According to CyberExpert, the global wave of online crime will still gain in force and dynamics in the coming years. A growing number of perpetrators succeeds in hiding their true identity behind invented personalities.
“Synthetic identities are an growing trend internationally,” says Stephen Topliss, specialist for fraud and identity at the US cyber security service provider Lexis Nexis Risk Solutions.
The Cyberfacheuer of the reinarian Munich Re assumes further increasing “damage frequency”, not least because artificial intelligence also facilitates criminal business. The trade association Germany reports on increasing risk of fraud for its companies.
The raw material invented identities: data leaks
But what is a synthetic identity anyway? “The perpetrators: Inside, usually combine an invented identity with real data: real credit card numbers, postal addresses, email accounts or telephone numbers, in the USA also frequently stolen social security numbers,” says Topliss. The data comes from data leaks and are traded in the Darkweb.
In addition, there are two other methods with which the perpetrators: Inside false identities: “There are-especially AI drives-completely synthetic identities that have been invented one hundred percent,” says Martin Kreuzer, cyber specialist at Munich Re and former investigator. And in the third version, “various existing identities are digitally entertained and composed”.
However, the result is identical in any case: it becomes more difficult to discover the perpetrators. Since Corona pandemic, not only Lexis Nexis Risk Solutions has observed continuous growth in online fraud and other crimes on the Internet.
Stolen real identities for the perpetrators: risky inside
A few years ago, many perpetrators had used completely stolen identities inside, says Topliss. “But now we see a lot more of these synthetic identities. These can be used in different ways and wise: to set up customers: internal accounts in online trading or for applying for credit cards.”
For criminals, a stolen identity carries the risk that the associated real person will quickly notice when bought in his name or transferred money.
“In banking, the perpetrators use: inside synthetic identities to set up” mule accounts “that are used for money laundering,” says Topliss. “At first there is no victim to stand out because the person who has set up the account does not exist at all.”
Most of the online retailers: Inside with false customers: confronted inside
A large field of activity for the perpetrators: inside is fraud when shopping online. “Identity fraud in various forms is one of the most common fraud stitches in online trading,” says a spokesman for the HDE trade association, referring to a survey by the CRIF Economic Occupation.
According to this, 92 percent of German e-commerce companies were already confronted with the fact that one was announced: in a false or foreign identity. “For example, fraudsters order: Inside with stolen data on account and have the goods deliver to parcel stations or vacant apartments.”
Often, a few real data fragments – such as the name and date of birth or chopped login data – are often sufficient to create a synthetic identity that works real when registering in the online shop. “For online retailers: Inside, the technical and financial effort is to be announced: verifying internal identities and sieving fraudsters: to spread out inside, in recent years,” says the spokesman.
Field of activity for beginners: inside
Fraud in online trading is the largest damage driver in the cyber insurance segment for private individuals, as Munich-Re expert Kreuzer says. “In the area of cyber crime, identity theft and the associated fraud stitches are a kind of start. Beginners: Inside, try out and buy instructions and tools from significantly more professional organizations.”
AI creates scale effects and can be used, for example, for the automated distribution of phishing emails. “Skalen effect” means that the more one product is produced for – in this case criminal – companies.
“AI can also be used to create new malware,” says Kreuzer. “That speaks for an increased damage frequency in the future.” In the companies that are affected by fraudulent customers: the burdens could lead to bankruptcy. “Especially for companies that are already in economic imbalance, a cyber attack of the famous drops, which causes the barrel to overflow.”
Damage in billions of billions, and the trend is rising
The exact height of the damage caused by cycling: damage caused inside is unknown. Estimates go into the billions, and the trend is rising. In their statistics, the police and judiciary do not record separately whether an act was committed online.
The quota of fraudulent online orders in retail is also valued: an average of around three percent, as the spokesman for the trade association says. In the CRIFURE survey, 43 percent of German online retailers quantified their fraud-related damage to sums between 10,000 and 100,000 euros; A good fifth even suffered losses of over 100,000 euros.
There is no effective standard for identity examination
National borders blur in the area of cybercrime, since the perpetrators often do not live in the country where they commit their actions. “A main problem is that there is no international standard for the authentication and verification of identities,” says Ralf Wintergerst, CEO of the Munich security technology manufacturer Giesecke+Devrient and President of the Digital Branch Association Bitkom.
“If every country builds a small solution for itself, they are often not internate.” The financial flows, on the other hand, are international. “An agreement on a standard is difficult within the European Union, and then all the more internationally,” says the top manager.