According to a comprehensive new report (“2018 Fraud Mitigation Study”) from LexisNexis Risk Solutions, the pace of cross-industry fraud is accelerating and becoming more costly. The study surveyed more than 800 fraud mitigation professionals across five different industries (financial services, insurance, healthcare, retail, communications) as well as the government to get a detailed view of the scope and size of cross-industry fraud. One key takeaway from the report is that the identity theft problem is being exacerbated by rampant cross-industry fraud.
This is now the fourth year that LexisNexis Risk Solutions has issued the report, but the first year in which the pace of cross-industry fraud appears to be accelerating. “Our research shows that the incidence of cross-industry fraud has increased since we have been tracking it through the LexisNexis Fraud Mitigation Study. From 2015 to 2017, 84 percent of respondents indicated that they have found that at least one of their cases relates to multiple industries. In this year’s survey, we saw that number increase to 89 percent,” says Vikram Dhawan, Senior Director of Product Management for Identity and Fraud at LexisNexis Risk Solutions.
According to LexisNexis Risk Solutions, the two industries at highest risk of cross-industry fraud are financial services and insurance, while the one industry at the lowest end of the risk scale is the communications industry.
The identity theft problem
As the report suggests, it is becoming easier for fraud to cross over from one industry into another. In one classic scenario outlined in the report, fraudsters falsify tax returns, while also simultaneously falsifying other documents, such as auto insurance claims and healthcare claims.
The risk of that scenario has always existed, of course, but what has changed recently is the spike in the severity of the identity theft problem and the ability of identity thieves to file fake documents with social security numbers obtained from someone else. In other words, it is becoming increasingly common that scammers and hackers obtain the identity of a person via a cyber attack, and then use that personal information and data in order to benefit financially.
In fact, according to the LexisNexis Risk Solutions report, the one fraud scheme that is top of mind for fraud mitigation professionals is identity theft. Nearly one-half (47%) of respondents cited identify theft as their primary concern, up nearly 6 percent in just one year. Other concerns that are top of mind include falsified claims (cited by 42% of respondents) and data hacks or breaches (37%). Often, the victim of identity theft does not even know that their identity has been stolen until it is too late.
In many ways, it is possible to see the identity theft problem and the data breach problem as part and parcel of the same broader issue: hackers are regularly launching cyber attacks against financial services, insurance and healthcare companies, and then using any data breach as a quick and easy way to steal identities. Given the escalating number of data breaches recently, it’s easy to see how that has only compounded the identity theft problem. Over 40% of organizations have now seen an increase in fraud due to data breaches, and the figure is even higher for organizations within the financial services sector (45%) and the healthcare sector (44%).
Once identity theft occurs and personal information has been stolen as the result of a data breach, it can be used to submit false applications, submit fraudulent claims, and file for fraudulent refunds. Information can also be obtained from credit bureaus via credit reports, and then that information used to open fraudulent bank accounts or file falsified credit card applications. All funds that result from these identity theft activities, of course, are directed to the hacker or cyber criminal, and not to the person who had his or her identity stolen.
According to Dhawan, “We see identity theft as one of the biggest enablers of cross-industry fraud. As the world has become more digitally dependent and interconnected, criminals now can tap into rich data stores of personally identifiable information through a few keystrokes. Identity theft has essentially become a low cost method for fraudsters to commit fraud against multiple industries in a short amount of time (if not simultaneously). As such, most organizations are concerned with online fraud versus in-person fraud because of the ease of access and speed that online fraud offers.”