Identity Fraud on the Rise: Insights from Sumsub’s Annual Fraud Report
November 25, 20245 min read 分钟阅读
Share
Integrated verification platform Sumsub recently released its fourth annual identity fraud report, revealing increasingly sophisticated fraud strategies and the proliferation of Fraud-as-a-Service (FaaS) models globally. The report highlights a 121% year-on-year growth in identity fraud incidents across the Asia-Pacific (APAC) region in 2024, with deepfake fraud incidents increasing by an alarming 194%. As the digital economy accelerates, these threats pose unprecedented challenges for businesses, consumers, and governments.
Key Identity Fraud Types and High-Risk Industries
According to the report, the five most common types of identity fraud in 2024 are:
Fake Documents (50%) Frequently used in loan applications, visa processing, and other identity verification scenarios.
Refund Fraud (15%) Predominantly targets e-commerce and financial services, exploiting false transactions for undue gains.
Account Takeover (12%) Involves hackers stealing credentials to gain control of accounts, enabling financial theft or data breaches.
Deepfake Fraud (7%) Utilizes AI-generated audio and video to manipulate identities and conduct fraud.
High-Risk Industries The industries most impacted by the rise in fraud incidents are:
Online Dating (265%)
Online Media (180%)
Banking and Insurance (162%)
Fintech (156%)
EdTech (144%)
For instance, dating platforms are increasingly vulnerable to deepfake technology and fake profiles, which scammers use to build trust and deceive users, severely impacting platform credibility.
Fraud-as-a-Service: Lowering the Barriers for Cybercrime
The report highlights the growing influence of Fraud-as-a-Service (FaaS) models in transforming the economics of fraud. FaaS platforms provide comprehensive toolkits for identity theft, account takeovers, and financial scams, making it easier than ever for individuals with no technical expertise to execute large-scale fraudulent operations.
Case Study In the APAC region, fraudsters using FaaS deploy deepfake tools to create fake identification documents, bypassing bank verification systems and resulting in significant financial losses. In Indonesia, fraudsters leverage automated tools to generate bulk refund requests, impacting e-commerce businesses’ profitability.
The Threat of Deepfake Fraud: Beyond Financial Implications
Deepfake fraud, highlighted in the report, poses risks that extend beyond financial fraud into societal and political domains. Alarmingly, 85% of survey respondents expressed concerns about deepfakes being used to interfere in elections by creating fake news, false statements, or fabricated public figure appearances to manipulate public opinion.
Real-World Example In Hong Kong, a case surfaced where scammers used deepfake technology to simulate a company executive’s virtual meeting, convincing employees to authorize a fraudulent transaction worth millions. This incident underscores how such technologies not only jeopardize financial security but also corporate decision-making and reputation.
Strategies for Businesses and Governments
In light of increasingly sophisticated fraud tactics, organizations and governments must adopt a proactive, multi-pronged approach:
Strengthening Identity Verification Implement advanced multi-factor authentication (MFA) and biometric solutions to mitigate identity theft and account takeovers.
Leveraging AI for Detection Employ AI-driven algorithms to detect anomalies and identify potential fraud risks in real time.
Public Awareness Campaigns Educate users on common fraud tactics, emphasizing the importance of scrutinizing unsolicited requests and suspicious documents.
International Collaboration and Regulation Foster regional partnerships to establish robust cybersecurity frameworks and combat cross-border fraud networks effectively.
Securing Digital Transformation: The Role of Goooood® SafeCDN
As businesses increasingly embrace digital operations, cybersecurity must remain a top priority. Goooood® SafeCDN offers critical capabilities to protect organizations and enhance user experiences:
Distributed Architecture: A global network of nodes ensures rapid content delivery and high availability.
Advanced Protection: Integrated DDoS mitigation and Web Application Firewall (WAF) capabilities block malicious traffic in real time.
Deep Monitoring: Real-time traffic analysis enables swift detection and response to anomalies.
Seamless Scalability: Ideal for cross-border enterprises or international brands entering the Chinese market, enabling effortless deployments.
By utilizing Goooood® SafeCDN, businesses can safeguard against sophisticated cyber threats, ensuring smooth digital transformation and secure customer interactions.
Conclusion
Sumsub’s report underscores the escalating complexity of identity fraud, highlighting the critical need for businesses and governments to fortify their defenses. While pursuing digital transformation, organizations must prioritize security to protect both their assets and their customers. Partnering with advanced solutions like Goooood® SafeCDN allows enterprises to mitigate risks, drive growth, and maintain trust in an increasingly digital world.
In a significant cybersecurity incident in 2023, Microsoft’s Exchange Online email service was compromised, affecting the accounts of 22 organizations and hundreds of individuals. Among the victims were high-ranking US government officials, including Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns. The breach was traced back to “Storm-0558”, a hacking group with …
July 6, 2025 — The Epoch Times reported that a third-party customer service system used by Qantas Airways was hacked on July 2, exposing sensitive personal data of approximately six million customers—including names, birth dates, email addresses, and frequent flyer numbers. Critically, the breach was not disclosed to the public until 48 hours later, leaving …
In recent years, Distributed Denial of Service (DDoS) attacks have escalated globally, posing a severe threat to corporate cybersecurity. Japan, as one of the world’s largest economies, has become a prominent target. In the past month, several leading Japanese enterprises were struck by massive DDoS attacks, disrupting critical operations and drawing widespread attention. Incident Overview: …
Identity Fraud on the Rise: Insights from Sumsub’s Annual Fraud Report
Integrated verification platform Sumsub recently released its fourth annual identity fraud report, revealing increasingly sophisticated fraud strategies and the proliferation of Fraud-as-a-Service (FaaS) models globally. The report highlights a 121% year-on-year growth in identity fraud incidents across the Asia-Pacific (APAC) region in 2024, with deepfake fraud incidents increasing by an alarming 194%. As the digital economy accelerates, these threats pose unprecedented challenges for businesses, consumers, and governments.
Key Identity Fraud Types and High-Risk Industries
According to the report, the five most common types of identity fraud in 2024 are:
Frequently used in loan applications, visa processing, and other identity verification scenarios.
Predominantly targets e-commerce and financial services, exploiting false transactions for undue gains.
Involves hackers stealing credentials to gain control of accounts, enabling financial theft or data breaches.
Utilizes AI-generated audio and video to manipulate identities and conduct fraud.
Organized schemes leveraging multiple platforms to achieve large-scale financial gain.
High-Risk Industries
The industries most impacted by the rise in fraud incidents are:
For instance, dating platforms are increasingly vulnerable to deepfake technology and fake profiles, which scammers use to build trust and deceive users, severely impacting platform credibility.
Fraud-as-a-Service: Lowering the Barriers for Cybercrime
The report highlights the growing influence of Fraud-as-a-Service (FaaS) models in transforming the economics of fraud. FaaS platforms provide comprehensive toolkits for identity theft, account takeovers, and financial scams, making it easier than ever for individuals with no technical expertise to execute large-scale fraudulent operations.
Case Study
In the APAC region, fraudsters using FaaS deploy deepfake tools to create fake identification documents, bypassing bank verification systems and resulting in significant financial losses. In Indonesia, fraudsters leverage automated tools to generate bulk refund requests, impacting e-commerce businesses’ profitability.
The Threat of Deepfake Fraud: Beyond Financial Implications
Deepfake fraud, highlighted in the report, poses risks that extend beyond financial fraud into societal and political domains. Alarmingly, 85% of survey respondents expressed concerns about deepfakes being used to interfere in elections by creating fake news, false statements, or fabricated public figure appearances to manipulate public opinion.
Real-World Example
In Hong Kong, a case surfaced where scammers used deepfake technology to simulate a company executive’s virtual meeting, convincing employees to authorize a fraudulent transaction worth millions. This incident underscores how such technologies not only jeopardize financial security but also corporate decision-making and reputation.
Strategies for Businesses and Governments
In light of increasingly sophisticated fraud tactics, organizations and governments must adopt a proactive, multi-pronged approach:
Implement advanced multi-factor authentication (MFA) and biometric solutions to mitigate identity theft and account takeovers.
Employ AI-driven algorithms to detect anomalies and identify potential fraud risks in real time.
Educate users on common fraud tactics, emphasizing the importance of scrutinizing unsolicited requests and suspicious documents.
Foster regional partnerships to establish robust cybersecurity frameworks and combat cross-border fraud networks effectively.
Securing Digital Transformation: The Role of Goooood® SafeCDN
As businesses increasingly embrace digital operations, cybersecurity must remain a top priority. Goooood® SafeCDN offers critical capabilities to protect organizations and enhance user experiences:
By utilizing Goooood® SafeCDN, businesses can safeguard against sophisticated cyber threats, ensuring smooth digital transformation and secure customer interactions.
Conclusion
Sumsub’s report underscores the escalating complexity of identity fraud, highlighting the critical need for businesses and governments to fortify their defenses. While pursuing digital transformation, organizations must prioritize security to protect both their assets and their customers. Partnering with advanced solutions like Goooood® SafeCDN allows enterprises to mitigate risks, drive growth, and maintain trust in an increasingly digital world.
Related Posts
Microsoft Exchange Hit by Major Security Breach: “Storm-0558” Hacker Group Exploits Vulnerability, Compromising US Government Officials’ Accounts
In a significant cybersecurity incident in 2023, Microsoft’s Exchange Online email service was compromised, affecting the accounts of 22 organizations and hundreds of individuals. Among the victims were high-ranking US government officials, including Commerce Secretary Gina Raimondo and US Ambassador to China Nicholas Burns. The breach was traced back to “Storm-0558”, a hacking group with …
Qantas Breach Highlights the Dangers of Delayed Disclosure and Third-Party System Vulnerabilities
July 6, 2025 — The Epoch Times reported that a third-party customer service system used by Qantas Airways was hacked on July 2, exposing sensitive personal data of approximately six million customers—including names, birth dates, email addresses, and frequent flyer numbers. Critically, the breach was not disclosed to the public until 48 hours later, leaving …
Japanese Enterprises Hit by DDoS Attack Surge: The Growing Threat to Cybersecurity
In recent years, Distributed Denial of Service (DDoS) attacks have escalated globally, posing a severe threat to corporate cybersecurity. Japan, as one of the world’s largest economies, has become a prominent target. In the past month, several leading Japanese enterprises were struck by massive DDoS attacks, disrupting critical operations and drawing widespread attention. Incident Overview: …