A R T I C L E
Unlocking the Bedroom Fraudster’s Briefcase: Three Tactics the Con-Artist is Using to Work From Home
Isabella Chatterton-Daniels | Producer | Insurance Innovators
In an age where our interactions, documents and identities have been transported online, here are three ways fraudsters are capitalizing on the accelerated move to digital.
As my industry research for Insurance Innovators: Fraud & Claims 2023 comes to a close, I wanted to share some interesting findings with our II community. One topic area which remained a concern for industry professionals was the evolution of fraudsters in the computer age. In fact, 80% of high-profile experts in the field pointed to the identification fraud behaviours developing in tandem with the fast-tracked digital landscape as their top priority in the coming future. The fraudsters of yesterday rifled through your rubbish – now, like many of us, they are learning to achieve far more working from home. Here are my top three picks for fraud leaders to watch in 2023.
This refers to the manipulation of media using machine learning systems, an approach which has generated almost imperceptible video and audio mimicries of real people. They have gained notoriety for their use in spreading false – and generally malicious – information in the political-cultural sphere, something highlighted in a famous public service announcement made by none other than an Obama deepfake.
Though most sensational in the world of celebrities and politicians, with the growing popularity of synthetic voice cloning software – which can be merely a google search away – the world of fraud is ripe with opportunity. These scams are not theoretical: in 2019, a UK energy company was conned out of $243,000 using artificially generated audio of a chief executive’s voice. For many companies now ‘your voice is your password’, but in the future video- and audio- based security may simply not be safe. Above all else, any industry which relies on the legitimacy of photo, audio, and video footage should be concerned. Luckily, deepfakes are, for now, relatively easy to spot if inspected. But this is less true of…
Shallowfakes are deepfakes’ lesser-known cousin. But where their counterparts are famous and attract attention, the obscurity and subtlety which shallowfakes offer may actually pose the greater risk. Shallowfakes are generally fake documents which provide proof of identity or address, or evidence which supports a claim such as an invoice or contract. They also rely on media manipulation, but do not require artificial intelligence and can be achieved with easily accessible basic editing software.
As a result, shallowfakes are not only undetectable with the human eye but can even circumvent advanced detection software – they can even be as simple as printing a hard copy of the document and taking a photo. This can enable fraudsters to file a false claim and provide convincing evidence, or fake entire car crashes with the combination of an edited photo of a different car and a document recording the incident. As a result, document scanning and verification is on the rise, though shallowfakes remain difficult to detect.
INFORMATION THEFT GETS SMARTER
Personal information is frequently stolen from unsuspecting customers, whether through hacking, phishing scams, malware or even social media quizzes. This precious information is then traded on the dark web, sometimes for as little as $2. Fraudsters can then take over the accounts of existing policy-holders using ‘credential stuffing’, or automated attacks using lists of leaked usernames and passwords. They then file false claims – supported by manipulated documents – or set up new accounts under a false identity.
Identity theft has been on the radar of fraud specialists for some time, but the glut of all forms of varied personal information – all available for purchase on the dark web – empowers a tactic called ‘synthetic identity fraud’. This involves the collation of data bought from different real-world sources to create an entirely original and fake identity, which is used to commit new account application fraud. Here there is no direct victim of identity theft, which may seem like a positive – but in fact, with no obvious victim there is by extension no clear opportunity to flag the theft.
This is hardly exhaustive of the variety of dangers which face those on the watch for fraud, but it does reflect at least some of the major trends which are growing in importance. Technological development and changing behaviour are inevitable, but at least we can say ‘forewarned is forearmed’.