According to the Deloitte Center for Financial Services, synthetic identity fraud is projected to account for at least $23 billion in losses by 2030^[1]. Compared to traditional identity theft, this type of payment fraud is more insidious, often going unnoticed for long periods and being harder to detect. And with the rise of digital interactions and the widespread use of generative AI, fraudsters have more opportunities and tools at their disposal to commit synthetic identity fraud.

In this guide, you’ll learn what synthetic identity fraud is, how it occurs, and what tactics criminals use to steal your data and trick systems into believing their fabricated identities are legitimate. We’ll also discuss how to detect synthetic identity theft and protect yourself from falling victim to it.

What Is Synthetic Identity Fraud and How Does It Happen?

Synthetic identity fraud is a type of crime in which fraudsters combine real and fake personally identifiable information (PII) to create a “new” false identity (often called a Frankenstein ID) and commit financial fraud.

Here’s a closer look at how synthetic identity fraud happens:

1. Stealing personal information—Cybercriminals obtain legitimate personal data such as a real Social Security number (SSN), often from children or individuals with little to no credit history. They use methods like phishing attacks, vishing scams, data breaches, dumpster diving, or stolen/lost wallets. These tactics are similar to those used in CNP fraud, BEC scams, or SIM swap scams.
2. Adding fabricated details—Fraudsters combine stolen information with fake names, birthdates, or addresses to create a synthetic identity that appears genuine to financial institutions, retailers, and other service providers.
3. Establishing a solid financial footprint—Cybercriminals may take out loans and make timely payments to gradually build a credit history and increase the believability of the synthetic identity. This process can take months or years, with fraudsters often having multiple synthetic identities that they’re growing simultaneously.
4. Committing fraud—Once they build a good credit score, the fraudsters may “bust out”—secure sizeable loans and max out their credit cards with no intention of repaying them. They might also make fraudulent purchases or even apply for government benefits. These actions often leave financial institutions with significant losses once the fraud is discovered.

How Does Synthetic Identity Fraud Differ From Traditional Identity Theft?

Synthetic identity fraud involves creating a new, false identity by combining real, stolen information with fabricated details. In contrast, traditional identity theft involves stealing and using your complete identity for fraudulent purposes.

As such, synthetic identity fraud is harder to detect—the fabricated identity doesn’t belong to a real person, and the warning signs might not be as easily evident. With traditional identity theft, you might notice strange activity on your bank accounts, such as unauthorized charges or a change of address. Meanwhile, if someone used your SSN to create a synthetic identity, they probably wouldn’t open accounts under your name.

Ways Synthetic Identity Fraud Can Impact You

Synthetic identity theft can have several significant consequences for you, including:

1. Damage to your credit score
2. Legal issues
3. Increased financial costs

Damage to Your Credit Score

When a fraudster uses your SSN to create a synthetic identity, the activity on their accounts can be added to your main credit file in a fragmented credit file^[2]. 

Missed payments and defaulted loans tied to the fraudulent identity and present in the fragmented credit file can negatively affect your score. As a result, getting approved for credit cards, securing loans, obtaining favorable interest rates, or renting housing may become more challenging since credit scores are often used to assess your financial reliability. 

Legal Issues

While you’re typically not held responsible for fraudulent debt linked to synthetic identity theft once you prove that you weren’t accountable^[3], the misuse of your personal information might still lead to legal complications. 

You may be entangled in disputes while trying to clear your name and prove that the debts aren’t yours. Given that synthetic identities can be complex and difficult to trace, it may take longer to resolve the issue, leaving you to cope with the stress and frustration of lengthy legal processes.

Increased Financial Costs

Even if you’re not the direct victim of synthetic identity fraud, it can still affect you. Banks and lenders often pass losses from synthetic identity fraud onto consumers by raising fees, increasing interest rates, or enforcing stricter lending rules. As a result, borrowing money could become more expensive, and you could face more challenges when applying for credit in the future.

Synthetic Identity Fraud Detection

Synthetic identity fraud is notoriously difficult to spot because it doesn’t always trigger immediate alarms like traditional identity theft. Still, certain red flags can hint at its presence. Here are four key signs to watch for:

1. Unfamiliar activity on your credit report
2. Inconsistent personal information
3. Sudden credit denials
4. Unexpected government notices

Unfamiliar Activity on Your Credit Report

If you notice accounts, inquiries, or addresses on your credit report that you don’t recognize, it could mean your data has been used in synthetic identity fraud. 

While you’re legally entitled to a free annual credit report from each major bureau (Equifax, TransUnion, and Experian), they voluntarily offer weekly access to your credit reports at no cost^[4]. Regularly reviewing the reports can help you catch these issues early and prevent them from escalating.

Inconsistent Personal Information

As synthetic identity fraud pairs real data with fake details, any personal information you don’t recognize is a red flag. If a creditor or agency contacts you about an account linked to incorrect information, such as a wrong name, birth date, or address, it could be a sign that synthetic identity theft is at play.

Sudden Credit Denials

If you’re unexpectedly denied credit or loans despite having a solid financial history, it might be because synthetic identity fraud has affected your credit profile. Fraudulent activity tied to your data could negatively impact your credit score without your knowledge.

Unexpected Government Notices

Receiving tax notices, benefits claims, or other government correspondence about actions you didn’t take might mean your data is part of a synthetic identity fraud scheme. This could lead to complications like denied benefits or tax disputes as fraudsters exploit your information to siphon funds or services meant for you.

How To Prevent Synthetic Identity Fraud

To avoid falling victim to synthetic identity fraud, adopt strategies to keep your PII safe and continuously monitor for any signs it might have been compromised. These include:

• Securing your SSN—Block electronic access to your SSN by calling the Social Security Administration at 1-800-772-1213^[5]. Also, always shred documents containing your SSN, like bank statements, pay stubs, and tax records, before discarding them. 
• Being aware of phishing attempts—Be careful when receiving unsolicited emails, texts, or calls asking for personal data. Always verify the source before sharing any details.
• Avoiding sharing personal information online—Be mindful of what you share online, especially on social media. Personal details like your birthdate, address, and other identifying information can be used to create a synthetic identity.
• Freezing your credit—Placing a security freeze on your credit report can prevent identity thieves from opening new accounts in your name. If you have children, consider freezing their credit, too, as they’re often prime targets for synthetic identity fraud.

While your payment card numbers might not be the primary target of synthetic identity fraudsters, they’re still highly valuable for other types of fraud that could lead to financial losses.

A simple way of protecting them is to use virtual cards for online shopping. These cards act as a stand-in for your real payment card information, reducing the risk of exposure in case of a merchant data breach. While banks such as Citi and Capital One offer virtual cards, opting for a dedicated provider like Privacy gives you comprehensive security and advanced customization features. 

Safeguard Your Payment Card Data With Privacy Cards

After linking your bank account or debit card to Privacy, you can generate multiple virtual cards for single or recurring use to help shield your card information from potential online fraud. Privacy Cards come with unique 16-digit numbers, expiration dates, and CVVs that work like regular cards at checkout.

With Privacy, you can generate three card types:

‍

All Privacy Cards allow you to set custom spending limits and pause or close your virtual cards without impacting the underlying funding source. Privacy will automatically decline all charges that go over your preset limit and block any charges on a paused or closed card, helping protect you against hidden fees and accidental charges.

How Privacy Protects Your Personal Data

As a PCI-DSS-compliant company, Privacy employs multiple security measures similar to those used by banks and government agencies to protect your account and data. 

The platform encrypts your personal data with the AES-256 encryption algorithm, making it virtually impossible for cybercriminals to access sensitive information. Privacy also undergoes regular third-party security audits to ensure compliance with industry standards. 

Other safeguards Privacy employs include:

• Two-factor authentication (2FA)—You can activate 2FA with email, SMS, or authenticator apps like Authy or Google Authenticator to strengthen the security of your Privacy account.
• Transaction alerts—Privacy sends you real-time notifications when your virtual cards are used or declined, helping you monitor card usage and detect potentially suspicious activity promptly.
• OWASP compliance—Privacy follows the Open Web Application Security Project (OWASP) guidelines for secure web development, protecting your data against common web vulnerabilities.

More Convenience With Privacy Cards

Privacy offers several features to make managing virtual cards and online purchases more convenient. 

For example, the Privacy Browser Extension, available for Edge, Firefox, Chrome, Safari, and Safari for iOS, integrates seamlessly with your browser, enabling you to generate virtual cards and securely autofill their details at checkout.

Meanwhile, the Privacy App (compatible with iOS and Android) allows you to generate and manage virtual cards, set spending limits, and monitor card activity directly from your smartphone. 

Other convenience features include:

• 1Password integration—You can use 1Password’s browser extension to manage your passwords and payment information, eliminating the need to memorize or input them manually.
• Card Notes—Privacy lets you add useful notes to your Privacy Cards, such as subscription amounts and renewal dates, helping you remember and track transactions.
• Shared Cards—You can share a Privacy Card with close friends and trusted family members without disclosing your actual card numbers.

How To Join Privacy—Steps and Plans

To join Privacy, follow these four steps:

1. Visit the signup page and create an account
2. Provide the required details to verify your identity
3. Connect a funding source—debit card or bank account
4. Request and generate your first Privacy Virtual Card

You can choose from four Privacy plans, depending on your specific needs:

‍

The Personal plan comes with Single-Use and Merchant-Locked Cards, all card controls, and access to the browser extension and mobile app. With the other plans, you get additional benefits, such as:

• Category-Locked Cards
• Shared Cards
• Card Notes
• Zero-fee international transactions
• Priority support and Live Chat (Mon–Fri, 9 a.m.–5 p.m. ET)
• 1% cashback on eligible purchases (up to $4,500/month)

References

^[1]Deloitte. https://www2.deloitte.com/content/dam/insights/articles/us176550_cfs_fsi-predictions_behavioral-biometrics-and-banking/US176550_Behavioral-biometrics-and-banking.pdf, sourced April 4, 2025

^[2]Equifax. https://www.equifax.com/personal/education/identity-theft/articles/-/learn/synthetic-identity-theft/, sourced April 4, 2025

^[3]The Federal Reserve. https://fedpaymentsimprovement.org/wp-content/uploads/frs-synthetic-identity-payments-fraud-white-paper-july-2019.pdf, sourced April 4, 2025

^[4]FTC. https://consumer.ftc.gov/articles/free-credit-reports#How%20To%20Get%20Your%20Free%20Credit%20Reports, sourced April 4, 2025

^[5]Social Security Administration. https://www.ssa.gov/pubs/EN-05-10220.pdf, sourced April 4, 2025

‍