Published: March 20, 2026
Our bulletin Cyber Threat Watch has been created to help small businesses stay up to date on the latest threats, news, and events affecting their business. The content has been curated to make cybersecurity easy and accessible for both technical and nontechnical readers.
Featured Cyber Threat – Synthetic Identity Fraud
In last month’s bulletin, we discussed business identity risk and how attackers misuse legitimate business information to impersonate trusted organizations. However, identity-related threats don’t always involve impersonating an existing identity. In some cases, attackers create entirely new identities that appear legitimate but don’t correspond to any real entity.
This scheme, known as synthetic identity fraud, is expanding as more services rely on online account creation and automated identity verification. As a result, synthetic identities can pass basic checks and remain undetected for long periods.
What Is Synthetic Identity?
A synthetic identity is a fabricated identity built from a mix of real and fake information. For example, legitimate information may be combined with other details—such as another real or fake name, address, email address, or banking information—to form a new identity that appears credible.
Unlike identity theft, which involves misusing an existing identity belonging to a person, business, or system, synthetic identity fraud creates a new, artificial identity that isn’t tied to any real entity. Because certain elements are genuine, the resulting identity may still appear legitimate—some of the real information used to construct these identities may come from publicly available sources, such as professional networking websites, official company websites, or other online records. Therefore, when identity verification relies primarily on matching existing information, the fraud may be difficult to detect.
How the Fraud Scheme Works
Synthetic identities are commonly used to open accounts and obtain services that require identity verification. Attackers may maintain normal activity within the system to build trust and credibility for months or years until those accounts are used to commit fraud. This type of fraud can remain undetected for the following reasons:
- Synthetic identities combine real and fake information, allowing them to pass automated verification checks and blend into normal account activity.
- Some identity verification processes confirm that information exists but don’t verify whether it is a real identity.
- Artificial intelligence (AI) tools can easily generate convincing identity details to support fabricated identities; one capable of passing basic verification checks can be created within minutes.
- Because they contain real information yet don’t correspond to any real entity, irregularities may remain unnoticed until fraud occurs as the information gradually builds credibility.
What to Do for Your Business
Many small businesses rely on digital services for payments, vendor onboarding, financing, e‑commerce, and customer accounts. Given the nature of synthetic identity, the following practical steps can help reduce potential fraud risk.
- Enhanced Identity Verification
– Use multiple verification methods rather than relying on a single data match
– Review identity profiles for repeated identifiers such as emails, phone numbers, addresses, or bank accounts
– Escalate accounts for manual review when information appears inconsistent or the same identifiers are reused - Ongoing Account Monitoring
– Watch newly created accounts for unusual behavior or sudden changes in activity
– Flag accounts that remain inactive for long periods and later initiate large transactions
– Look for multiple accounts connected to the same identifiers or devices - Authentication and Change Controls
– Require multi-factor authentication (MFA) for email, banking portals, accounting systems, administrative accounts, and remote access
– Verify any changes to sensitive information, such as payment details or password resets, through an additional trusted channel
– Limit who can approve new vendors or update payout instructions and require a second approver for those changes
Conclusion
Synthetic identity fraud is an identity-based threat, in which attackers create credible-looking identities rather than impersonating an existing one. As identity verification becomes more automated and AI makes fabrication easier, small businesses should strengthen verification processes, monitor account activity over time, and tighten authentication and change controls to reduce the fraud risk.
The NCSS encourages businesses to adopt comprehensive security practices and stay informed about evolving threats. We recommend you consider becoming an NCSS member to access a wide range of our services. For more information, visit our Small Business page.
References
https://www.claconnect.com/en/resources/articles/26/synthetic-identity-fraud
https://www.bankinfosecurity.com/ai-tools-synthetic-ids-are-fracturing-kyc-programs-a-30401
https://www.finra.org/sites/default/files/2025-12/2026-annual-regulatory-oversight-report.pdf
https://venturebeat.com/security/ciso-inference-security-platforms-11-runtime-attacks-2026
https://www.securityweek.com/cyber-risk-trends-for-2026-building-resilience-not-just-defenses/
https://liminal.co/articles/2026-predictions-whats-next-fraud-identity/
About the NCSS
The National Cybersecurity Society (NCSS) is committed to improving the online safety and security of the small business community through education, awareness, and advocacy. As a 501(3)(c) organization, the NCSS uses funds from charitable donations and grants to develop educational materials, webinars, weekly cyber tips, videos, and how-to-guides. The organization’s goal is to enable and empower small and medium businesses to obtain cybersecurity services, assist them in understanding their cyber risk, and advise on the type of protection needed. We want to continue to grow our community and encourage you to tell other small businesses we are here to help.
The NCSS is committed to respecting the use of images in our communication efforts. Accordingly, unless otherwise specifically noted, the graphics in our bulletin are sourced under license from Adobe Stock. The header and footer images were designed and purchased through a contract with Eyedea Advertising & Design Studio.