Fraud Alert Will Notify You Before Your Credit is Ruined!
Identity theft comes in a number of different forms. It can involve the use of a stolen credit card for purchasing anything from a shiny new laptop to a pair of shoes (online or at brick-and-mortar merchants); the issuing of fraudulent money transfers from hacked bank accounts; using someone else’s identity to receive medical treatment, and the list goes on and on.
Taking out loans on a victim’s behalf is another form of identity theft fraudsters have been practicing. Let’s take an inside look at what it takes to pull off this type of identity theft attack.
Ingredients for Loan Scams
As with any fraud operation, in order to perform loan scams fraudsters must first obtain all the required ingredients. The special recipe is made up of:
- A handful of “Fullz” credentials. This is a type of credential that is commonly traded in the underground. It contains more information on the victim than even his or her spouse may know, including the victim’s credit card information, social security number, date of birth, mother’s maiden name, driver’s license number, and more.
- A single phone number that can be used to accept incoming calls. This is easily obtainable through a Voice-over-IP service such as Skype.
- One proxy server. This is a server that acts as a type of “middleman” between the fraudster and the sites he communicates with, allowing the fraudster to appear as though he’s located in the United States even if he is based out of another country.
- An “item drop” or drop point. This is basically a street address to which the fraudster can ship items. Item drops and drop points can be obtained in various ways—such as a rented apartment or a PO Box registered on a fake ID—and are quite a common asset in fraudster circles.
Executing Loan Fraud
Now that the fraudster has obtained all the required ingredients for taking out a loan in your name, it’s time to pull off the scam. Here’s how it’s done:
- First, the fraudster will do a background check on the victim. These reports, which are mainly available on U.S. citizens, can be obtained from a number of both free and paid online sources. Considering the amount of information on a person that can be so easily obtained, this make us pretty nervous. A background check can equip the fraudster with information such as the victim’s driver’s license state and expiration date, current or most recent employer, employer address, date of employment, names of relatives and more. In the next step of the loan scam, the fraudster will use this info to answer questions about the victim’s identity.
- The second step involves the fraudster attempting to obtain a credit report using the information he accessed in the background check. Why a credit report? Because it will give the fraudster information on any pre-approved loans, which will give him an idea as to the maximum amount of money he can request in loan applications.
- Next, the fraudster opens a bank account online using the victim’s credentials. In fraudster language, these accounts are called “bank drops,” and they’re used to receive the money from the fraudulent loans. Some fraudsters will leave this account empty, while others might fund a few dollars just to show some activity. At this stage, the fraudster will also order a debit card to his item drop address. He’ll use that card later to cash out the loan’s funds from the account.
- Now it’s time to apply for a loan! This is something the fraudster can do through one of the various lending websites, which allow a person to take a loan through alternative means rather than going the traditional route through a bank or other financial institution. The loan application is completed using the victim’s credentials, of course, with the “bank drop” account being provided as the bank account to receive the loaned money. The phone number that can receive incoming calls may be needed at this stage, as some lending sites try to call the person attempting to take out a loan as means of authentication. If the loan request is successful, the money might even be transferred to the bank account within a single business day, with the exact amount determined by the victim’s credit score.
- At this stage, the loan has been approved and the money is in the bank account. Now, it’s time to cash it out. At this point, the debit card the fraudster obtained comes into play and can be used to retrieve funds at an ATM. Other ways fraudsters obtain cash from loan scams include linking the bank account they opened to various Bitcoin services or P2P money transfer services. By the time it’s time to start re-paying the loan, the fraudster is gone with the money. Loan scams are as straight-forward (and uncomfortably simple) as that, ladies and gentlemen.
Tips to Prevent Loan Scams with the Protection of Fraud Alert
There are different things you can do to reduce the risk of becoming a victim of fraudulent loans. Here are some suggestions:
- Familiarize yourself with phishing attacks and how they work, which is the best way to avoid falling victim to one. Most “Fullz” credentials are obtained through the use of this type of attack.
- Make sure your computer is secure and up-to-date. Use an antivirus software to further protect your computer and reduce the risk of your machine getting infected with malware, which is another method through which fraudsters can collect information on their victims. Check out these recommendations for the Best Free PC Antivirus Software.
- Place a fraud alert to your credit file. Activating fraud alert This will notify lenders that they must take extra measures to verify your identity. If a fraudster sees a fraud alert when pulling your credit report, he might not even bother attempting to request a loan on your behalf.
With data breaches happening more often than ever, it’s crucial to keep track of your financials, use credit monitoring services and get familiarized with ways fraudsters may try to scam you. Loan scams are common and shouldn’t be overlooked, so we recommend going through with the steps above ASAP to keep yourself protected.
Want to see more content like this? Subscribe to get a weekly roundup from BlogDOG.
The LogDog anti-hacking and privacy tool protects the most popular online account types including Gmail, Facebook, and Dropbox by detecting unusual access activity and alerting users so they can take control of their accounts before hackers do.
The service can be used across all devices and OS’s, so you’re always being protected. Here’s the Android and iOS links for you to check out.