to trace and not tied to a physical address.

9. Rapid Credit Utilization

Customer quickly maxes out new credit lines without typical usage patterns (e.g., small purchases and gradual increases).

Synthetic IDs aim to draw out as much credit as possible, as soon as possible, before detection triggers.

10. Inconsistent Income or Employment Claims

Unusual job titles, inconsistent salaries, or employer names that don’t match established business databases.

Fraudsters may fabricate employment details to appear more credible when applying for credit lines or larger loans.

Supercharge ‘Know Your Customer’ (KYC)

Strengthening KYC procedures is essential. This could involve requiring solid document authentication, conducting live video verification, and performing secondary ID checks. Behavioral analytics can also play a role by assessing whether a user’s interaction with an application seems like real human behavior or a scripted, automated pattern. These enhanced KYC measures make it more difficult for fraudsters to create and use synthetic identities and add layers of scrutiny that money mules find hard to navigate.

Team Up with Others

Synthetic identity fraud often slips through the cracks between different financial institutions. That’s why it’s crucial to establish better ways to share data with credit bureaus, government agencies, and other players in the industry. Sharing information on blacklisted identity markers (like flagged Social Security numbers and phone numbers) can prevent fraudsters from using the same synthetic identity or mule account across multiple organizations. This collaborative approach creates a united front against both synthetic identity fraud and money mule schemes.

Key Resources