Socure, the leading platform for digital identity verification, compliance and fraud prevention, has officially published the results from a new report, which focuses on unveiling common patterns of organized fraud networks from countries, such as China and Russia, known for targeting US public sector agencies.
Going by the available details, named as “Fraud in Focus: Exposing Organized Fraud Patterns in Government Programs,” this particular report would go on to detect three suspected fraud rings. Now, while two of those rings were found to be international and one domestic, each one was deemed to leverage a variety of tactics.
As for common techniques for attack, they included exploiting real Personally Identifiable Information, using fabricated business domains, shifting IP addresses through VPN providers, and submitting suspicious or mismatched phone numbers and emails.
To understand the significance of such a development, we must take into account a separate report from Government Accountability Office where it was revealed that fraud costs the federal government upwards of $500 billion annually. In case this wasn’t bad enough; AI-powered technologies are now making it possible for fraudsters to supercharge their efforts, thus hitting government agencies and commercial entities at once, with relentless speed, and at scale.
Talk about Socure’s report on a slightly deeper level, we begin from how it discovered that international bad actors were responsible for up to 12% of all incoming applications for government services and/or loans. These bad actors, on their part, were found to hail from China, Russia, Egypt, Poland and several other nations.
Next up, the report found that fraudsters would target multiple government agencies at once. We get to say so because at least 1 in 4 fraud attempts targeted more than one agency..
Another detail worth a mention relates to fraudsters’ preference of stealing real identities rather than creating new, fabricated ones. In fact, these bad actors emerged as four times more likely to use stolen identities instead of their synthetic counterparts.
Hold on, we still have a couple of bits left to unpack, considering we haven’t yet touched upon the way fraudsters displayed a clear pattern of attacking both government and commercial entities with the same identities. The most affected commercial entities in this particular context included fintechs, traditional banks, credit unions, auto lenders, telecommunications players, as well as online gaming and gambling companies.
We also haven’t touched upon a piece of data claiming how bad actors across the board would evolve tactics to avoid detection, as IP addresses, email addresses and domains linked to an identity were shifted several times within a given day, severely limiting a rules-based or black-list approach to detection.
Among other things, we ought to mention that, for this particular report, Socure conducted two distinct evaluations across government programs.
The first of these evaluations, conducted over a six-month period leveraged Socure’s Sigma Identity and Sigma Synthetic scores to identify high-risk fraud events, and at the same time, categorize them as either synthetic identity fraud or identity theft.
More on the same would reveal how this dataset was used to support qualitative insights, while simultaneously illustrating distinct fraud types and behavioral trends observed within government program activity.
The second evaluation, on its part, would focus on identifying international attack infrastructure. This particular effort deployed IP address geolocation, time zone analysis, and behavioral analysis to highlight patterns associated with coordinated fraud activity originating outside the United States.
Making this all the more significant is Socure’s stature as an industry-leader in its space. For better understanding, the company’s solutions are currently being used by more than 38 state and federal government agencies to stop fraud without compromising access of critical government benefits and services. Beyond that, we ought to mention how Socure for Government (SocureGov) has also been named to the State Risk and Authorization Management (dba GovRAMP) Program’s Authorized Product List.
“This research confirms what many of us have known – government agencies are under coordinated attack from nation states hellbent on exploiting weaknesses in existing identity infrastructure,” said Jordan Burris, Head of Public Sector at Socure. “We need urgent investment in modern, accurate, and intelligence-led identity verification systems to defend against these threats.”
