Login
iscover
Fraud is often perceived as a financial crime that starts when money or assets disappear. However, this overlooks the real foundation of fraud: identity crime.
Why identity crime is a growing cause of financial fraud
17 April 2025
•
8 minute read
Long before transactions are compromised, fraudsters steal or fabricate identities, setting the stage for their schemes. Businesses tend to focus on stopping fraud at the point of financial loss, but by then, the damage is already done.
To combat fraud effectively, organisations must shift their focus to the early stages of identity crime, such as phishing attacks, credential theft, and synthetic identity creation.
You’re out of free articles for this month
To continue reading the rest of this article, please log in.
Create free account to get unlimited news articles and more!
Rethinking the fraud timeline
Traditional fraud prevention measures focus on detecting suspicious transactions. While this is important, it is a reactive approach that comes too late in the fraud lifecycle. Financial fraud is merely the final step in a longer sequence that begins with identity crime.
Criminals use stolen identities, synthetic profiles, and compromised credentials to gain access to financial accounts or create new ones under false pretences. Once they have established control, fraudulent transactions become inevitable. A more effective strategy is to prevent identity theft from occurring in the first place.
How identity crime leads to fraud
Fraud follows a predictable path that begins with identity theft and culminates in financial exploitation. Two of the most common methods used by criminals are new account fraud (NAF) and account takeover (ATO).
NAF occurs when fraudsters use stolen or fabricated identity data to open new accounts. They obtain personally identifiable information (PII) from data breaches or dark web sources, using it to create fake profiles.
In some cases, they generate synthetic identities by blending real and fake data, allowing them to pass basic verification checks. Criminals may also use bots to automate account creation, taking advantage of promotions or referral bonuses. Some accounts are left dormant to gain credibility before being used for fraudulent transactions.
ATO, on the other hand, involves hijacking existing accounts. Fraudsters use credential stuffing, phishing, and social engineering techniques to gain unauthorised access. Many rely on stolen login credentials from previous data breaches, exploiting users’ tendency to reuse passwords.
Others use AI-driven deepfakes to impersonate account holders in video or voice interactions. Once access is gained, fraudsters change account settings, initiate unauthorised transactions, or drain funds before detection.
Why traditional fraud prevention is falling short
Many organisations rely on transactional anomaly detection to identify fraud at the point of payment. While useful, this approach does not address the root cause - identity crime.
Without robust identity verification, businesses allow fraudsters to infiltrate systems undetected, leading to inevitable financial loss. Relying solely on reactive measures results in missed opportunities to prevent fraud before it happens.
Taking a proactive approach
To combat fraud effectively, businesses must adopt proactive, identity-driven security measures. Implementing strong identity verification tools ensures fraudsters cannot use stolen or synthetic identities to open new accounts.
Technologies such as liveness detection and government ID authentication can help distinguish real users from fraudulent actors.
Multi-factor authentication (MFA) adds an additional layer of security, making it harder for fraudsters to gain unauthorised access. However, not all MFA methods are equally secure. Phishing-resistant MFA, such as FIDO2 password-less authentication, eliminates the risk of credential theft by removing passwords from the equation.
Risk-based authentication (RBA) evaluates real-time risk signals, such as geolocation, device reputation, and user behaviour. This dynamic approach ensures only high-risk sessions face additional security challenges, improving the experience for legitimate users while stopping fraudsters.
Advanced fraud detection technologies can also help combat AI-driven attacks. Deepfake detection and voice clone analysis can prevent fraudsters from bypassing verification systems. AI-powered behavioural analytics further enhance security by differentiating between real users and fraudulent actors.
Identity orchestration plays a crucial role in modern fraud prevention. By integrating fraud detection tools across different customer touchpoints, businesses can proactively address risks while maintaining a seamless user experience. This approach improves security while reducing friction for legitimate users, increasing trust and customer satisfaction.
The business case for early fraud prevention
Preventing fraud at the identity stage is not just a security necessity - it is a strategic advantage. Businesses that shift fraud prevention efforts earlier in the customer lifecycle benefit from reduced financial losses, stronger customer trust, and improved operational efficiency.
As digital threats continue to evolve, organisations must adopt a proactive stance, leveraging advanced authentication, AI-driven fraud detection, and identity orchestration to stay ahead of fraudsters.
By securing digital identities, businesses can protect their revenue, reputation, and customer relationships before fraud reaches the transaction stage.
Johan Fantenberg, product and solution director, Ping Identity
You need to be a member to post comments. Become a member for free today!
