Jumio, an identity verification company, recently released its assessment of identity fraud cases between Black Friday and Cyber Monday, reported TechRepublic. The study revealed a surprising development as it showed that the number of new account frauds during the holidays have gone down compared to last year’s numbers.
TechRepublic clarified that the so-called new account creation fraud refers to the “creation of an account using someone else’s personal details.” Usually, fraudsters get the personal information of unknowing victims from leaks.
In the past years, services such as Elasticsearch Cloud Storage, Facebook, First American Financial and Verifications.io all suffered from leaks exposing hundreds of millions of user data. Compromised data include email addresses, passwords, and other identifying info.
Cybercriminals get hold of these data through the dark web. The Jumio report also noted that companies use identity verification methods that “do not assess whether the person supplying the identity information is the actual person they are purporting to be.” These flawed methods include bureau pings and knowledge-based verification.
Jumio notes that the decrease only applies to the number of fraudulent cases during the 2019 holidays compared to the 2018 holidays. In fact, the company has observed that the overall 2019 number of new account frauds has increased by 28%.
This is consistent with the trend the company observed. According to Jumio’s data, the rate of creation of new accounts for fraudulent purposes has been growing since 2014. This could be because criminals are creating these accounts off-season. The report noted that fraudsters may be using the account “during high-traffic days, where they can fly under the radar.”
Aside from the instances of new account creation, the report also found that account takeovers and identity theft increased in 2019. The numbers all surged by two-digit percentages.
Jumio advises consumers to use innovative identity verification methods that use legitimate government IDs and biometrics. However, the company reminded users that they are basically dependent on the cybersecurity measures of the companies they give their data to.
So, while an individual consumer implements as many precautions as they can, their info can still be compromised if the platform is hacked. Moreover, users will not be able to prevent criminals from using stolen data to create fraudulent accounts.
As consumers are at the mercy of various companies that hold their info, Jumio urges these data hosts to improve their security.