Browse Definitions :
Definition

synthetic identity theft

Contributor(s): Ivy Wigmore

Synthetic identity theft is the use of someone's personally identifiable information (PII), which the thief combines with made-up details to create a false identity. 

The thief may steal an individual's social security number, for example, and use it in conjunction with a false name and address. The thief typically creates fake businesses to provide the identity with credit and employment histories. Once the identity is established, the thief can use it to obtain credit and open bank accounts, usually for fraudulent purposes. Less frequently, thieves use the information to create new identities for themselves or to sell. 

Synthetic identity theft often goes undetected. The person whose data was stolen doesn't usually also have funds stolen or credit charges made on their accounts because the thief opens new accounts. The thief accesses funds through these accounts, which are not connected to any actual person. 

The direct victims of synthetic identity theft are usually the creditors. Indirectly, consumers suffer as creditor losses are passed on to them. According to experts, the vast majority of identity theft fraud is based on synthetic IDs.

To prevent synthetic identity theft, any organization that stores personally identifying information should ensure that all details match for any given unique identifier

 

This was last updated in January 2014

Continue Reading About synthetic identity theft

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • identity provider

    An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of ...

  • firewall

    A firewall is software or firmware that enforces a set of rules about what data packets will be allowed to enter or leave a ...

  • encryption

    Encryption is the method by which information is converted into secret code that hides the information's true meaning. The ...

SearchHealthIT

SearchDisasterRecovery

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

SearchStorage

Close