Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Fraud & Identity Theft

Report: Identity Fraud Fell 28 Percent in 2010; ‘Friendly Fraud’ Rises

After all the doom and gloom predictions our industry typically sees coming out in December and January, it’s refreshing to see a report highlighting some positive trends. According to the 2011 Identity Fraud Survey Report released today by Javelin Strategy & Research, in 2010 the number of identity fraud victims decreased by 28 percent to 8.1 million adults in the United States, three million fewer victims than in 2009. Total annual fraud decreased from $56 billion to $37 billion, the smallest amount in the eight years of the study.

After all the doom and gloom predictions our industry typically sees coming out in December and January, it’s refreshing to see a report highlighting some positive trends. According to the 2011 Identity Fraud Survey Report released today by Javelin Strategy & Research, in 2010 the number of identity fraud victims decreased by 28 percent to 8.1 million adults in the United States, three million fewer victims than in 2009. Total annual fraud decreased from $56 billion to $37 billion, the smallest amount in the eight years of the study. However, while overall fraud declined, consumer out-of-pocket costs rose significantly, mainly due to the types of fraud that were successfully perpetrated and an increase in “friendly fraud.”

“Identity fraud underwent a marked decline and shift over the past year. This great news is a testament to the significant efforts businesses, the financial services industry and government agencies are making to educate consumers, protect data, and prevent and resolve identity fraud,” said James Van Dyke, president and founder of Javelin Strategy & Research. “Economic conditions also appear to have contributed to this year-over-year decline, as well as increased security measures and some significant law enforcement successes.”

 

Identity Fraud Trends

In its eighth consecutive year, the survey is the nation’s longest-running study of identity fraud, with 37,929 respondents over the past eight years. What is identity fraud? Identity fraud is defined as the unauthorized use of another person’s personal information to achieve illicit financial gain. For the latest survey, Javelin Strategy & Research conducted 5,004 telephone interviews with U.S. consumers.

Key Discoveries from the Fraud Survey:

Overall identity fraud incidents decreased in the United States in 2010 —The number of identity fraud incidents decreased by 28 percent over the past year, which brought them down to levels not seen since 2007. The mean fraud amount per victim declined from $4,991 in 2009 to $4,607. One likely contributing factor was the significant drop in reported data breaches according to industry reports: 404 in 2010 with 26 million records exposed, compared to 604 in 2009 with 221 million records exposed.

Consumer fraud costs increased in 2010 — While fraud incidents decreased, the mean consumer out-of-pocket cost due to identity fraud increased 63 percent from $387 in 2009 to $631 per incident in 2010. This may be attributable to changes in the types of fraud perpetrated in 2010, including new account and debit card fraud, highlighting the need for continued consumer vigilance. Consumer fraud costs include costs incurred by the victim towards payoff of any fraudulent debt as well as fees (legal or otherwise) to resolve fraudulent claims.

New account fraud was most damaging – Although all types of fraud declined over the past year, new account fraud was responsible for the greatest fraud amount ($17 billion). New account fraud, in which accounts have been opened without the victim’s knowledge, is harder to detect and is the most likely to severely impact the victims. Existing card fraud amounts declined by 38 percent to $14 billion from $23 billion in 2009.

Advertisement. Scroll to continue reading.

“Friendly fraud” is on the rise—Friendly fraud − fraud perpetuated by people known to the victim, such as a relative or roommate − grew seven percent last year, with consumers between the ages of 25-34 most likely to be victims of this type of fraud. People in this age group are most likely to have their Social Security number (SSN) stolen—with 41 percent of fraud victims in this group reporting theft of their SSN.

Fraud inversely mirrors retail sales – The study found an interesting correlation between retail sales and fraud incidence, with the amount of fraud almost perfectly inversely mirroring retail sales over the past seven years. When retail sales have increased, fraud has decreased, which points to economic hardships as an overall contributor to fraudsters committing identity crimes

Understanding the Findings

Approximately three million fewer adults were victimized by identity fraud in 2010, compared to 2009. This is the largest single-year decrease since Javelin started tracking data in 2003 and exceeds the combined decline from 2003-2007, when identity fraud started to increase again. The largest drop previously was 800,000 consumers between 2003 and 2004.

Some factors leading to this decline include the more stringent criteria financial institutions are applying to authenticate users and determine credit risk; more Americans monitoring accounts online and using monitoring protection services that can provide updates to mobile devices. Additionally, according to industry data, reported data breaches dropped significantly, with just seven percent of the U.S. population receiving notifications that their information was exposed in a data breach.

Account takeover was one of the most common forms of identity fraud. When examining account takeover trends, the two most popular tactics for fraudsters were adding their name as a registered user on an account or changing the physical address of the account. In 2010, changing the physical address became the most popular method, with 44 percent of account takeover incidents conducted this way.

New account fraud is the most damaging to consumers, and the study found that fraudsters are changing their patterns to make it harder to detect. There was a shift to fraudulent opening of non-bank and non-card accounts, such as health club memberships, home phone and cable subscriptions. This type of fraud will not necessarily be caught by checking credit reports. New account fraud was also the type of fraud most likely to be perpetrated by “friendly fraudsters,” and accounted for roughly 30 percent of new account fraud for which the cause was known. While existing card information would appear to be easy to obtain from acquaintances, existing card fraud was less than half as common as new account fraud.

Interestingly, for at least the past seven years, the state of retail sales has had a direct, inversely proportional correlation to identity fraud, indcating that as retail sales grow, fraud incidents decrease. This may indicate how the state of individuals’ financial conditions correlates to their likelihood to perpetrate identity fraud.

The fraud survey was independently produced by Javelin Strategy & Research and sponsored by Fiserv, Intersections Inc. and Wells Fargo & Company.

“An improving economy, public education and better detection techniques appear to be working. Let’s take this as motivation to redouble our efforts to get out in front of criminals, especially in light of the growing threat of cybercrime,” said Anne Wallace, president of the Identity Theft Assistance Center, commenting on the release of the report today.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Fraud & Identity Theft

Famed hacker Kevin Mitnick has died after a battle with pancreatic cancer.  At the time of his death, he was Chief Hacking Officer at...

Fraud & Identity Theft

A team of researchers has demonstrated a new attack method that affects iPhone owners who use Apple Pay and Visa payment cards. The vulnerabilities...

Cybercrime

Deepfakes, left unchecked, are set to become the cybercriminals’ next big weapon

Cybercrime

A threat actor tracked as ‘Scattered Spider’ is targeting telecommunications and business process outsourcing (BPO) companies in an effort to gain access to mobile...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

Cybercrime

While there are likely many different approaches, here are a few points that are important for enterprises to consider when evaluating bot solutions.